View Individual Scan Details

Required User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

Required Scan Permissions: Can View

You can view scan results for scans you own or that the scan owners have shared with you.

Consider the following when viewing scan results:

  • You can view details for an individual scan based on the permissions configured for the scan. However, when you view aggregated scan results in dashboards, including the Vulnerabilities and Assets workbenches, your access is based on the access groups you belong to. To view aggregated results from all of your scans, see Analysis.

  • Tenable.io categorizes as "archived" any individual scan results that are older than 60 days. For scan results that are younger than 60 days, you can view and export the results in Tenable.io. For archived scan results, you can export the results, but cannot view them in Tenable.io. This limitation applies to both imported scan results and scan results that Tenable.io collects directly from scanners.
  • When you view results from the latest run of the scan, Tenable.io categorizes the scan as "read." The read status is specific to your user account only. You can also manually change the read status.

To view scan results for an individual scan:

  1. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  2. In the left navigation plane, in the Tools section, click Scans.

    The Scans page appears. By default, the My Scans folder is active.

  3. In the Folders section, click a folder to load the scans you want to view.

    The scans table updates to display the scans in the folder you selected.

  4. In the scans table, click the scan where you want to view details.

    The Scan Details page appears. By default, this page displays details of the latest run of the scan.

  5. Do any of the following:
    SectionAction
    Table header

    Export the scan results that Tenable.io is currently displaying.

    Severity summariesFor the scan run currently displaying, view the number of vulnerabilities with a Critical, High, Medium, or Low vulnerability severity.
    Scan Details section

    For the scan run currently displaying, view the following details:

    • Status — The status of the scan.
    • Start Time — The start date and time for the scan.
    • Template — The Tenable-provided template on which the scan configuration is based.
    • Scanner — The scanner that performed the scan.
    • Scanner Groups — The scanner group(s) to which Tenable.io assigned the scan. This detail appears only if scan routing is enabled for the scan.
    • Targets — The targets that the scan evaluated.
    Vulns by Plugin tab

    For the scan run currently displaying, view vulnerability data, organized by plugin.

    This tab does not appear for scan results older than 60 days.

    On this tab, you can:

    • View information about each vulnerability:
      • Severity icon — The severity of the vulnerability.
      • Name — The name of the vulnerability.
      • Family — The plugin family.
      • Vulnerabilities — The number of vulnerability instances.

        Tip: A vulnerability instance is a single instance of a vulnerability appearing on an asset, identified uniquely by plugin ID, port, and protocol.

    • To filter the data displayed in the table, see Filter a Table.
    • To sort, increase or decrease the number of rows per page, or navigate to another page of the table, see Navigate a Table.
    • To view details for a vulnerability, click a row of the table.

      The Vulnerability Details page appears. For more information, see Vulnerability Details.

    Audit tab

    For the scan run currently displaying, view compliance audit check results. This tab is only present if the scan results include data from compliance audit checks.

    This tab does not appear for scan results older than 60 days.

    On this tab, you can view:

    • Tiles representing the number of audit checks identified the last time the scan completed, organized by severity level.
    • A table of audits detected during the scan. Each row represents a specific audit, and includes the Name, the Family, and the Count, or number of times the audit was identified. The table is organized first by the level of severity of the audit, and then in order of the number of times an audit was detected.

    To view additional information about a specific audit check, click a row in the audits table. The Audit Details page appears. This page contains the following tabs:

    • Overview — Information about the audit check, including a description of the check and the audit file used for the check.
    • Assets — A list of assets where the scan performed the audit check.
    Vulns by Asset tab

    For the scan run currently displaying, view vulnerability data for each asset. By default, assets in the table are listed from highest number of vulnerabilities to lowest. If the scan finds an equal number of vulnerabilities on more than one asset, those assets are listed based on the severity of vulnerabilities found.

    This tab does not appear for scan results older than 60 days.

    In this tab, you can:

    • View information about each vulnerability:
      • Name — The IP address of the asset.
      • Vulnerabilities — The number of vulnerabilities on the asset, organized by severity.

      • Count — The total number of vulnerabilities on the asset.
    • To filter the data displayed in the table, see Filter a Table.
    • To sort, increase or decrease the number of rows per page, or navigate to another page of the table, see Navigate a Table.
    • To view details for an asset, click a row of the table.

      The Asset Details page appears. For more information, see Asset Details.

    Warnings tab

    For the scan run currently displaying, view warnings about problems Tenable.io or the scanner encountered while running the scan. This tab only appears if Tenable.io or the scanner encounters problems while running the scan.

    Review the warnings to determine how to resolve the scan problem. For example, if an Invalid Target note is present, check the target parameters in the scan configuration.

    This tab does not appear for scan results older than 60 days.

    History tab

    View the scan history.

    This tab contains a table listing each time the scan has run. For the scan run currently displaying in the Scan Details page, Tenable.io adds the label Current to the run. By default, the latest scan run is labeled Current.

    Note: Scan history is unavailable for imported scans and for configured scans that have not yet run.

    You can:

    • View summary information about each time the scan was run:
      • Start Time — The start date and time for the scan.
      • End Time — The end date and time for the scan.
      • Duration — The duration of the scan
      • Status — The status of the scan.
    • Filter the data displayed in the table.
    • Sort, increase or decrease the number of rows per page, or navigate to another page of the table. For more information, see Navigate a Table.
    • View details for a historical scan by clicking a row in the table.

      Tenable.io marks the run you selected as Current and updates the Scan Details section to show data for the selected run.

      If the historical scan results are younger than 60 days, Tenable.io also updates the tabs on the Scan Details page.

      If the historical scan results are older than 60 days, the additional tabs are absent from the Scan Details page. Use export instead to obtain the results.