Skip to main content

Admin

Scanner connections & scan history import

Once you've picked which scanner engine(s) feed ThreatWeaver on the Data sources & connectivity page, this is where you connect each engine, keep its data flowing, and bring in scans that ran before you connected it. Three screens work together: API Configuration (credentials), API Sync (schedules and manual runs), and Scan History Import (historical backfill). All three are available to an administrator with API access.

What it's for

  • Connect a scanner engine — enter its API credentials so ThreatWeaver can pull assets and vulnerabilities from it.
  • Control how fresh your data is — set an automatic sync schedule, trigger a sync manually, and recalculate dashboard statistics on demand.
  • Bring in scan history — import findings from scans that already ran on your scanner before you connected it to ThreatWeaver, instead of waiting for new scans.

The screens in it

API Configuration, API Sync, and Scan History Import — each with a scanner-engine selector across the top

Each of the three screens shows the same row of engine tabs — Tenable.io, Qualys VMDR, Rapid7 InsightVM, and WeaverScan (Built-in) — so you configure, sync, and import history one engine at a time.

Tenable.io is the engine with a complete, working pipeline today: credentials, scheduled and manual sync, and scan history import all function end to end. Qualys VMDR and Rapid7 InsightVM currently support entering credentials and testing the connection; their full sync pipelines and scan history import are still arriving. WeaverScan is ThreatWeaver's built-in native scanner and needs no external credentials at all — see Scanners for how it's managed.

API Configuration

Enter and test the credentials each scanner engine needs to talk to ThreatWeaver.

Tenable.io

ControlWhat it does
Data ModeA Live / Sandbox switch. Sandbox shows mock data so you can explore the product before connecting a real scanner; Live uses your saved credentials.
Access Key / Secret KeyPaste your API key values here. Once saved, they're shown masked — enter new values only when you want to rotate them.
Test ConnectionChecks the keys you've typed against Tenable.io before you save them.
Save KeysEncrypts and stores the credentials. The card shows Configured, plus who last updated the keys and when.

A short audit history under the keys shows recent changes to this engine's configuration.

Qualys VMDR & Rapid7 InsightVM

Both engines have a credentials form — API URL plus Username/Password for Qualys, API URL plus API Key for Rapid7 — and a working Test Connection button so you can confirm ThreatWeaver can reach your instance. Saving credentials for ongoing sync is not yet available for these two engines; that arrives with their full sync pipelines in a later release.

WeaverScan (Built-in)

WeaverScan ships with ThreatWeaver and needs no external credentials — agents enroll and submit results directly. Manage WeaverScan agents from Scanners.

API Sync

Keep a connected engine's data current, on a schedule or on demand.

Automatic sync schedule

Choose how often ThreatWeaver checks the engine for new data — every 1, 2, 4, 6, 8, 12, or 24 hours. The card shows exactly when the next sync will run. Changing the interval restarts the schedule immediately.

Sync status & manual sync

ControlWhat it does
Sync scopeHow much history a manual sync should cover — a recommended smart window, the last 90 days, the last year, a custom date, or your full history.
Full SyncPulls both assets and vulnerabilities right away.
Sync Assets Only / Sync Vulnerabilities OnlyRuns a narrower sync when that's all you need.
Stop SyncAppears while a sync is running, so you can cancel it.

The card also shows current status (idle or running), a time estimate, and — if a previous sync was interrupted — a recovery banner with next steps.

Recalculate Stats

If dashboard numbers look out of date after a sync, Recalculate Stats rebuilds the snapshots your dashboards and trends read from, for a date range you choose (with an option to force a full rebuild). A progress bar tracks the rebuild, and a health readout shows whether recent data is fully repaired or still needs attention.

Scan History Import

Bring in scans that already ran on your scanner before you connected it — useful when you don't want to wait for new scans to build up history.

Scan History Import — discover scans, configure a date range, run the import, and review past import jobs

Today this works end to end for Tenable.io. Qualys and Rapid7 history import is on the roadmap and isn't wired up yet.

Step 1 — Discover available scans

Click Fetch Scans to list the scans your Tenable.io account can see, each with its name, type, and last-run date. Select the ones you want (or Select All), and expand History on any scan to preview its individual scan runs before importing.

Step 2 — Configure the import

ControlWhat it does
Start Date / End DateOptional — narrows the import to scan runs in that window. Leave blank to import everything available.
Dry RunPreview what would be imported without writing any data.
Start Import / Preview ImportKicks off the job (the button label changes based on Dry Run).

Step 3 — Watch the import run

A progress bar tracks runs processed against the total, with live counts of findings, processed, failed, and skipped runs. You can Cancel a running import, and Retry Failed Runs if some runs didn't complete.

Step 4 — Review import history

Every import job — past and present — is listed with its status and totals. Expand a job to see per-run detail, and retry any failed runs from there too.

Common workflows

Workflow: connecting a new scanner engine

  1. On API Configuration, select the engine's tab (for example Tenable.io).

  2. Paste your API key (or username/API key, depending on the engine) into the credential fields.

    Step 1 — entering an engine's API credentials
  3. Click Test Connection to confirm ThreatWeaver can reach it.

  4. For Tenable.io, click Save Keys to store the credentials — the card updates to Configured. Then activate the engine on Data sources & connectivity so it starts feeding your Vulnerability Management views.

Workflow: syncing now and recalculating stats

  1. On API Sync, choose a sync scope that fits what you need (a quick check uses the smart window; a first-time connection may need the full history).

  2. Click Full Sync and watch the status card until it returns to Idle.

    Step 1 — a sync in progress on the API Sync page
  3. If dashboard numbers still look stale afterward, pick a date range and run Recalculate Stats to rebuild the snapshots your dashboards read from.

Workflow: importing historical Tenable.io scans

  1. On Scan History Import, click Fetch Scans and select the scans you want to bring in.

  2. Optionally set a Start Date / End Date, and turn on Dry Run to preview the result first.

    Step 1 — selecting scans and previewing with Dry Run
  3. Click Start Import (or Preview Import for a dry run) and watch Import Progress. If any runs fail, use Retry Failed Runs.

  4. Check Import History any time afterward to confirm what was imported.