Add a Tenable.io scanner in IBM®
QRadar® to enable QRadar to collect host and
vulnerability information through the Tenable.io API.
Procedure
- On the Admin tab, click the VA Scanners
icon in the Data Sources section, and then click Add.
- In the Scanner Name field, type a name to identify your Tenable.io
scanner.
- From the Managed Host list, select an option that is based on one
of the following platforms:
- On the QRadar
Console, select the
managed host that is responsible for communicating with the scanner device.
- On QRadar on Cloud, if the scanner is
hosted in the cloud, the QRadar Console can be
used as the managed host. Otherwise, select the data gateway that is responsible for communicating
with the scanner device.
- From the Type list, select
Tenable.io.
- In the API End point field, type
cloud.tenable.com.
-
In the Access Key field, type the Tenable.io Access
key value that you recorded when you completed the Obtaining the Tenable.io API
Access key and Secret key procedure.
- In the Secret Key field, type the Tenable.io Secret
key value that you recorded when you completed the Obtaining the Tenable.io API
Access key and Secret key procedure.
- Select the Severity level(s) for which you want to filter the
results.
- Configure a CIDR range for the Tenable.io scanner. In the CIDR
range field, type the CIDR range for the scan, or click Browse to
select a CIDR range from the network list.
Important: For large CIDR ranges or for a large amount of data, the range must be broken
down to smaller ranges.
-
Click Add, and then click Save.
- On the Admin tab, click Deploy
Changes.
What to do next
You are now ready to create a scan schedule. See Scheduling a vulnerability scan.