Hello, The Tenable Add-on for Splunk stores data with the following sources and source types. Tenable.sc Source Sourcetype Description <username>|<address> tenable:sc:vuln This collects all vulnerability data. <username>|<address> tenable:sc:assets This collects pull assets data. <username>|<address> tenable:sc:plugin This collects all plugin data. Tenable.io Source Sourcetype Description tenable_io://<data input name> tenable:io:vuln This collects all vulnerability data. tenable_io://<data input name> tenable:io:assets This collects all asset data. tenable_io://<data input name> tenable:io:plugin This collects all plugin data. In my production environment i am getting logs from sourcetype Tenable.sc (tenable:sc:vuln, tenable:sc:assets, tenable:sc:plugin)) and these sourcetypes are visible in in my data summary however sourcetype Tenable.io (tenable:io:vuln, tenable:io:assets, tenable:io:plugin) are not visible in data summary and not getting logs from these sourcetype. Question:- 1)need help to be confirmed for sourcetype Tenable.io either it is configure or not and if it is configured then why not visible in data summary sourcetype lists. 2)how can i identify ,where is my Tenable add-on is installed . 3)Tenable vulnerability dashboard not working. Requesting answer for above mentioned question. Thanks in advance
... View more