Tenable Vulnerability Management - Add IP Addresses to Tag Value

Tenable Vulnerability Management - Add IP Addresses to Tag Value adds IP addresses from Axonius assets to an existing tag value in Tenable Vulnerability Management for:

• Assets returned by the selected query or assets selected on the relevant asset page.

Prerequisites

APIs

Axonius uses the Tenable Vulnerability Management API.

Required Ports

Axonius must be able to communicate via the following ports:

• Port 443 (HTTPS)

Required Permissions

• Standard User [32] user role. This role has permissions to read and update tags in Tenable Vulnerability Management.

Required Fields

These fields must be configured to run the Enforcement Set.

• Use stored credentials from the Tenable Vulnerability Management Adapter - Select this option to use credentials from the adapter connection. By default, the first connection is selected.

  • When you select this option, the Select Adapter Connection drop-down becomes available. Select the adapter connection to use for this Enforcement Action.

  📘

  Note

  To use this option, you must successfully configure a Tenable Vulnerability Management adapter connection.

• Tag value name - The name of an existing tag value in Tenable Vulnerability Management. The tag value must already exist and must be unique across all tag categories. If multiple tag values have the same name in different categories, the action will fail with an error.

• Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Working with Axonius Compute Nodes.

Additional Fields

These fields are optional.

💡

Connection and Credentials

When Use stored credentials from the adapter is toggled off, some of the connection fields below are required to create the connection, while other fields are optional.

• Tenable Vulnerability Management domain (optional, default: empty) - The IP address or hostname of your Tenable Vulnerability Management management server.

• Access API key and Secret API key - These values must be created in the Tenable Vulnerability Management console. To generate an API key in the Tenable Vulnerability Management console, see Tenable Vulnerability Management - Generate an API Key.

• Verify SSL (optional) - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

• HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

• Use public IP addresses - Include public IP addresses from Axonius assets when adding to the tag value.
• Use private IP addresses - Include private IP addresses from Axonius assets when adding to the tag value.
• Exclude IPv6 addresses - When enabled, excludes IPv6 addresses and only includes IPv4 addresses.
• Override current IP address List - When enabled, replaces all existing IP addresses in the tag value with the new list. When disabled, appends the new IP addresses to the existing list.
• Add Hostnames to Scan - When enabled, includes hostnames from Axonius assets in addition to IP addresses.
• Use preferred hostname FQDN - When enabled and Add Hostnames to Scan is selected, uses the preferred FQDN from Axonius for each asset.
• Use AWS Public Dns as hostname - When enabled and Add Hostnames to Scan is selected, uses the AWS public DNS name for AWS assets.
• Use Public IPs field - When enabled, uses the Public IPs field from Axonius instead of parsing IP addresses from network interfaces.
• Verify SSL - Verify SSL certificates when connecting to the Tenable Vulnerability Management API.