This Add-on is intended to be installed as a companion for the following add-ons:
- Install Tenable Add-On for Splunk (https://splunkbase.splunk.com/app/4060) version 6.1.4 or higher
- Install Tenable WAS Add-On for Splunk (https://splunkbase.splunk.com/app/6884) version 1.1.0 or higher
Requirements:
This Add-on is intended to be installed as a companion for the following add-ons:
- Install Tenable Add-On for Splunk (https://splunkbase.splunk.com/app/4060) version 6.1.4 or higher
- Install Tenable WAS Add-On for Splunk (https://splunkbase.splunk.com/app/6884) version 1.1.0 or higher
Currently this add-on provides additional extraction and CIM compliance for sourcetypes:
- "tenable:ot:alerts" (Tenable.ot)
- "tenable:io:vuln:was" (Tenable WAS)
Requirements:
- This Add-on is intended to be installed following the installation guide.
- Install Tenable Add-On for Splunk (https://splunkbase.splunk.com/app/4060) version 6.1.4 or higher
Installation:
This Add-on is intended to be installed as follows:
- Splunk Cloud Victoria or Classic STACKs: Installed on Search Heads
- Splunk Enterprise: Installed on Search Heads
This Add-on is intended to be installed as a companion for the following add-ons:
- Install Tenable Add-On for Splunk (https://splunkbase.splunk.com/app/4060) version 6.1.4 or higher
Known issues:
- Disable Field Transformation "auto_kv_tenable_ot" from TA-tenable to stop field extraction conflict
- Modify permissions on Field extractions "auto_kv_tenable_ot" from TA-tenable to App (Global >> App)
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.