Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading Tenable NNM (previously PVS) for Splunk
MD5 checksum (tenable-nnm-previously-pvs-for-splunk_201.tgz) 31860ffba03946895e8f91fcbe8e3413 MD5 checksum (tenable-nnm-previously-pvs-for-splunk_102.tgz) 0cb116963be774945ab13f9ced4306ec
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

Tenable NNM (previously PVS) for Splunk

Overview
Details
The Tenable Nessus Network Monitor (NNM), previously Passive Vulnerability Scanner (PVS) app for Splunk processes tens of terabytes of data per day and finds the security-relevant information through comprehensive analysis. In order to uncover threats carried on mobile, virtual, and cloud devices, Splunk requires reliable data to analyze. Tenable’s Nessus Network Monitor (NNM), the industry’s only continuous vulnerability scanner, monitors networks for server- and client-side vulnerabilities and new or transient assets. The vulnerability and device discovery power of NNM used with the comprehensive analysis of Splunk provides network and security information for effective threat intelligence.

Tenable NNM (previously PVS) for Splunk

Introduction

The Tenable Nessus Network Monitor™ (NNM™), previously Passive Vulnerability Scanner (PVS™), monitors network traffic at the packet layer to determine topology and identify services, security vulnerabilities, suspicious network relationships, and compliance violations.

Requirements

  • Tenable NNM, version 4.x or higher.
  • You can obtain an NNM evaluation here.
  • Splunk 6.x or higher.

All new NNM data will be tagged with the sourcetype tenable:nnm.
All new PVS data will be tagged with the sourectype tenable:pvs.
All old PVS data with the sourcetype pvs, will still be included in dashboards and saved searches.

Configuration

  • From the NNM UI, go to “Configuration”.
  • Select Syslog in the "Setting Type" dropdown.
  • Click "Add" next to the "Realtime Syslog Server List"
  • Set the "IP" you have Splunk setup to listen for syslog on
  • Set the "Port" you have Splunk setup to listen for syslog on
  • Set "Format Type" to Standard
  • Set Protocol to the protocol you have Splunk setup to accept syslog over

Author

Author: Tenable, Inc.
Support: support@tenable.com
If you need assistance please check the Tenable Community

Disclaimer

Copyright 2017 Tenable, Inc.

Release Notes

Version 2.0.1
Nov. 22, 2017

New branding/Naming
Update all field names to match Nessus Network Monitor
New sourectypes and support for Nessus Network Monitor
Tested support for prior sourcetypes
Standardized event naming
Simplified setup
Updated documentation
Improved field parsing regex
Remove a bunch of unused css
Ensure app meets all pre-certification tests.

Version 1.0.2
Aug. 19, 2014

62
Installs
650
Downloads
Share Subscribe LOGIN TO DOWNLOAD

Subscribe Share

Splunk Certification Program

Splunk's App Certification program uses a specific set of criteria to evaluate the level of quality, usability and security your app offers to its users. In addition, we evaluate the documentation and support you offer to your app's users.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2017 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.