TOC & Recently Viewed

Recently Viewed Topics

System Monitoring

The System and Username menus in the top navigation bar contain several options for system monitoring. Some configurations require specific user roles to view and configure.

Diagnostics

Path: System > Diagnostics

This page displays and creates information that assists in troubleshooting issues that may arise while using SecurityCenter.

In the System Status section, the following items are indicated by a green check mark for a properly working status. A red X icon is displayed when the item is in a critical state.

Option

Description

Correct Java Version

The icon is red when a minimal version of Java is not installed as required by certain SecurityCenter features.

Sufficient Disk Space

Once the disk that stores the SecurityCenter data is within 5% of being filled, the icon indicator will turn red.

Correct RPM Package Installed

This indicator is green when the correct RPM is installed for the OS architecture on which it is running.

The Diagnostics File section is used primarily when working with the Tenable Support team. In order to troubleshoot issues that may be encountered, the Support team may request that a diagnostics file be generated with one or more of the Diagnostics File Chapters selected. Clicking the Generate Diagnostics File button will open a page to set the options to be included in the diagnostic file. If selected, the Strip IPs from Chapters option will remove IP addresses from the log files before generating the diagnostics file.

Job Queue

Path: System > Job Queue

Job Queue is a feature of SecurityCenter that allows specified events to be displayed in a list for review.

Job Queue notifications can be viewed and sorted in several ways by clicking on the desired sort column. Using the gear icon drop-down menu next to an item, that item may be viewed for more detail or, if the job is running, the process may be killed. Killing a process should be done only as a last resort, as killing a process may have undesirable effects on other SecurityCenter processes.

System Logs

Path: System > System Logs

Note: The System Logs menu is only available to users with the View Organizational Logs permission set.

View as an Administrator:

View as a Security Manager:

SecurityCenter logs contain detailed information about functionality to troubleshoot unusual system or user activity. The logs include filters, accessible by clicking the double arrow, that allow the user to search logs based on parameters such as date, Initiator (user), module, severity, and keywords. The number in the grey box to the left indicates the number of filters currently in use.

This search flexibility improves debugging and maintains an audit trail of users who access SecurityCenter or perform basic functions such as changing passwords, recasting risks, or running Nessus scans.

About

Path: Username > About

The “About” menu item displays the SecurityCenter version, Server Build ID, and copyright information.

Feeds

Path: Username > Feeds

The Feeds option displays information about the SecurityCenter feeds and plugin sets and, if permitted, a link to update the plugins either through SecurityCenter or by manually uploading plugins. The displayed feeds are for SecurityCenter Feed, Active Plugins, Passive Plugins, and Event Plugins. Only feeds with valid Activation Codes will be able to be updated.

Plugins are scripts used by the Nessus, PVS, and LCE servers to interpret vulnerability data. For ease of operation, Nessus and PVS plugins are managed centrally by SecurityCenter and pushed out to their respective scanners. LCE servers download their own event plugins and SecurityCenter downloads event plugins for its local reference. SecurityCenter does not currently push event plugins to LCE servers.

For more information about plugin/feed settings, see Configuration Settings.

To view and modify plugin and feed schedules:

  1. In the top navigation bar, click Username > Feeds.
  2. View the Plugin Detail Locale section to see the local language configured for the SecurityCenter.
  3. Expand the Schedules section to show the settings for the SecurityCenter Feed, Active Plugins, Passive Plugins, or Event Plugins schedule.
  4. If you want to perform an on-demand plugin update, click Update. You cannot update feeds with invalid activation codes.
  5. If you want to upload a custom feed or plugin file, click Choose File.
  6. Click Submit.

Notifications

Path: Username > Notifications

Notifications are a feature of SecurityCenter that allows specified events to display a pop-up in the lower right-hand corner of the SecurityCenter user interface.

Current notifications can be viewed by clicking on notifications menu item.

Plugins

Path: Username > Plugins

Plugins are scripts used by the Nessus, PVS, and LCE servers to interpret vulnerability data. For ease of operation, Nessus and PVS plugins are managed centrally by SecurityCenter and pushed out to their respective scanners. LCE servers download their own event plugins and SecurityCenter downloads event plugins for its local reference. SecurityCenter does not currently push event plugins to LCE servers.

Within the Plugins interface, the user has the ability to view plugin details/source by clicking the information icon next to the Plugin ID and search for specific plugins utilizing the filtering tools.

Copyright 2017 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.  Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc.  All other products or services are trademarks of their respective owners.