Manage Reports

On the Reports page, you can manage your reports in the following ways:

Create a Report

To create a report:

  1. In the left navigation, click Reports.

    The Reports page appears.

  2. In the upper-right corner, click Create New Report.

    The Report Templates page appears, with reports organized by category.

  3. Do one of the following:

    • Create a report based on a template:

      1. In the Report Templates list, select a template:

        Category Description
        Center for Internet Security (CIS) CIS Benchmarks are best practices for the secure configuration of a target system. Be sure to use the proper audit file for scans. For example: CIS PostgreSQL 12 v1.1.0 Audit Details, CIS Debian 8 v2.0.2 Audit Details, CIS Amazon Web Services Three-tier Web Architecture v1.0.0 Audit Details, and so on.
        Defense Information Systems Agency (DISA) The Defense Information Systems Agency (DISA) is a United States Department of Defense combat support agency composed of military, federal civilians, and contractors. Security Technical Implementation Guides (STIG) is a configuration standard that consists of cybersecurity requirements for a specific product. Be sure to use the proper audit file for scans.
        Compliance Framework

        Tenable allows you to audit configuration compliance with a variety of standards including GDPR, ISO 27000, HIPAA, NIST 800-53, PCI DSS, and so on. These reports provide summary and detailed information for all the supported frameworks. Be sure to use the proper audit file for scans.

        Host Audit Plugin Type Organizations such as CIS, DISA, and some vendors create golden configurations standards, known as benchmarks. Tenable creates audit files that perform a detailed configuration review. Scanning the assets with the Host Audit Compliance Check plugins allows you to do detailed configuration checks. These reports provide summary and detailed information for all the Host Audit Compliance Check plugins.
        Tenable Best Practice Audits Allows you to implement best practice audits for new technologies. Make sure that the proper audit file is used for scans.
        Vendor Based Audits Allows you to implement vendor-specific guidance for new technologies. Vendors include: Vendor, IBM, Juniper, Microsoft, NetApp, VMware and others. Be sure to use the proper audit file for scans.
        Vulnerability Management Tenable Vulnerability Management provides the most comprehensive vulnerability coverage with real-time continuous assessment of the organization. These built-in reports allow organizations to communicate risk based on prioritization, threat intelligence and real-time insights to proactively prioritize remediation actions. These reports provide summary and detailed information data collected using Tenable Vulnerability Management applications such as Tenable Nessus.
        Web App Scanning Web application security provides the ability to detect and mitigate threats and vulnerabilities that may compromise the confidentiality, integrity, and availability of web applications. These reports leverage data from Tenable Web App Scanning, a comprehensive and automated vulnerability scanning tool for modern web applications.

        The Report Details page appears.

      2. On the Report Details page, do the following:

        1. (Optional) Click Update Logo to add a new logo to your report or select from a list of recently uploaded logos. Select the Set as default for all reports checkbox to set a logo as the default.

        2. In the Name box, type a name for the report.

        3. (Optional) In the Description box, type a description.

        4. In the Executive Summary section, select from the available widgets or click Add New Widget to add a custom widget or a widget from the widget library to the report.

        5. In the Additional Chapters section, select from the available chapters or click Add New Chapter to add report chapters from the Chapter Library.

        6. (Optional) Add a filter to the reports. For more information, see Filter Reports.

    • Create a custom report:

      1. In the upper-right corner of the Report Templates page, click Create Custom Report.

        The Report Details page appears.

      2. On the Report Details page, do the following:

        1. (Optional) Click Update Logo to add a new logo to your report or select from a list of recently uploaded logos. Select the Set as default for all reports check box to set a logo as the default.

        2. In the Name box, type a name for the report.

        3. (Optional) In the Description box, type a description.

        4. In the Executive Summary section, click Add New Widget to add a custom widget or a widget from the widget library to the report.

        5. In the Additional Chapters section, click Add New Chapter to add report chapters from the Chapter Library.

        6. (Optional) Add a filter to the reports. For more information, see Filter Reports.

  4. Click Save.

    Tenable Vulnerability Management creates a new report and it appears on the My Report Templates page.

    Tip: Once created, you can generate an initial report and download a copy. For more information, see Generate Reports.

Edit an Existing Report

Note: You can only modify a report if you are the owner, a user with an administrator account, or you have been given the Can configure permission for that report.

To edit a report:

  1. In the left navigation, click Reports.

    The Reports page appears.

  2. Select the report that you want to edit:

    Scope Action
    Edit a single report

    To edit a report from the Reports page:

    1. On the My Report Templates or All Report Templates tab, right-click the row for the report you want to edit.

      -or-

      On the My Report Templates or All Report Templates tab, in the Actions column, click the button in the row for the report you want to edit.

      The action buttons appear in the row.

    2. Click Edit.

    The Report Details page appears.

  3. Modify the report settings.

  4. Apply filters as needed.

  5. Click Save.

    Tenable Vulnerability Management saves the report and the Reports page appears.

Delete a Report

Note: You can only delete a report if you are the owner or a user with an administrator account.

To delete a report:

  1. In the left navigation, click Reports.

    The Reports page appears.

  2. Select the reports you want to delete.

    Note: This procedure is applicable for both Report Results and Report Templates.
    Scope Action
    Delete multiple reports

    To delete reports:

    1. Select the check box for each report you want to delete.

      The action bar appears at the top of the list.

    2. In the action bar, click LaunchDelete.
    Delete a single report

    To delete a single report:

    1. Right-click the row for the report you want to delete.

      -or-

      Select the check box next to the report you want to delete.

      Tenable Vulnerability Management enables More in the action bar.

      -or-

      In the Actions column, click the button in the row for the report you want to delete.

      The action buttons appear in the row.

    2. Click LaunchDelete.

    The Delete Reports dialog box appears.

  3. Click Delete.

    Tenable Vulnerability Management deletes the report permanently.

Schedule a Report

Note: You can only schedule a report if you are the owner, a user with an administrator account, or you have been given the Can configure permission for that report.

Important: Disabling a user account does not disable scheduled reports for that user. Additionally, if the disabled user shared a report with other users, these other users can still generate that report. For more information, see Disable a User Account.

To schedule a report:

  1. In the left navigation, click Reports.

    The Reports page appears.

  2. On the My Report Templates or All Report Templates tab, select the check box next to the report that you want to schedule.

    The action bar appears at the top of the table.

  3. Do one of the following:
    • Right-click on the row for the report that you want to schedule.
    • In the action bar, click on the More button.
    • In the Actions column, click the button in the row for the report that you want to schedule.

      A menu appears.

  4. Click Schedule.

    5. The Schedule Report plane appears.

  5. Modify the report schedule settings.

    Setting Default Description
    Schedule On off

    A toggle that specifies whether the report is scheduled. By default, reports are not scheduled.

    When you disable the Schedule toggle, the other schedule settings remain hidden.

    Click the toggle to enable the schedule and view the remaining Schedule settings.
    Start Date and Time varies

    Specifies the exact date and time when Tenable Vulnerability Management launches the report.

    The starting date defaults to the date when you create the schedule. The starting time is the nearest half-hour interval. For example, if you create the report schedule on 09/31/2022 at 9:12 AM, Tenable Vulnerability Management sets the default starting date and time to 09/31/2022 and 09:30.
    Time Zone varies The time zone of the value set for Start Date and Time.
    Repeat Once

    Specifies how often Tenable Vulnerability Management launches the report. Reports run at the time specified in Start Date and Time.

    • Once: Schedule the report to run once.
    • Daily: Schedule the report to run daily.

    • Weekly: Schedule the report to run on a weekly basis.

      Note: The report runs on the day of the week that the schedule begins. For example, if you schedule the report to first run on Monday, 2/14/2021, the report runs on Monday every week.

    • Monthly: Schedule the report to run on a monthly basis.

      Note: The report runs on the day of the week that the schedule begins. For example, if you schedule the report to first run on Monday, 2/14/2021, the report runs on the second Monday of every month.

    • Custom: Schedule the report to run on a custom interval, based on a specific number of days, weeks, or months.
    • Yearly: Schedule the report to run on a yearly basis.
    Repeat Ends Never

    • On: If you select this option, the End Date setting appears, where you can select the date you want the report schedule to end.

    • Never: The report runs on the schedule until you modify the report schedule.
    Password Protection Off

    A toggle that specifies whether the report schedule is password protected.

    To set a password for the report:

    1. Click the Password Protection toggle to enable password protection for the report.

    2. In the Encryption Password box, type the password for the report.

    Note: Make sure that you provide this password to the recipients to open the report.
    Add Recipients  

    In this box, type one or more email recipients with whom you want to send the report to. Be sure to press enter after each email address entry.

     

  6. Click Schedule.

    Tenable Vulnerability Management schedules the report and the recipients receive the report as an email. If you enable the password protection toggle, the recipient must provide the password when prompted.

Edit a Report Schedule

Note: You can only edit a report schedule if you are the owner, a user with an administrator account, or you have been given the Can configure permission for that report.

To edit a report schedule:

  1. In the left navigation, click Reports.

    The Reports page appears.

  2. Select the report that for which you want to edit the schedule:

    Scope Action
    Edit a single report schedule

    To edit a report schedule from the Reports page:

    1. On the My Report Templates or All Report Templates tab, right-click the row for the report you want to edit.

      -or-

      On the My Report Templates or All Report Templates tab, in the Actions column, click the button in the row for the report you want to edit.

      The action buttons appear in the row.

    2. Click Schedule.

    The Schedule Report pane appears.

  3. Modify the report schedule settings.

  4. Click Schedule.

    Tenable Vulnerability Management saves the report schedule and the Reports page appears.

Generate a Report

Note: When you disable a user account, that user's scheduled reports are not disabled. If the disabled user shared reports, users with access can still generate them. For more information, see Disable a User Account.

Note: You cannot generate more than 50 reports at a time.

To generate a report:

  1. In the left navigation, click Reports.

    The Reports page appears.

  2. On the Report Results tab, select the check box next to the report you want to generate.

    The action bar appears at the top of the list.

  3. In the action bar, click LaunchGenerate Report.

    Tenable Vulnerability Management starts to generate the report. You can track the report status on the Report Results tab.

Email Report Results

To share report results via email:

  1. In the left navigation, click Reports.

    The Reports page appears.

  2. Select the report results that you want to share:

    Scope Action
    Share a single report

    To share report results from the Reports page:

    1. On the Report Results tab, right-click the row for the report results you want to share.

      -or-

      On the Report Results tab, in the Actions column, click the button in the row for the report results you want to share.

      The action buttons appear in the row.

    2. Click Email.

    The Email Report plane appears.

  3. In the Add Recipients box, type one or more email recipients for the report results, pressing enter after each entry.

    The recipients you select receive an email with a PDF of the report results.

  4. In the Encryption Password box, type the password for the generated report.

    Important: Make sure that you provide this password to the recipients to open the report.

    Note: If you provide a password at the time of scheduling the report, Tenable Vulnerability Management applies the same password when emailing the report. For reports for which passwords are applied at the time of scheduling, the Encryption Password box appears disabled with a message at the bottom that states that the password is the same as one created during the schedule process.

  5. Click Email.

    The report results are shared as an email and the Reports page appears. If you add a password for the report, the recipient must enter the password when prompted.