Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading Tenable NNM (previously PVS) for Splunk
SHA256 checksum (tenable-nnm-previously-pvs-for-splunk_202.tgz) 6010376105e1ebd0896b6a7bb151fedaecb4d17a1e4a687508a15baad2e7f968
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

Tenable NNM (previously PVS) for Splunk

Splunk Certified
The Tenable Nessus Network Monitor (NNM), previously Passive Vulnerability Scanner (PVS) app for Splunk processes tens of terabytes of data per day and finds the security-relevant information through comprehensive analysis. In order to uncover threats carried on mobile, virtual, and cloud devices, Splunk requires reliable data to analyze. Tenable’s Nessus Network Monitor (NNM), the industry’s only continuous vulnerability scanner, monitors networks for server- and client-side vulnerabilities and new or transient assets. The vulnerability and device discovery power of NNM used with the comprehensive analysis of Splunk provides network and security information for effective threat intelligence.

Tenable NNM (previously PVS) for Splunk


The Tenable Nessus Network Monitor™ (NNM™), previously Passive Vulnerability Scanner (PVS™), monitors network traffic at the packet layer to determine topology and identify services, security vulnerabilities, suspicious network relationships, and compliance violations.


  • Tenable NNM, version 4.x or higher.
  • You can obtain an NNM evaluation here.
  • Splunk 6.x or higher.

All new NNM data will be tagged with the sourcetype tenable:nnm.
All new PVS data will be tagged with the sourectype tenable:pvs.
All old PVS data with the sourcetype pvs, will still be included in dashboards and saved searches.


  • From the NNM UI, go to “Configuration”.
  • Select Syslog in the "Setting Type" dropdown.
  • Click "Add" next to the "Realtime Syslog Server List"
  • Set the "IP" you have Splunk setup to listen for syslog on
  • Set the "Port" you have Splunk setup to listen for syslog on
  • Set "Format Type" to Standard
  • Set Protocol to the protocol you have Splunk setup to accept syslog over


Author: Tenable, Inc.
If you need assistance please check the Tenable Community


Copyright 2018 Tenable, Inc.

Release Notes

Version 2.0.2
Jan. 6, 2018


Subscribe Share

Splunk Certification Program

Splunk's App Certification program uses a specific set of criteria to evaluate the level of quality, usability and security your app offers to its users. In addition, we evaluate the documentation and support you offer to your app's users.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2018 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.