-
Notifications
You must be signed in to change notification settings - Fork 374
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Tenable.io] Tweaks to Tenable.io integration #7671
Comments
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
Sorry @efd6 , while we're working on this package - two additional changes if you don't mind.
The vulnerability data is unusable today. Especially for dashboards, because @timestamp is the time that the vulnerability was FIRST seen. This can be years ago. cc @LaZyDK Another issue rasied here, but not sure how we tackle it: #5762 |
For now we have used a custom pipeline to fix the data in Tenable.io to look and behave like Tenable.sc.
|
No worries. |
Above closes #5762 |
Based on feedback from Tenable, some tweaks need to be applied in order to get our integration validated.
Asset & Vuln data streams pull frequency : Adjust the default interval to 24 hours and adjust titles from 'logs' to 'data', e.g. Collect asset logs from Tenable.io becomes ' Collect asset data from Tenable.io'
Plugin Data Pull - Adjust initial & daily pull to 24hr, set to default off
Scanner Pull - Remove
Scans pull - Adjust cadence to 24hr, set to default off
Tenable has also rebranded Tenable.io to Tenable Vulnerability Management. Can please adjust the title, description and all references of Tenable.io to Tenable Vulnerability Management.
The logo for the integration also needs to be changed:
The text was updated successfully, but these errors were encountered: