Host Audit Details

A brief description of the plugin that identified the finding during a compliance check.

A brief summary of how you can address the compliance check findings.

Information about the affected asset, including:

• Asset ID — The UUID of the asset where a scan detected the vulnerability.

• Name — The name of the asset on which the scanner performed a compliance check.

• Operating System — The operating system that the scan identified as installed on the affected asset.

• IPV4 Address — The IPv4 address for the affected asset.

• System Type — The type of system on which the affected asset runs.

• Public — Specifies whether the asset is available on a public network. A public asset is within the public IP space and identified by the is_public attribute in the Tenable Vulnerability Management query namespace.

Information about the scan that detected the vulnerability, including:

• First Seen — The date when a scan first found the vulnerability on an asset.

• Last Seen — The date when a scan last found the vulnerability on an asset.

• Last Authenticated Scan — The date and time of the last authenticated scan run against the asset. An authenticated scan that only uses discovery plugins updates the Last Authenticated Scan field, but not the Last Licensed Scan field.

• Last Licensed Scan — The date and time of the last scan in which the asset was considered "licensed" and counted towards Tenable's license limit. A licensed scan uses non-discovery plugins and can identify vulnerabilities. Unauthenticated scans that run non-discovery plugins update the Last Licensed Scan field, but not the Last Authenticated Scan field. For more information on licensed assets, see Tenable Vulnerability Management Licenses.

• Source — The source of the scan that detected the vulnerability on the affected asset.

Additional information about the affected asset, including:

• Network — The name of the network object associated with scanners that detected the finding. The default network name is Default. For more information, see Networks.

• Network (FQDN) — The fully qualified domain name of the host on which the vulnerability identified in the finding was detected.

• MAC Address — The static Media Access Control (MAC) address for the affected asset.

• Tenable ID —The unique identifier for the Tenable account associated with the affected asset.

• Installed Software — Software that a scan identified on the affected asset.

The plugin output that appears in the finding if the affected asset is compliant with the audit policy.

Information about the compliance check, including:

• Audit Name — The name of the compliance check the scanner performed on the affected asset.

• Audit File — The name of the audit file the scanner used to perform the compliance check.

• Plugin Name — The name of the plugin that identified the compliance check.

• Result — The result for the item in a configuration audit. Results can be: Passed, Warning, or Failed.

• State — An indication about whether the audit finding is currently active on the affected asset. States can be: Active, Fixed, and Resurfaced.

• First Audit — The date and time when a scan first performed the compliance check on the asset.

• Last Audit — The date and time when a scan last performed the compliance check on the asset.

A list of industry resources that provide additional information about the compliance check.

In the upper-right corner, click the Actions button to view a drop-down where you can:

• Export — Export to CSV or JSON, as described in Export from Explore Tables.

• Generate Report — Generate a report from a template, as described in Reports.

• View All Findings — View all findings for an asset, as described in View Asset Details.

• View All Details — View complete details for a finding, as described in View Finding Details.

• View All Details in New Tab — View complete details for an asset in a new browser tab.