Host Audit Details

Required Tenable Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

When you View Finding Details, the Finding Details page varies by finding type. For host audit findings, it includes a description of the host audit finding, its recommended solution, and a summary of the corresponding asset.

The Finding Details page for host assets contains the following sections.

Note: Tenable Vulnerability Management hides empty sections, so these may not appear in some cases.

Section	Description
Description	A brief description of the plugin that identified the finding during a compliance check.
Solution	A brief summary of how you can address the compliance check findings.
Audit File	The name of the audit file the scanner used to perform the compliance check.
See Also	Links to external websites that contain helpful information about the compliance check.
Asset Information	Information about the affected asset, including: Asset ID — The UUID of the asset where a scan detected the vulnerability. Name — The name of the asset on which the scanner performed a compliance check. Operating System — The operating system that the scan identified as installed on the affected asset. IPV4 Address — The IPv4 address for the affected asset. System Type — The type of system on which the affected asset runs. Public — Specifies whether the asset is available on a public network. A public asset is within the public IP space and identified by the is_public attribute in the Tenable Vulnerability Management query namespace.
Asset Scan Information	Information about the scan that detected the vulnerability, including: First Seen — The date when a scan first found the vulnerability on an asset. Last Seen — Filter on the date that the asset was last observed by any successful scan, including vulnerability scans, configuration scans, and discovery scans. This value can also be the date that the asset was imported into Tenable Vulnerability Management. Last Authenticated Scan — The date and time of the last authenticated scan run against the asset. An authenticated scan that only uses discovery plugins updates the Last Authenticated Scan field, but not the Last Licensed Scan field. Last Licensed Scan — The date and time of the last scan in which the asset was considered "licensed" and counted towards Tenable's license limit. A licensed scan uses non-discovery plugins and can identify vulnerabilities. Unauthenticated scans that run non-discovery plugins update the Last Licensed Scan field, but not the Last Authenticated Scan field. For more information on how licenses work, see Tenable Vulnerability Management Licenses. Source — The source of the scan that detected the vulnerability on the affected asset.
Additional Information	Additional information about the affected asset, including: Network — The name of the network object associated with scanners that detected the finding. The default network name is Default. For more information, see Networks. Network (FQDN) — The fully qualified domain name of the host on which the vulnerability identified in the finding was detected. MAC Address — The static Media Access Control (MAC) address for the affected asset. Tenable ID —The unique identifier for the Tenable account associated with the affected asset. Installed Software — Software that a scan identified on the affected asset.
Policy Value	The plugin output that appears in the finding if the affected asset is compliant with the audit policy.
Actual Value	The plugin output that actually appears in the finding.
Host Audit Information	Information about the compliance check, including: Audit Name — The name of the compliance check the scanner performed on the affected asset. Audit File — The name of the audit file the scanner used to perform the compliance check. Benchmark — Specific technical configurations recommended by an authoritative organization or vendor to securely harden an operating system, application, or network device. Benchmark Specification Name — The unique, official title of the specific guideline or framework outlining the security configuration requirements. Benchmark Version — The specific iteration or release number of the Benchmark Specification Name, indicating the precise set of requirements used for the compliance check. Plugin Name — The name of the plugin that identified the compliance check. Source — The name of the compliance check the scanner performed on the affected asset.
Audit Discovery	First Audit — The date and time when a scan first performed the compliance check on the asset. Last Audit — The date and time when a scan last performed the compliance check on the asset.
Reference Information	A list of industry resources that provide additional information about the compliance check.
Actions	In the upper-right corner, click the Actions button to view a drop-down where you can: Export — Export to CSV or JSON, as described in Export from Explore Tables. Generate Report — Generate a report from a template, as described in Reports. View All Findings — View all findings for an asset, as described in View Asset Details. View All Details — View complete details for a finding, as described in View Finding Details. View All Details in New Tab — View complete details for an asset in a new browser tab.