I am trying to integrate BigFix with Tenable SC using IVR4. I have successfully completed all steps until the Tenable SC API Credentials configuration. I obtained the Tenable Access and secret key and copied the Tenable SC URL, using both the IP address and name, but both attempts failed and gave me an error stating, “Network response was not OK. Unauthorized.”
I tried accessing both URLs (https://name:port and https://IP:port), and both opened successfully as a red arrow pointing.
Can you please advise on what might be wrong in this situation?
I already opened the URL and opened tenable login using username and password, not using Access and Secret Key (API credentials) , and if must login with API credentials how can I test it
I reviewed the link you sent; I found it related to IVR 2 and 3, not IVR 4. Also, for IVR4, it must be administrator, not auditor. so which one I should follow
I think if the documentation is not clear about the subject and you think you have done all of the steps correctly - Please open Support Case with HCL so they can resolve the issue and update the documentation occurdanly.
To troubleshoot the Unauthorized issue - You will need to understand which API calls are being made to Tenable from the IVR application , and from there it will be resolved by HCL & Tenable Support
We use the ‘export’ API for both vulnerabilities and assets, and I believe (although open to correction) that this requires the Administrator role/permission in Tenable.
Note: It is required to use the administrator user role within Tenable to enable the generation of API keys used by IVR to maintain the interface with Tenable. Additionally, please note that the BigFix API credentials must have master operator permissions.
Source: IVR v.4 setup process
please update