Export Scan Results

Required Scan Permissions: Can View

You can export both imported scan results and results that Tenable Vulnerability Management collects directly from scanners.

Tenable Vulnerability Management retains individual scan results until the results are 15 months old.

Note: Filters are not applicable for Tenable Web App Scanning exports, All results will are exported.

Note: For archived scan results (that is, results older than 45 days), Tenable Vulnerability Management limits export types to .nessus and .csv files.

Note: When a scan is actively running, the Export button does not appear in the Tenable Vulnerability Management interface. Wait until the scan completes, then export the scan results.

To export results for an individual scan:

  1. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  2. In the left navigation plane, click Scans.

    The Scans page appears.

  3. Below Scans, choose to view Vulnerability Management Scans or Web Application Scans.

  4. In the Folders section, click a folder to load the scans you want to view.

    The scans table updates to display the scans in the folder you selected.

  5. Do one of the following:

    Location Scope of Export
    Scans table
    1. In the scans table, roll over the scan you want to export.

    2. Click the More button.

      A menu appears.

    3. Click Export.

      The Export plane appears.

    Note: You cannot export scan results from the Scans table if the scan has multiple targets. For scans with multiple targets, you can export scan results for each target from the Scan Details page.

    Scan Details
    1. In the scans table, click the scan you want to export.

      The scan details plane appears below the scan table.

    2. Click the Scan Actions button.

      A menu appears.

    3. Click Export.

      The Export plane appears.

  6. Select an export format:

    Format Description Supported for Archived Scan Results
    Tenable Vulnerability Management Scans
    PDF - Custom

    An Adobe .pdf file.

    Note:Tenable Vulnerability Management cannot export PDF files with more than 400,000 individual scan results.

    No
    PDF - Executive Summary

    An Adobe .pdf file.

    Note:Tenable Vulnerability Management cannot export PDF files with more than 400,000 individual scan results.

    No
    HTML - Custom A web-based .html file. No
    HTML - Executive Summary A web-based .html file. No
    Nessus

    A .nessus file in XML format that contains the list of targets, scan settings defined by the user, and scan results. Tenable Vulnerability Management strips password credentials and does not export them as plain text in the XML. If you import a .nessus file as a user-defined scan template, you must re-apply your passwords to any credentials.

    Yes
    CSV

    A .csv text file with only scan results.

    Note: When exporting scan results as a .csv file, the severities always show CVSSv2 scores regardless of your configured severity metric. When exporting compliance scan results as a .csv file, the Risk column results are replaced with the following values:

    • PASSED results show as None

    • WARNING results show as Medium

    • FAILED results show as High

    Yes
    Tenable Web App Scanning Scans
    HTML A web-based .html file that contains the list of targets, scan results, and scan notes. n/a
    PDF

    An Adobe .pdf file that contains the list of targets, scan results, and scan notes.

    Note:Tenable Vulnerability Management cannot export PDF files with more than 400,000 individual scan results.

    n/a
    Nessus

    A .nessus file in XML format that contains the list of targets, scan settings defined by the user, and scan results. Tenable Vulnerability Management strips password credentials and does not export them as plain text in the XML.

    n/a
    CSV A .csv text file with only scan results. n/a
    JSON A .json file that contains the list of targets, scan settings defined by the user, scan results, and scan notes. Tenable Vulnerability Management strips password credentials and does not export them as plain text in the JSON file. n/a
  7. For Tenable Vulnerability Management scans, if you select the PDF - Custom or HTML - Custom formats:

    • Retain the default Data setting (Vulnerabilities selected).
    • Select either Assets or Plugin from the Group By list, depending on how you want to group the scan results in the export file.
  8. Click Export.

    Tenable Vulnerability Management generates the export file. Depending on your browser settings, your browser may automatically download the export file to your computer, or may prompt you to confirm the download before continuing.