TOC & Recently Viewed

Recently Viewed Topics

Generate the Asset Export File

User Permissions: Administrator (64)

To generate the export file, use the API endpoint described below.

HTTP Request

Note: To authenticate your request, be sure to include API keys in the HTTP header of the request. For more information, see Authorization.

Request Path Syntax

POST https://cloud.tenable.com/assets/export

Request Path Parameters

None.

Request Path Example

See "Request Path Syntax."

Request Body Syntax

{ "chunk_size": {integer}, "filters": { "created_at": {long}, "updated_at": {long}, "terminated_at": {long}, "deleted_at": {long}, "first_scan_time": {long}, "last_authenticated_scan_time": {long}, "last_assessed": {long}, "servicenow_sysid": {boolean}, "sources": {array}, "has_plugin_results": {boolean} "tag.category": {array} } }

Request Body Attributes

Note: To return all assets, omit the filters parameter. For most deployments, Tenable does not recommend that you omit the filters parameter.

Note: If your request specifies multiple filters, the system combines the filters using the AND search operator.

Parameter Child Parameter Type Value Required?
chunk_size -- integer Specifies the number of assets per exported chunk. Range is 100-10000. If you specify a value outside of that range, a 400 error is returned. required
filters created_at long Returns all assets created later than the date specified. The specified date must be in the Unix timestamp format. optional
updated_at long Returns all assets updated later than the date specified. The specified date must be in the Unix timestamp format. optional
terminated_at long Returns all assets terminated later than the date specified. The specified date must be in the Unix timestamp format. optional
deleted_at long Returns all assets deleted later than the date specified. The specified date must in the Unix timestamp format. optional
first_scan_time long Returns all assets with a first scan time later than the date specified. The specified date must be in the Unix timestamp format. optional
last_authenticated_scan_time long Returns all assets with a last credentialed scan time later than the date specified. The specified date must be in the Unix timestamp format. optional
last_assessed long Returns all assets with a last assessed time later than the date specified. An asset is considered assessed if it has been scanned by a credentialed or non-credentialed scan. The specified date must be in the Unix timestamp format. optional
servicenow_sysid boolean If true, returns all assets that have a ServiceNow Sys ID, regardless of value. If false, returns all assets that do not have a ServiceNow Sys ID. optional
sources array

Returns assets that have the specified source. An asset source is the entity that reported the asset details. Sources can include sensors, connectors, and API imports.

If your request specifies multiple sources, this request returns all assets that have been seen by any of the specified sources.

The items in the sources array must be strings and must correspond to the names of the sources as defined in your organization's implementation of Tenable.io. Commonly used names include:

  • AWS—You obtained the asset data from an Amazon Web Services connector.
  • NESSUS_AGENT—You obtained the asset data obtained from a Nessus agent scan.
  • PVS—You obtained the asset data from a Nessus Network Monitor (NNM) scan.
  • NESSUS_SCAN—You obtained the asset data from a Nessus scan.
  • WAS—You obtained the asset data from a Tenable.io Web Application Scanning scan.

If your request specifies multiple sources, this request returns all assets that have been seen by any of the specified sources.

optional
has_plugin_results boolean If true, returns all assets that have plugin results. If 'false', returns all assets that do not have plugin results. An asset may not have plugin results if the asset details originated from a connector, an API import, or a discovery scan, rather than a vulnerabilities scan. optional
tag.category array Returns all assets with the specified tags. The filter is defined as the word "tag", a period ("."), and the tag category name. The value of the filter is an array of tag values. For more information about tags, see Manage Asset Tags. optional

Request Body Example

{ "chunk_size": 100, "filters": { "servicenow_sysid": false, "created_at": 1525781704, "sources": [ "NESSUS_SCAN" ], "tag.Location": [ "Chicago", "Austin" ] } }

HTTP Response

Response Codes

Status Description
200 Returned if Tenable.io successfully queues the export request. For more information, see "Response Body Syntax."
400 Returned if any of the filters in the request is invalid.
403 Returned if you do not have permission to export asset data.
429

Returned if you attempt to send too many requests in a specific period of time. For more information, see Rate Limiting.

Response Body Syntax

{ "export_uuid": {string} }

Response Body Attributes

Attribute Type Description
export_uuid string The unique identifier of the export request.

Response Body Example

{ "export_uuid": "a483adf8-24e3-4c7f-818a-6867b02310dd" }

Reference Guide

https://cloud.tenable.com/api#/resources/exports/assets-request-export

Examples

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.