Tenable App for Microsoft Sentinel
Solution: TenableIO
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | Tenable |
| Support Tier | Partner |
| Support Link | https://www.tenable.com/support/technical-support |
| Categories | domains |
| Version | 2.0.2 |
| Author | Tenable - support@tenable.com |
| First Published | 2022-06-01 |
| Last Updated | 2026-04-16 |
| Solution Folder | TenableIO |
| Marketplace | Azure Marketplace · Rating: ★★☆☆☆ 2.0/5 (4 ratings) · Popularity: 🟢 High (82%) |
The Tenableio solution provides the capability to ingest Asset and Vulnerability data into Microsoft Sentinel through the REST API from the Tenable.io platform (Managed in the cloud). Refer to API documentation for more information.
Underlying Microsoft Technologies used:
This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:
a. Azure Monitor HTTP Data Collector API
Contents
Data Connectors
This solution provides 1 data connector(s):
🔶 CLv1: This connector ingests into a table that uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g.
_s,_d,_b,_t,_g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.
Tables Used
This solution uses 2 table(s):
| Table | Used By Connectors | Used By Content |
|---|---|---|
Tenable_IO_Assets_CL 🔶 |
Tenable.io Vulnerability Management | Playbooks |
Tenable_IO_Vuln_CL 🔶 |
Tenable.io Vulnerability Management | Playbooks |
🔶 CLv1: This table uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g.
_s,_d,_b,_t,_g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.
Content Items
This solution includes 5 content item(s) (3 in solution, 2 discovered 🔍):
| Content Type | Total | In Solution | Discovered |
|---|---|---|---|
| Playbooks | 3 | 3 | - |
| Parsers | 2 | 0 | 2 |
Playbooks
| Name | Description | Tables Used |
|---|---|---|
| Tenable.io - Enrich incident with asset info | Once a new Microsoft Sentinel incident is created, this playbook gets triggered and performs the fol... | Tenable_IO_Assets_CL (read) |
| Tenable.io - Enrich incident with vulnerability info | Once a new Microsoft Sentinel incident is created, this playbook gets triggered and performs the fol... | Tenable_IO_Vuln_CL (read) |
| Tenable.io - Launch Scan | Once a new Microsoft Sentinel incident is created, this playbook gets triggered and performs the fol... | - |
Parsers
| Name | Description | Tables Used |
|---|---|---|
| TenableIOAssets ⚠️ | - | Tenable_IO_Assets_CL (read) |
| TenableIOVulnerabilities ⚠️ | - | Tenable_IO_Vuln_CL (read) |
⚠️ Items marked with ⚠️ are not listed in the Solution JSON file. They were discovered by scanning the solution folder and may be legacy items, under development, or excluded from the official solution package.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊