Tenable.io - Add IP Addresses to Scan

Article Summary

Share feedback

Thanks for sharing your feedback!

Tenable.io - Add IP Addresses to Scan (Add IPs to Tenable.io Scan) adds the IP addresses to an existing Tenable.io scan for:

Assets that match the results of the selected saved query, and match the Enforcement Action Conditions, if defined or assets selected on the relevant asset page.

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

General Settings

Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonius. You can change the name according to your needs.
Add description - Click to add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
- A query only returns results for the asset type it was created for.
- Not all asset categories are supported for all Enforcement Actions.
  - See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.
  - See Actions supported for Vulnerabilities.
  - See Actions supported for Software.
Action name (required) - The name of the Main action. A default value is added by Axonius. You can change the name according to your needs.
Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

Use stored credentials from the Tenable.io Adapter (required, default: True) - Select this option to use the the first connected Tenable.io adapter credentials.
NOTE
To use this option, you must successfully configure a Tenable.io adapter connection.

These fields must be configured to run the Enforcement Set.

Scan name - Specify the Tenable.io scan name to be updated.
Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.

These fields are optional.

If Use stored credentials from the Salesforce Adapter is disabled, these fields are required:

Tenable.io domain - The IP address or hostname of your Tenable.io management server.
Access API key and Secret API key - These values must be created in the Tenable.io console. To generate an API key in the Tenable.io console, see Tenable.io - Generate an API Key.
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.

Do not use network interfaces IPs - This option should be used only when Use public IP addresses is selected. The Enforcement Action will only add the IP addresses from Public IPs and not from network interfaces. When using only the option Use public IP addresses, a combination of public IPs from network interfaces and the public IP field are added to the scan.
Use public IP addresses - Select to add public IP addresses to Tenable.io.
Use private IP addresses - Select to add private IP addresses to Tenable.io.
Use hostnames - Hostnames from query results will be sent to scan in Tenable.io.
Exclude IPv6 addresses - When enabled, Axonius will add only IPv4 addresses to Tenable.io and not IPv6 addresses. Otherwise, both IPv4 and IPv6 addresses will be added.
CIDR exclude list - Specify a comma-separated list of CIDRs to be excluded.

For more details about other Enforcement Actions available, see Action Library.

Was this article helpful?

Table of contents