Configure Lumin Synchronization

Required Additional License: Tenable Lumin

Required Tenable.sc User Role: Administrator

Required Tenable.io User Role: Administrator

You can configure Tenable.sc to send limited Tenable.sc data to Tenable.io for use in Lumin analysis. For more information, see Lumin Synchronization.

Before you begin:

  • License and enable Lumin in Tenable.io, as described in License and Enable Lumin in the Tenable.io Vulnerability Management User Guide.
  • Plan your synchronization strategy and review known limitations and dependencies, as described in Plan Your Lumin Synchronization.
  • Review your repositories for overlapping IP addresses. To avoid data merge issues in Tenable.io, Tenable recommends resolving all repository overlaps before synchronizing data to Tenable.io. For more information, see Repository Overlap.

    Caution: You cannot resolve data merge issues after synchronizing a repository with Tenable.io; you must resolve overlapping repositories in Tenable.sc before synchronizing a repository for the first time.

  • Generate Tenable.io API keys for a Tenable.io user with Administrator permissions, as described in Generate API Keys in the Tenable.io Vulnerability Management User Guide.
  • Share any assets you want to synchronize with the Full Access group, as described in Groups. You cannot synchronize assets with more limited sharing.

To configure data synchronization between Tenable.sc and Lumin in Tenable.io:

  1. Log in to Tenable.sc via the user interface.

  2. Click System > Configuration.

    The Configuration page appears.

  3. Click the Lumin tile.

    The Lumin Configuration page appears.

  4. In the Tenable.io Connection Settings section, type an Access Key and Secret Key for the Tenable.io user you want to have full access to your data in Tenable.io.

    Option

    Description

    Access Key

    The Tenable.io API access key for a Tenable.io user with Administrator permissions.

    Secret Key The Tenable.io API secret key for a Tenable.io user with Administrator permissions.

    Tenable.sc validates the connection to Tenable.io and locks the key configuration.

  5. In the Vulnerability Data Synchronization section:
    1. Select one or more IPv4 or agent repositories that contain the scan result data you want to synchronize with Tenable.io.

      The initial synchronization includes all cumulative database data from the repository. All subsequent synchronizations include only the new or modified scan result data imported to the repository.

      Note: You cannot synchronize passive scan result vulnerability data. Tenable.sc identifies vulnerability data by plugin family and excludes NNM and LCE plugin families from synchronization.

      Caution: To avoid data merge issues in Tenable.io, Tenable recommends resolving all repository overlaps before synchronizing data to Tenable.io. You cannot resolve data merge issues after synchronizing a repository with Tenable.io; you must resolve overlapping repositories in Tenable.sc before synchronizing a repository for the first time. For more information, see Repository Overlap.

      Tip: Hover over the to view details for a repository (including information about unresolved repository overlaps).

    2. Click Synchronize.

      A confirmation window appears.

    3. Click Synchronize.

      Tenable.sc begins synchronizing your vulnerability data to Tenable.io.

  6. In the Asset to Tag Synchronization section:
    1. If you want to synchronize asset data at a scheduled time:
      1. Click to enable the Custom Schedule slider.
      2. Next to the schedule link, click the button.
      3. Modify the Time and Timezone options to specify when you want synchronizations to occur.

        Tip: You cannot modify the Frequency or Repeat Every options; all Lumin synchronizations occur once daily.

      If you do not schedule your asset synchronizations, Tenable.sc automatically synchronizes once daily, after business hours for your local time zone.

    2. If you want to filter the assets that appear in the Unstaged Assets section, do any of the following:
      • Select an organization from the Organization Filter drop-down list and click Apply Filters.
      • Select an asset type from the Asset Type Filter drop-down list and click Apply Filters.
      • Type an asset name in the Search Name box and press Enter.

      Note: You can synchronize any assets shared with the Full Access group. You cannot synchronize assets with more limited sharing.

      Tenable.sc applies your filter to the Unstaged Assets section.

    3. To stage one or more assets for synchronization, do one of the following:
      • Click the Add All button to stage all visible assets for synchronization.

        Tenable.sc stages all visible assets for synchronization and displays them in the Staged Assets section.

      • In the rows for individual assets you want to stage for synchronization, click the button.

        Tenable.sc stages your selected assets for synchronization and displays them in the Staged Assets section.

      Note: You cannot synchronize IPv6 addresses within static assets. If an asset contains a mix of IPv4 and IPv6 addresses, Tenable.sc synchronizes only the IPv4 addresses.

      Note: You cannot synchronize non-IPv4 assets within dynamic assets. If a dynamic asset contains other asset types, Tenable.sc synchronizes only the IPv4 addresses.

      Note: You cannot synchronize DNS name list assets, LDAP query assets, combination assets, watchlist assets, or import assets.

      Tip: Click an asset row to view details for an asset.

    4. Click Synchronize Staged Assets.

      A confirmation window appears.

    5. Click Synchronize.

      Tenable.sc begins synchronizing your assets to Tenable.io.

  7. Wait for data transfer and Lumin data calculations to complete. For more information, see How long does synchronization take to complete?.
  8. Monitor the synchronization and confirm there were no errors, as described in View Lumin Synchronization Status or View Lumin Data Synchronization Logs.

What to do next:

  • Begin using Tenable.io and Lumin, as described in Where will I see synchronized data in Tenable.io?.
  • View Lumin metrics information within Tenable.sc, as described in View Lumin Metrics.
  • By default, synchronized data is visible to the Tenable.io Administrator account used for synchronization and to all other users in Tenable.io. If you want to restrict privileges for synchronized data, configure access groups as described in Access Groups in the Tenable.io Vulnerability Management User Guide.