Version:

Configuring Vulnerability Management

  1. Go to Settings >> Configuration from the navigation bar and click Devices.

  2. Click the Add Collectors/Fetchers (add) icon from Actions of the localhost device.

_images/vm-localhost.png

Adding Fetchers in a Device

  1. Click Vulnerability Management.

Tenable.sc Fetcher

  1. Select Tenable.sc.

  2. Click Add.

_images/vm-add.png

Vulnerability Management

  1. Enter the Url of the host machine where Tenable.sc is configured.

  2. Enter Tenable.sc User and the Password.

  3. Select a Start Time from when all the SecurityCenter reports will be fetched.

  4. Enter the number of Retries Count. It is the number of times a vulnerability scan was attempted and failed. It is three by default with a maximum limit of five.

  5. Enter the Fetch Interval in minutes.

  6. Select a Processing Policy.

  7. Select a Charset.

  8. Click Test to check whether the fetcher configuration is working correctly.

  9. Select Enable Proxy to use a proxy server.

  10. In Proxy Configuration:

    12.1. Enter the proxy server IP address and the Port number.

    12.2. Select either HTTP or HTTPS protocol.

  11. Click Submit.

_images/vm-tenable-conf.png

Configuring Tenable.sc Fetcher

Nessus Fetcher

  1. Select Nessus Fetcher.

  2. Click Add.

_images/vm-add1.png

Vulnerability Management

  1. Enter the Host URL or IP address of the host machine where Nessus is configured.

  2. Enter the Port of the Nessus configured host machine.

  3. Enter the Nessus Username and Password.

  4. Enter a Fetch Interval in minutes.

  5. Select a Processing Policy.

  6. Select a Charset.

  7. Click Test to check whether the fetcher configuration is working correctly.

  8. Select Enable Proxy to use a proxy server.

  9. In Proxy Configuration:

    11.1. Enter the proxy server IP address and the Port number.

    11.2. Select either HTTP or HTTPS protocol.

  10. Select Enforce HTTPS to enable a secure connection.

  11. If the server has a Self Signed Certificate, you can add an SSL Certificate File. Select Upload Certificate File.

    13.1. Click Browse to select a certificate file in PEM format (.pem) or PEM-encoded .crt format. An SSL certificate enables an encrypted connection between the server and Logpoint.

  12. Click Submit.

_images/vm-nessus-conf.png

Configuring Nessus Fetcher

Qualys Fetcher

  1. Select Qualys Fetcher.

  2. Click Add.

_images/vm-add2.png

Vulnerability Management

  1. Enter the Qualys Account Name.

  2. Enter the Hostname URL or IP address of the host machine where Qualys is configured.

  3. Select the Qualys Scan type.

  4. Enter the Qualys Username and Password.

  5. Enter the Fetch Interval in minutes.

  6. Select a Processing Policy.

  7. Select a Charset.

  8. Click Test to check whether the fetcher configuration is working correctly.

  9. Select Enable Proxy to use a proxy server.

  10. In Proxy Configuration:

    12.1. Enter the proxy server IP address and the Port number.

    12.2. Select either HTTP or HTTPS protocol.

  11. Click Submit.

_images/vm-qualys-conf.png

Configuring Qualys Fetcher

Rapid7 InsightVM Fetcher

  1. Select Rapid7 InsightVM Fetcher.

  2. Click Add.

_images/vm-add3.png

Vulnerability Management

  1. Enter the Host URL or IP address of the host machine where you have Rapid7 InsightVM configured.

  2. Enter the Port of the Rapid7 InsightVM configured host machine.

  3. Enter the Rapid7 InsightVM Username and Password.

  4. Enter the Fetch Interval in minutes.

  5. Select a Processing Policy.

  6. Select a Charset.

  7. Click Test to check whether the fetcher configuration is working correctly.

  8. Select Enable Proxy to use a proxy server.

  9. In Proxy Configuration:

    11.1. Enter the proxy server IP address and the Port number.

    11.2. Select either HTTP or HTTPS protocol.

  10. Select Enforce HTTPS to enable a secure connection.

  11. If the server has a Self Signed Certificate, you can add an SSL Certificate File. Select Upload Certificate File.

    13.1. Click Browse to select a certificate file in PEM format (.pem) or PEM-encoded .crt format. An SSL certificate enables an encrypted connection between the server and Logpoint.

  12. Click Submit.

_images/vm-rapid7-conf.png

Configuring Rapid7 InsightVM Fetcher

Holm Security Fetcher

Generating Parameters for Holm Security Fetcher

To configure the Holm Security Fetcher in Logpoint, you must first obtain the base URL of API and API token from the Holm Security portal.

  1. Go to the Holm Security Portal and enter your credentials.

  2. Click the Menu icon at the right hand side of the page.

  3. Click </> API. You can find the Base URL of API under API endpoint.

_images/config2.png

Base URL of API

  1. Click Create API TOKEN.

  2. Enter a Name for the token.

  3. Select Permissions and Access areas for the token.

  4. Click Create token.

_images/config5.png

Create API Token

  1. Click API TOKENS. You can find the API Token under API Tokens.

_images/vm-holm-config4.png

Holm Security API Token

Configuring the Holm Security Fetcher

  1. Go to Settings >> Configuration from the navigation bar and click Devices.

  2. Click the Add Collectors/Fetchers (add) icon from Actions of the localhost device.

_images/vm-localhost.png

Adding Fetchers in a Device

  1. Click Vulnerability Management.

  2. Select Holm Security Fetcher.

  3. Click Add.

_images/vm-addholm.png

Vulnerability Management

  1. Enter a Name for the configuration.

  2. Enter the Holm Security Base URL of API and API Token.

  3. Select the Last Detected date. Logs are fetched from this date.

  4. Select the Fetch Interval in minutes.

  5. Select the Processing Policy and Charset.

  6. Click Test to check whether the fetcher configuration is working correctly.

  7. Select Enable Proxy to use a proxy server.

  8. In Proxy Configuration:

    13.1. Enter the proxy server IP address and the Port number.

    13.2. Select either HTTP or HTTPS protocol.

  9. Click Submit.

_images/vm-holm-conf.png

Configuring Holm Security Fetcher

Tenable.io Fetcher

Generating Parameters for the Tenable.io Fetcher

To configure the Tenable.io Fetcher in Logpoint, you must first obtain the access key and secret key from the Tenable.io portal.

  1. Go to the Tenable.io Portal and enter your credentials.

  1. Click the Profile icon and click My Account.

_images/vm-io1.png

Tenable.io Account

  1. Click API KEYS.

  2. Click Generate and the Access Key and Secret Key will be generated.

_images/vm-ioapi.png

Tenable.io API Keys

Configuring the Tenable.io Fetcher

  1. Go to Settings >> Configuration from the navigation bar and click Devices.

  2. Click the Add Collectors/Fetchers (add) icon from Actions of the localhost device.

_images/vm-localhost.png

Adding Fetchers in a Device

  1. Click Vulnerability Management.

  1. Select Tenable.io.

  2. Click Add.

_images/vm-add123.png

Vulnerability Management

  1. Enter the Tenable.io Base URL of API. It is the URL used to access Tenable.io. For example, https://cloud.tenable.com.

  2. Enter the Tenable.io Access Key and Secret Key.

  3. Select a Scan Type. Vulnerability Management fetches scan reports of the selected scan type.

  4. Select the Last Detected date. Logs are fetched from this date.

  5. Enter the Fetch Interval in minutes.

  6. Select a Processing Policy.

  7. Select a Charset.

  8. Click Test to check whether the fetcher configuration is working correctly.

  9. Select Enable Proxy to use a proxy server.

  10. In Proxy Configuration:

    12.1. Enter the proxy server IP address and the Port number.

    12.2. Select either HTTP or HTTPS protocol.

  11. Click Submit.

_images/vm-tenable-conf11.png

Configuring Tenable.io Fetcher

Helpful?

We are glad this guide helped.


Please don't include any personal information in your comment

Contact Support