Tenable.sc Troubleshooting

NNM server does not appear to be operational

  1. (missing or bad snippet)
  2. Verify that the NNM server appears as Unable to Connect under Status.
  3. SSH to the remote NNM host to make sure the underlying operating system is operational.
  4. Confirm that the NNM is running (Linux example below):

    # service nnm status

    NNM is stopped

    NNM Proxy (pid 3142) is running

    #

  5. If the NNM service is not running, start the service:

    # service nnm start

    Starting NNM Proxy                                         [  OK  ]

    Starting NNM                                               [  OK  ]

    #

Cannot add an NNM server

  1. Confirm that the NNM proxy is listening on the same port as Tenable.sc (port 8835 by default):

    # ss -pan | grep 8835

    tcp        0      0 0.0.0.0:8835    0.0.0.0:*     LISTEN      406/nnm

  2. Check connectivity by telnetting from the Tenable.sc console into the NNM server on port 8835 (the NNM listening port). If successful, the response includes: Escape character is '^]'.

No vulnerabilities are being received from the NNM server

  1. Ensure that the NNM service is running on the NNM host.
  2. Ensure that the NNM appears in Tenable.sc under Resources > Passive Scanners and that the status of the NNM appears as Working.
  3. Click Edit to ensure that the IP address or hostname, port, username, password, and selected repositories for the NNM are correct.
  4. Edit any incorrect entries to their correct state.
  5. Click Submit to attempt to reinitialize the NNM scanning interface.

NNM plugins fail to update

  1. Manually test a plugin update under Plugins with Update Plugins.

    If successful, Passive Plugins Last Updated updates to the current date and time.

  2. Ensure that the Tenable.sc host allows outbound HTTPS connectivity to the NNM Plugin Update Site.
  3. For all other NNM plugin update issues, contact Tenable Support.