diff --git a/cyences_app_for_splunk/bin/cs_product_list.py b/cyences_app_for_splunk/bin/cs_product_list.py index 791f255e..48f39ae1 100644 --- a/cyences_app_for_splunk/bin/cs_product_list.py +++ b/cyences_app_for_splunk/bin/cs_product_list.py @@ -316,7 +316,7 @@ def build_source_reviewer_search(by, values, first_call=True): "macro_name": "cs_tenable", "label": "Tenable Data", "search_by": "sourcetype", - "search_values": "tenable:io:assets,tenable:io:plugin,tenable:io:vuln,tenable:sc:assets,tenable:sc:plugin,tenable:sc:vuln", + "search_values": "tenable:io:assets,tenable:io:vuln,tenable:sc:assets,tenable:sc:vuln", "earliest_time": "-7d@d", "latest_time": "now", } @@ -329,7 +329,7 @@ def build_source_reviewer_search(by, values, first_call=True): "macro_name": "cs_nessus", "label": "Nessus Data", "search_by": "sourcetype", - "search_values": "nessus:pro:vuln,nessus:pro:plugin,nessus_json", + "search_values": "nessus:pro:vuln,nessus_json", "earliest_time": "-7d@d", "latest_time": "now", } diff --git a/cyences_app_for_splunk/default/savedsearches.conf b/cyences_app_for_splunk/default/savedsearches.conf index 994e9c34..3e8e6a84 100644 --- a/cyences_app_for_splunk/default/savedsearches.conf +++ b/cyences_app_for_splunk/default/savedsearches.conf @@ -6283,7 +6283,7 @@ search = `cs_nessus_assets` | dedup nessus_uuid \ | append [| inputlookup cs_nessus_inventory] \ | stats latest(time) as time, latest(*) as * by nessus_uuid \ | eval _key=nessus_uuid | outputlookup cs_nessus_inventory -action.cyences_notable_event_action.products = nessus +action.cyences_notable_event_action.products = Nessus [Device Inventory - Nessus Vuln] @@ -6310,7 +6310,7 @@ search = `cs_nessus_vuln` | dedup nessus_uuid, vul_id \ | append [| inputlookup cs_nessus_vuln] \ | dedup nessus_uuid, vul_id sortby -_time \ | outputlookup cs_nessus_vuln -action.cyences_notable_event_action.products = nessus +action.cyences_notable_event_action.products = Nessus [Device Inventory - Qualys]