Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading Tenable Network Security PVS App for Splunk
MD5 checksum (tenable-network-security-pvs-app-for-splunk_102.tgz) 0cb116963be774945ab13f9ced4306ec
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

Tenable Network Security PVS App for Splunk

The Tenable Network Security PVS app for Splunk processes tens of terabytes of data per day and finds the security-relevant information through comprehensive analysis. In order to uncover threats carried on mobile, virtual, and cloud devices, Splunk requires reliable data to analyze. Tenable’s Passive Vulnerability Scanner™ (PVS™), the industry’s only continuous vulnerability scanner, monitors networks for server- and client-side vulnerabilities and new or transient assets. The vulnerability and device discovery power of PVS used with the comprehensive analysis of Splunk provides network and security information for effective threat intelligence.

Tenable Network Security PVS App for Splunk


The Tenable Passive Vulnerability Scanner™ (PVS™) monitors network traffic
at the packet layer to determine topology and identify services, security
vulnerabilities, suspicious network relationships, and compliance
violations. The PVS™ app for Splunk provides overview reports and searching
of the realtime event data generated by PVS.


A separate index will be created and used for PVS data. This is for search
time performance, it can also be use to control access to the data.


From the PVS UI, go to “Configuration”.

Select Syslog in the "Setting Type" dropdown.

Enter the IP and UDP Port of the Splunk server in the "Realtime Syslog Server

Note: Must be entered as IP:PORT (e.g

Configuring props.conf

The Tenable PVS Splunk App is designed to communicate natively using a UDP
port on the Splunk Indexer with a sourcetype of [syslog]. This can be a shared
input using the sourcetype of [syslog] or if another port is to be used then a
new input can be added with the sourcetype of [pvs]. Refer to props.conf
located in the $SPLUNK_HOME/etc/apps/pvs/default/props.conf which may need to be
altered to reflect the new configurations. More information on configuring the
props.conf file can be found at

Author Information

Author: Tenable Network Security, Inc.


If you need assistance see the PVS Discussion Forum located at:


PVS is the property of Tenable Network Security, Inc.

Release Notes

Version 1.0.2
Aug. 19, 2014


Subscribe Share

Splunk Certification Program

Splunk's App Certification program uses a specific set of criteria to evaluate the level of quality, usability and security your app offers to its users. In addition, we evaluate the documentation and support you offer to your app's users.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2017 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.