Asset Filters
On the Assets tab in Explore use the query builder to build custom queries that display the assets you need to see. You can use up to 35 filters in a custom query.
The following table defines the filters you can use. Not all filters are relevant for all asset types.
Filter | Description |
---|---|
ACR |
(Requires Tenable Security Center+ license) Filters by the Tenable-defined Asset Criticality Rating (ACR) as an integer from 1 to 10. For more information, see Asset Criticality Rating in the Tenable Vulnerability Management User Guide. |
AES |
(Requires Tenable Security Center+ license) Filters by the Tenable-defined Asset Exposure Score (AES) as an integer from 0 to 1000. For more information, see Asset Exposure Score in the Tenable Vulnerability Management User Guide. |
AES Severity |
(Requires Tenable Security Center+ license) Filters by the AES category of the AES calculated for the asset. For more information, see Asset Exposure Score in the Tenable Vulnerability Management User Guide. |
Application CPE | Allows a text string search to match against available CPEs. The filter may be set to search based on a contains, Exact Match, or Regex Filter filter. The Regex Filter is based on Perl-compatible regular expressions (PCRE). |
Asset Tag | Filters by the tag assigned to the asset. |
DNS Name |
Filters by the fully-qualified domain name of the host that the vulnerability was detected on. |
First Seen |
Filters by the date and time when a scan first identified the asset. |
Host ID |
Filters by the UUID assigned to the asset by Tenable. |
IAVM | Displays vulnerabilities based on one or more IVAM IDs. Type multiple IDs as a comma-separated list (e.g., 2011-A-0005,2011-A-0007,2012-A-0004). |
IP Addresses | Filters by the IPv4 address or IPv6 associated with the asset record. |
Last Seen |
Filters by the date and time at which the asset was last observed as part of a scan. |
MAC Addresses |
Filters by the MAC address associated with the asset record. |
Name |
Filters by the asset identifier, assigned based on the availability of the following attributes in order: Agent name, NetBIOS name, Local hostname, Fully Qualified Domain Name (FQDN), IPv4 address, and IPv6 address. |
NetBIOS |
Filters by the NetBIOS name for the asset. |
Operating System |
Filters by the operating system(s) that a scan identified on the asset. |
Plugin ID | Filters by the plugin ID or range based on a plugin ID. Available operators are equal to (=), not equal to (!=), greater than or equal (>=) and less than or equal to (<=). |
Plugin Name |
Using the Contains option, type all or a portion of the actual plugin name. For example, entering MS08-067 in the plugin name filter displays vulnerabilities using the plugin named MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (uncredentialed check). Similarly, entering the string uncredentialed displays a list of vulnerabilities with that string in the plugin name. Use the Regex Match option to filter plugin names based on Perl-compatible regular expressions (PCRE). |
Port |
This filter is in two parts. First the equality operator is specified to allow matching vulnerabilities with the same ports, different ports, all ports less than or all ports greater than the port filter. The port filter allows a comma separated list of ports. For the larger than or less than filters, only one port may be used. Note: All host-based vulnerability checks are reported with a port of 0 (zero). |
Repository | Filters by assets associated with the chosen repository. |
Severity |
Displays vulnerabilities with the selected severity. For more information, see CVSS vs. VPR. |
Source | Filters by the type of scanner that identified the asset. |
System Type | Filters by the system type. |
Tenable ID |
Filters by the UUID of the asset in Tenable Security Center Director. |
Web App URL |
Required Additional License: Tenable Web App Scanning Required Tenable Nessus Version: 10.6.1 or later The URL for the discovered web application associated with the asset. |