TOC & Recently Viewed

Recently Viewed Topics



Tenable provides extremely flexible and simplified reporting through an assortment of report templates and user-friendly report creation interface. Supported report types include the well-known Portable Document Format (PDF), Rich Text Format (RTF), and Comma-Separated Values (CSV) standards for a high level of compatibility and ease of use. CyberScope, DISA ASR, and DISA ARF are also available for specialized needs. These specialized reporting types are enabled or disabled by an admin user of the SecurityCenter. Reports can be scheduled and automatically emailed, shared to one or more specified SecurityCenter users and/or published to one or more sites on completion. Reports can be copied and reused as required. Tenable provides many report templates based on industry standards. When configuring a scan, an existing report template can also be set to run on completion.


To see a list of available reports, click Reporting > Reports.

From the reports page, clicking on a report displays a page to edit the selected report, which is a set of pages that works like the Add Report pages described in detail in the custom report area later in this section. Clicking on the gear icon displays a menu to view the details of, edit, export the report definition, copy, or delete the report.

When creating a new report, the first step is to click the Add button. A window opens and lists high-level categories for available report templates from the SecurityCenter feed. Each category is represented by a name and description of the templates available in the category. The custom section provides standard report types to begin creation of custom reports.

From the Add Report page, the templates can be searched by keyword in the Search Templates option across all the categories or by clicking the high-level category name. Selecting a category (e.g., Monitoring) displays a list of the report templates and a list of keywords that each of the available reports belongs to. Each report indicates the Tenable products that must be used with SecurityCenter for the data in the report to be complete. Once a category is selected, a drop-down menu is available to change the category view. At any time in the search, the Search Templates text entry can be used to filter on keywords. Selecting any of the report templates provides a screen with information about the report and a selectable list of chapters to disable as desired before adding the template and targets to focus the report on by asset list, IP/DNS name, or the repository the results should be taken from.

Once a report template is added to the list of reports, it can be modified from the Edit Report page to customize the report. The reports are created as a template report and can be scheduled as desired. The editing of a report follows the same options as adding a custom report described in the following section.

Custom Report

If an existing template does not satisfy the reporting need, a custom report can be created. From the initial Add Report page, select a report type from the Custom section at the bottom of the page. The screen captures below show the pages of the Custom dialog for a PDF report. Other styles have similar screens.

Add PDF Report

PDF Report Definition

PDF Report Distribution

These pages allow the user to configure, define, and distribute custom vulnerability and event reports. The tables below describe available reporting options.





Name assigned to the report.


Descriptive text for the report.


Determines how often the report runs. Options are On Demand, Now, Once, Daily, Weekly, or Monthly. Selecting each frequency from the drop-down box provides the options for the selected time frame. The schedule can be altered at a later time by editing the report.

Report Options

Style (PDF, RTF)

The report style, paper size, and orientation.

There are three report styles:

  • Plain — a report with basic graphs and without a Cover Logo, for security reasons.
  • Tenable — a report with basic graphs and a Cover Logo.
  • Tenable 3D — a report with enhanced 3D graphs and a Cover Logo.

Note: If a SecurityCenter administrator configured a Classification Type banner, only Plain report styles are listed.

There are two paper sizes:

  • Letter — the standard 8.5 inches x 11 inches letter size.

    Note: If no paper size is specified, letter is assumed.

  • A4 — the standard 8.27 inches x 11.69 inches A4 size.

There are two orientations:

  • Portrait — horizontal.

    Note: If no orientation is specified, portrait is assumed.

  • Landscape — vertical.

Include Cover Page (PDF and RTF)

Include a cover page in the report.

Include Header (PDF only)

Include a predefined header in the report.

Include Footer (PDF only)

Include a predefined footer in the report.

Include Table of Contents (PDF and RTF)

Include a table of contents with the report.

Include Index (PDF and RTF)

Include an Index with the report.

Cover Logo (PDF only)

A custom or default logo to display on the cover page (lower right-hand corner).

Note: For security reasons, the Plain report style does not include a Cover Logo.

Footer Logo (PDF only)

A custom or default logo to display on the cover page (lower center).

Watermark (PDF only)

Add a Confidential or other custom uploaded watermark to each page of the report.

Encrypt PDF (PDF only)

Protect the PDF with a password. The encryption level is 40-bit RC4. When enabled, a password option is displayed for a text entry of a password to use. This password must be used to open the report and view its contents. For more information about this encryption mechanism, please refer to the following URL:

Operational Attribute Set (DISA ARF or CyberScope)

A drop-down box of available predefined operational attributes for adding required information to DISA ARF or CyberScope report types. Only the attribute set defined for the appropriate report appears in the drop-down box.

ASR Content (DISA ASR only)

When creating a report, this drop-down box offers a selection of Benchmark, IAVM, CVE, or Plugin ID to be included.

ASR Record Format (DISA ASR only)

This drop-down box determines the format (Summary or Detail) of the DISA ASR report.

Include ARF (DISA ASR only)

When enabled, allows for the inclusion of a DISA ARF attribute set for the report.


Benchmarks are generated after a scan using certain audit files that have been successfully run against at least one target system.


Tip: To determine what data shows up in your report, browse to the desired data view using the Analysis Tool and locate the desired data set. Save the data set as a query and then select the query as a data source for your report element (chart, table, etc.).

The definition appear differently for different report types.

CSV reports offers a drop-down box to define a data type of Vulnerability, Event, Alert, Ticket, or User, and the ability to define an appropriate filter set or to use a predefined query. A selection to define the columns and number of results to appear in the report is then available for configuration.

DISA ARF, DISA ASR, and CyberScope reports offer a Vulnerability data filter or predefined Query selection from which the report can be defined.

When PDF and RTF reports are selected, this section allows the user to define report elements such as charts, tables and chapters along with their underlying data sources. Each element described below can be used more than once to create multifunction reports with great flexibility. A sample definition section for PDF and RTF reports is displayed below:

Chapter (PDF and RTF)

Chapters consist of sections and groups (table, charts, paragraphs, etc.). They are the primary sections listed in the table of contents and make up the section divisions within the report.

Template (PDF and RTF)

Templates are formatted reports that can be customized using chapter and target selections

Chapter Customizations

When you are working with a chapter, hovering over the chapter reveals icons for Add Element, editing, and deleting the chapter. The following options are available for adding elements to the chapter. Once added, each element can be edited or deleted.


Group (PDF and RTF)

Click the group button to add a group element to the report. Grouping attempts to keep associated elements on the same page, but does not affect the content of the report.

Section (PDF and RTF)

Click to add a section and section title to the report.

Iterator (PDF and RTF)

Click to add an iterator to the report. Iterators are grouping elements that determine the option a report is grouped by. For example, if an Iterator Type of Port is chosen for a vulnerability report, the report is displayed with vulnerability data grouped by detected ports.

To use an iterator, click the iterator button. When adding elements to the report, the iterator can be selected for the location defined in the element.

If an iterator is not selected, the hosts and vulnerabilities are listed in the report individually.


Matrix (PDF and RTF)

Click to add a Matrix chart to the report. Matrix charts have a variety of useful methods to display data in a chart layout within a report. Once the size of the matrix is selected, the individual cells can be configured for displaying data.

The following screenshot shows a four column by four row matrix table to be populated. Selecting a header enables a gear icon drop-down menu to be selected that enables editing the header’s name, deleting the cells in the row or column, and copying the row or column. Clicking on a cell launches a configuration screen to set the data and rules to be used for displaying in the matrix.

Table (PDF and RTF)

Click to add a table element to the report (max results displayed: 999).

The underlying data set has a big effect on the report display. The default view for most reports is host-centric and SecurityCenter presents the user with the ability to choose a vulnerability-centric report (a listing of vulnerabilities with all associated hosts).

Paragraph (PDF and RTF)

Click to add a paragraph element to the report. A paragraph is simply descriptive text that can be inserted anywhere into the report. Use this option to describe table elements or report output for the viewer.

Assurance Report Card

Adds an element to the report based on the results of a selected Assurance Report Card.


Bar Chart (PDF and RTF)

Click to add a bar chart element to the report. A sample bar chart is displayed below:

Pie Chart (PDF and RTF)

Click to add a pie chart element to the report. A sample pie chart is displayed below:

Line Chart (PDF and RTF)

Click to add a line chart element to the report. A sample line chart is displayed below:

Line charts are defined by time (x-axis) and series data (y-axis). When selecting the time, available options include Relative time and Absolute time. One or more series data elements can be chosen and displayed as discrete lines for easy comparison.

Area Chart (PDF and RTF)

Click to add an area chart element to the report. A sample area chart is displayed below:

Area charts are defined by time (x-axis) and series data (y-axis). When selecting the time, available options include Relative time and Absolute time. One or more series data elements can be chosen and displayed as a stackable view for easy comparison.


Publishing Sites

Upon completion of the report, it can be uploaded to one or more defined publishing sites selected from the list.

Email Users

Email Addresses

When a report has run, an email is sent to selected users (with a defined email address) and additionally specified email address.


When a report has run, the completed report is shared in SecurityCenter with other users within the Organization. This is useful if emailing potentially sensitive data is prohibited by organizational policies.

Edit Reports

When editing reports, the options are presented as they have been configured during their creation or addition. On the Definition page an additional link is provided to Find and Update Filters. When this link is selected, a new page is presented with three major options: Search Filters, Update Actions, and Matching Filters.

The Search Filters section allows for adding search filters to find particular conditions throughout the selected report. These include Address, Audit File, Asset, CVE ID, DNS Name, IAVM ID, Repositories, Scan Policy, and Severity. Selecting each of the items changes the drop-down box match filter list to an appropriate selection of conditions to filter on. If the condition selected requires an additional selection from another option, that option appears. Multiple filters can be created to narrow down the matching components.

The Update Actions option allows for setting the new action to trigger on in the report. For instance, if the Search Filter is configured to locate all of the Severity levels that are set to Info and discovered within the last seven days, the Update Actions option can be set to reset the Severity Level trigger to Medium and/or the discovery date to greater than 30 days. When the Update Filters button is clicked, these changes are applied to the report in all of the Matching Filters conditions list.

The Matching Filters option displays a list of all of the filters throughout the report that match the Search Filters criteria.

Report Results

Caution: Either the Oracle Java JRE or OpenJDK along with their accompanying dependencies must be installed on the system hosting the SecurityCenter for PDF reporting to function.

Clicking on Report Results opens a view to the status of running and completed reports. Results are displayed in a list view with the ability to click on an individual report to view its details. An example screen capture of this page is shown below:

Filters are available at the top of the screen to allow the user to view only desired report results. Filter parameters include the Name, Owner, Status, and Finish Time. The Owner filter allows you to view reports owned by your user, shared with your group, or any users managed by your user. Status allows you to view any reports or only completed reports or reports with errors and Finish Time gives you the ability to filter reports for the finish time range by preset times or an explicit time frame. To return to the original report result view, click on the Clear Filters link at the bottom of the filter options.

The results of individual reports are available by using the Download button next to the Completed status. The report is downloaded as a PDF, RTF, CSV, DISA ARF, DISA ASR, or CyberScope file as it was originally created.

Additional options are available from the gear icon drop-down menu. The Copy link allows sharing a selected report with other SecurityCenter Organization users and groups The Email link allows for sharing the report via email by selecting the SecurityCenter users or entering the individual email address(es) for recipients not a part of the SecurityCenter environment. The Publish link allows you to send a completed report to a defined publishing site. Basic report parameters are available using the Details link. Finally, reports can be removed from SecurityCenter using the Delete link.

Report Images

Note: Image files must be of type .png or .jpg. Images used must be consistent when selecting the bit depth (8-bit, 16-bit, 24-bit, etc.). Otherwise, errors might be encountered when generating reports.

The Report Images interface allows a user with permissions to view details, add, edit, or delete PDF report images. Two types of images are managed from this interface: logos and watermarks. Logos are displayed at the bottom of each page, while watermarks are displayed prominently across the center of the report page.

Report Image Options

Option Description


Add a new logo or watermark image. Note that only PNG and JPEG formats are supported. The default image sizes are as follows, all at 300 DPI:

default-cover-logo = 987x130

default-footer-logo = 380x100

default-page-logo = 579x84

default-watermark = 887x610

While there are no set limitations on image size or resolution, using images that are different from these specifications can have a negative impact on report appearance.

Note: The image size must be set to 300 DPI to prevent image breaks.


Edit any of the selected image’s options, including name, description, type and file.


View image details including: name, description, date uploaded, last modified and type.


Delete the highlighted image.

Report Attributes

Report Attributes are used for adding required information to DISA ARF or CyberScope report types. During the Add attribute process, if you select the Type CyberScope or DISA ARF, SecurityCenter displays options appropriate to that attribute type. After adding attributes to the list, they are available for use during report creation of DISA or CyberScope reports.

Report Import and Export

SecurityCenter supports importing and exporting report definitions via the SecurityCenter web interface.

To import a report, click the Import Report item from the Options drop-down menu in the top right of the screen.

Clicking Import Report displays the following page:

The Import Report option allows users to import a report definition exported from another SecurityCenter. Give the imported report a name and click the Choose File button to select the definition from where it was saved to. This option is useful for Organizations running multiple SecurityCenter to provide consistent reports without duplicating the work needed to create the definition templates.

Clicking Export from the gear icon drop-down menu displays the export options under the selected report definition:

The Export button allows users to export the report definition for use by other SecurityCenter users in other Organizations. This allows one user to create a report and other users to import it for consistency in reporting across their Organization.

There are three options to select from when exporting and are described in the following table.

Values for Report Export Options

Option Description

Keep All References

Object References are kept intact. Importing users should be within the same organization and have access to all relevant objects for the components to be useable.

Remove All References

All Object References are removed, altering the definitions of the components. Importing users do not need to make any changes for components to be useable.

Replace With Placeholders

Object References are removed and replaced with their respective names. Importing users can see the name of the reference object, but must replace it with an applicable object within their organization before the component is useable.

Copyright 2017 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.  Tenable,, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc.  All other products or services are trademarks of their respective owners.