IBM QRadar

Hello everyone,

We are trying to import VA reports from Tenable Security Center (6.2) into our IBM QRadar (7.5).
I imported the certificate by running the /opt/qradar/bin/getcert.sh <IP of Tenable>
It is a self signed certificate but was imported.

Secondly, I configured the VA scanner as below
Name: the CN given in the certificate of the VA scanner.
API version : 5
API Location: rest
Provided the username and password
Selected allow untrusted certificates.
For the CIDR i entered a single IP address that was in Tenable Security Center to test if it can import.

Once this was done I configured Schedule VA scanners. However, once the activity initiated, it is on status Pending for 2 days.

I have logged into Tenable Security center with the account i configured in QRadar. I can see the assets and findings.
The role I gave is Security Analyst in Tenable Security Center.

Any idea what could be the issue and how can I resolve the same?
Thanks in advance.

You can verify the API credentials and permissions in Tenable Security Center, ensuring the Security Analyst role has sufficient access to export VA reports. Then check QRadar logs for any connection or authentication errors related to the Tenable integration. Also, consider temporarily disabling SSL verification in QRadar to rule out certificate issues, and ensure the correct API version and endpoint are configured.

------------------------------
Alex Hird
------------------------------