Create a Tag Rule

Required Tenable Vulnerability Management User Role: Scan Manager or Administrator

Required Tenable Vulnerability Management Permission: Can Edit, Can Use permission for applicable asset tags.

When you create or edit a tag to apply automatically, you must create and apply rules to the tag using tag rules filters. You can create a tag rule in either Basic or Advanced mode.

Caution: If you create a tag rule in Basic mode and then switch to Advanced mode, the rules you created appear in the Advanced mode format. However, if you switch from Advanced mode to Basic mode, Tenable Vulnerability Management removes all rules from the rules section.

Note: When you create a tag from the Tagging page, you can select from a list of generic asset filters to create tag rules. If you want to create a tag based on filters that are specific to certain asset types, Tenable recommends that you create a tag from the Assets page, where you can select additional filters that are specific to each asset type.

For more information about applying tags automatically, see Considerations for Tags with Rules.

Before you begin:

To create and add a rule to a tag:

  1. In the left navigation, click Settings.

    The Settings page appears.

  2. Click the Tagging tile.

    The Tags page appears. On this page, you can view your asset tag categories and values.

    The Categories tab is active.

  3. Click the Values tab.

    The Values page appears, containing a table of all the tags on your Tenable Vulnerability Management instance.

  4. Click the Rules toggle to enable the rule settings.

    The Rules section appears.

  5. For each tag rule you want to create, do one of the following:

    Note: Basic mode is active by default.

  6. Click Save.

    Tenable Vulnerability Management creates the rule and applies it to the tag.

Tip: When you create a tag, Tenable Vulnerability Management automatically creates and assigns "Tag:value owner permissions" that allow you to manage the tag. If you are an administrator, you can give other users or groups this permission via the Permissions page.