Manage Report Filters

Required Tenable Security Center User Role: Organizational user with appropriate permissions. For more information, see User Roles.

Tip:You can build filters using one or more filter components with defined filter component criteria. Filter components are types of data (e.g., CVE ID or Severity). After you select a filter component, you specify the filter component criteria (e.g., a specific CVE ID or a specific severity level).

In Tenable Security Center, PDF and template-based reports use a chapter structure, so you can specify different filters for individual chapter elements of those reports. CSV, DISA ARF, DISA ASR, and Cyberscope reports do not use a chapter structure, so you can create a set of filter components that apply to every element of the report.

You can manage filters for a single element or for multiple elements at the same time. For more information, see:

Manage Filter Components for a Single Element in a Chapter Report

To manage filter components for a single element in a chapter report in Tenable Security Center:

  1. In the left navigation, click Reporting > Reports.

    The Reports page appears.

  2. In the reports table, click the name of the report you want to edit.

    -or-

    Right-click the row for the report you want to edit, and click Edit.

    The Edit Report page appears.

  3. On the left side of the page, click Definition.

    The report outline appears. This outline is, by default, expanded. For more information, see Edit a Report Outline.

  4. Click the edit icon next to the element you want to edit.

    Tip: To display icons next to a element, hover the cursor over the element.

  5. Do one of the following:

    • Add a filter component.

      Use these steps to add one or more filter components to a single element. For information about the filter components available for vulnerability analysis data or event analysis data, see Vulnerability Analysis Filter Components or Event Analysis Filter Components.

      1. In the Data section, click Add Filter.

      2. Select a filter component from the drop-down box.

      3. Set the filter component criteria, as prompted.

        Depending on the filter component you selected, Tenable Security Center prompts you to type the value you want to filter for or to select from valid values and operators.

        Note: If Tenable Security Center does not prompt you to specify an operator, the unstated operator is equivalent to is equal to or is set to.

      4. Click the check mark next to the filter component to stop editing it.

        Note: The new filter component is not saved until you click Submit.

    • Edit a filter component.

      1. In the Data section, click the pencil icon next to the filter component.
      2. Edit the filter component criteria.

      3. Click the check mark next to the filter component to stop editing it.

        Note: Your changes to the filter are not saved until you click Submit.

    • Delete a filter component.

      In the Data section, click the delete icon next to the filter component.

      Note:Tenable Security Center does not prompt you to confirm the deletion. However, the deletion is not final until you click Submit to save your changes.

  6. Click Submit.

Manage Filter Components for Multiple Elements in a Chapter Report

When managing filter components for a chapter report in Tenable Security Center, you can search the report for elements that use certain filter components, then update the filter component criteria for all matching elements in that report at the same time.

You can use the following filter components to search and update: Address, Audit File, Asset, CVE ID, DNS Name, IAVM ID, Repositories, Scan Policy, and Severity.

For example, if you search a report definition for all elements where the Severity filter component is set to Info, you can update the Severity filter component to Medium for all elements, and add an Audit File filter component to the elements at the same time.

To manage filter components for multiple elements in a chapter report:

  1. In the left navigation, click Reporting > Reports.

    The Reports page appears.

  2. In the reports table, click the name of the report you want to edit.

    -or-

    Right-click the row for the report you want to edit, and click Edit.

    The Edit Report page appears.

  3. On the left side of the page, click Definition.

    The report outline appears. This outline is, by default, expanded. For more information, see Edit a Report Outline.

  4. At the top of the outline, click Find/Update Filters.

To search for specific elements in the report:

  1. In the Search Filters section, click Add Search Filter.
  2. Select a filter component from the drop-down box.
  3. Select an operator from the drop-down box.
    1. If you selected is equal to or contains as operator, type filter component criteria or select a value from the list of valid filter component criteria, as appropriate to the filter component you selected.

  4. Click the check mark at the end of the filter box.

    Tenable Security Center searches the report outline for elements that match your search criteria and displays the results in the Matching Filters box.

To specify the filter updates you want to make:

  1. In the Update Actions section, click Add Search Filter.
  2. Select a filter component from the drop-down box.
  3. Select an operator from the drop-down box.
  4. Type filter component criteria or select a value from the list of valid filter values, as appropriate to the filter component and operator you selected.
  5. Click the check mark at the end of the filter box.

To review and update the filter updates:

  1. In the Matching Filters box, review the list to verify that you want to apply the update to all the listed elements.

    Tip: If you do not want to apply the current update to all the listed elements, it may be more appropriate to manage filter components by individual element. For more information, see Manage Filter Components for a Single Element in a Chapter Report.

  2. Click Update Filters.

    Tenable Security Center applies the updates to the matching elements and returns you to the report outline.

  3. Click Submit to save your changes to the report.

Manage Filter Components for a Non-Chapter Report

In Tenable Security Center, CSV, DISA ARF, DISA ASR, and Cyberscope reports do not use a chapter structure, so you can create a set of filter components that apply to every element of the report.

To manage filter components for a non-chapter report:

  1. In the left navigation, click Reporting > Reports.

    The Reports page appears.

  2. In the reports table, click the name of the report you want to edit.

    -or-

    Right-click the row for the report you want to edit, and click Edit.

    The Edit Report page appears.

  3. Do one of the following:

    • Add a filter component.

      Use these steps to add one or more filter components to a single element. For information about the filter components available for vulnerability analysis data or event analysis data, see Vulnerability Analysis Filter Components or Event Analysis Filter Components.

      1. In the Definition section, click Add Filter.
      2. Select a filter component from the drop-down box.

      3. Set the filter component criteria, as prompted.

        Depending on the filter component you selected, Tenable Security Center prompts you to type the value you want to filter for or to select from valid values and operators.

      4. Click the check mark next to the filter component to stop editing it.

        Note: The new filter component is not saved until you click Submit.

    • Edit a filter component.

      1. In the Definition section, click the edit icon next to the filter component.
      2. Edit the filter criteria.

      3. Click the check mark next to the filter component to stop editing it.

        Note: Your changes to the filter component are not saved until you click Submit.

    • Delete a filter component.

      In the Definition section, click the delete icon next to the filter component.

      Note:Tenable Security Center does not prompt you to confirm the deletion. However, the deletion is not final until you click Submit to save your changes.

  4. Click Submit to save your changes.