Connect an External PostgreSQL Server

You must configure an external PostgreSQL database if your Tenable Security Center installation meets any of the following criteria:

  • Your Tenable Security Center instance has over 100,000 assets.

  • Your Tenable Security Center instance is a non-rpm installation.

Note: Tenable Security Center does not support multiple Tenable Security Center instances using the same database name in the same PostgreSQL server. The database name should be unique in the PostgreSQL instance.

Note: The minimum required PostgreSQL version is 16.x.

For information about how to configure a PostgreSQL server, see the PostgreSQL documentation.

For sizing recommendations, see the Hardware Requirements and Cloud Requirements.

To connect your Tenable Security Center instance to your PostgreSQL server:

  1. Before you install or upgrade Tenable Security Center, populate the following environment variables:

    • SC_PG_HOST (required)- The IP address or hostname of the external PostgreSQL server.

    • SC_PG_USER (required) - The PostgreSQL username. The user must have CREATEDB and read/write permissions.

    • SC_PG_PORT - The port number. The default port is 5432.

    • SC_PG_PASSWORD - The password for the PostgreSQL user. If you do not provide a password, Tenable Security Center will assume an empty password for the external PostgreSQL user.

    • SC_PG_DATABASE - The database name for the Tenable Security Center data. The default database name is SecurityCenter.

    After you install or upgrade to Tenable Security Center 6.5.0 or later, then Tenable Security Center will attempt to connect to the PostgreSQL instance using the values provided and create a database with the specified database name.