Asset Filters

On the Assets tab in Explore use the query builder to build custom queries that display the assets you need to see. You can use up to 35 filters in a custom query.

The following table defines the filters you can use. Not all filters are relevant for all asset types.

Filter Description
ACR

(Requires Tenable Security Center+ license) Filters by the Tenable-defined Asset Criticality Rating (ACR) as an integer from 1 to 10.

For more information, see Asset Criticality Rating in the Tenable Vulnerability Management User Guide.

AES

(Requires Tenable Security Center+ license) Filters by the Tenable-defined Asset Exposure Score (AES) as an integer from 0 to 1000.

For more information, see Asset Exposure Score in the Tenable Vulnerability Management User Guide.

AES Severity

(Requires Tenable Security Center+ license) Filters by the AES category of the AES calculated for the asset.

For more information, see Asset Exposure Score in the Tenable Vulnerability Management User Guide.

Application CPE Allows a text string search to match against available CPEs. The filter may be set to search based on a contains, Exact Match, or Regex Filter filter. The Regex Filter is based on Perl-compatible regular expressions (PCRE).
Asset Tag Filters by the tag assigned to the asset.
DNS Name

Filters by the fully-qualified domain name of the host that the vulnerability was detected on.

First Seen

Filters by the date and time when a scan first identified the asset.

Host ID

Filters by the UUID assigned to the asset by Tenable.
IAVM Displays vulnerabilities based on one or more IVAM IDs. Type multiple IDs as a comma-separated list (e.g., 2011-A-0005,2011-A-0007,2012-A-0004).
IP Addresses Filters by the IPv4 address or IPv6 associated with the asset record.
Last Seen

Filters by the date and time at which the asset was last observed as part of a scan.

MAC Addresses

Filters by the MAC address associated with the asset record.

Name

Filters by the asset identifier, assigned based on the availability of the following attributes in order: Agent name, NetBIOS name, Local hostname, Fully Qualified Domain Name (FQDN), IPv4 address, and IPv6 address.

NetBIOS

Filters by the NetBIOS name for the asset.

Operating System

Filters by the operating system(s) that a scan identified on the asset.

Plugin ID Filters by the plugin ID or range based on a plugin ID. Available operators are equal to (=), not equal to (!=), greater than or equal (>=) and less than or equal to (<=).
Plugin Name

Using the Contains option, type all or a portion of the actual plugin name. For example, entering MS08-067 in the plugin name filter displays vulnerabilities using the plugin named MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (uncredentialed check). Similarly, entering the string uncredentialed displays a list of vulnerabilities with that string in the plugin name.

Use the Regex Match option to filter plugin names based on Perl-compatible regular expressions (PCRE).

Port

This filter is in two parts. First the equality operator is specified to allow matching vulnerabilities with the same ports, different ports, all ports less than or all ports greater than the port filter. The port filter allows a comma separated list of ports. For the larger than or less than filters, only one port may be used.

Note: All host-based vulnerability checks are reported with a port of 0 (zero).

Repository Filters by assets associated with the chosen repository.

Severity

Displays vulnerabilities with the selected severity. For more information, see CVSS vs. VPR.
Source Filters by the type of scanner that identified the asset.
System Type Filters by the system type.
Tenable ID

Filters by the UUID of the asset in Tenable Security Center Director.

Web App URL

Required Additional License: Tenable Web App Scanning

Required Tenable Nessus Version: 10.6.1 or later

The URL for the discovered web application associated with the asset.