Tenable Security Center Troubleshooting

Tenable Network Monitor server does not appear to be operational

1. Log in to Tenable Security Center as an administrator.
2. Verify that the Tenable Network Monitor server appears as Unable to Connect under Status.
3. SSH to the remote Tenable Network Monitor host to make sure the underlying operating system is operational.

4. Confirm that the Tenable Network Monitor is running (Linux example below):

   # service nnm status

   NNM is stopped
   
   NNM Proxy (pid 3142) is running
   
   #

5. If the Tenable Network Monitor service is not running, start the service:

   # service nnm start
   
   Starting NNM Proxy                                         [  OK  ]
   
   Starting NNM                                               [  OK  ]
   
   #

Cannot add an Tenable Network Monitor server

1. Confirm that the Tenable Network Monitor proxy is listening on the same port as Tenable Security Center (port 8835 by default):

   # ss -pan | grep 8835
   
   tcp        0      0 0.0.0.0:8835    0.0.0.0:*     LISTEN      406/nnm

2. Check connectivity by telnetting from the Tenable Security Center console into the Tenable Network Monitor server on port 8835 (the Tenable Network Monitor listening port). If successful, the response includes: Escape character is '^]'.

No vulnerabilities are being received from the Tenable Network Monitor server

1. Ensure that the Tenable Network Monitor service is running on the Tenable Network Monitor host.
2. Ensure that the Tenable Network Monitor appears in Tenable Security Center under Resources > Passive Scanners and that the status of the Tenable Network Monitor appears as Working.
3. Click Edit to ensure that the IP address or hostname, port, username, password, and selected repositories for the Tenable Network Monitor are correct.
4. Edit any incorrect entries to their correct state.
5. Click Submit to attempt to reinitialize the Tenable Network Monitor scanning interface.

Tenable Network Monitor plugins fail to update

1. Manually test a plugin update under Plugins with Update Plugins.

   If successful, Passive Plugins Last Updated updates to the current date and time.

2. Ensure that the Tenable Security Center host allows outbound HTTPS connectivity to the Tenable Network Monitor Plugin Update Site.
3. For all other Tenable Network Monitor plugin update issues, contact Tenable Support.