TOC & Recently Viewed

Recently Viewed Topics

Generate the Vulnerability Export File

User Permissions: Administrator (64)

To generate the export file, use the API endpoint described below.

HTTP Request

Note: To authenticate your request, be sure to include API keys in the HTTP header of the request. For more information, see Authorization.

Request Path Syntax


Request Path Parameters


Request Path Example

See "Request Path Syntax."

Request Body Syntax

{ "num_assets": {integer}, "filters": { "severity": [ {string}, {string}, {string} ], "since": {string} } }

Request Body Attributes

Recommended parameters are:

Parameter Object Parameter Type Value Required?
num_assets integer

Specifies the maximum number of vulnerabilities per exported chunk.

This number does not represent the number of assets per chunk. Instead, it is equal to the number of assets times the number of vulnerabilities on each asset.

The range of supported chunk sizes is a minimum of 50 (the default size) to a maximum of 5,000. If you specify a value outside this range, the system uses the upper- or lower -bound value.



severity array

Specifies the severity of the vulnerabilities to include in the export. Defaults to all severity levels.

The severity of a vulnerability is defined using the Common Vulnerability Scoring System (CVSS) base score.

Supported array values are:

  • info—The vulnerability has a CVSS score of 0.
  • low—The vulnerability has a CVSS score between 0.1 and 3.9.
  • medium—The vulnerability has a CVSS score between 4.0 and 6.9.
  • high—The vulnerability has a CVSS score between 7.0 and 9.9.
  • critical—The vulnerability has a CVSS score of 10.0.
state array

Specifies the state of the vulnerabilities you want the export to include.

Supported values are:

  • open—The vulnerability is currently present on a host.
  • reopened—The vulnerability was previously marked as fixed on a host, but has returned.
  • fixed—The vulnerability was present on a host, but is no longer detected.

If your request omits this parameter, the export includes default states open and reopenedonly.

plugin_family array

Specifies the plugin family of the vulnerabilities you want the export to include. This parameter value is case-sensitive. Use the family names (including capitalization) specified here: Plugins.

If your request omits this parameter, the export includes all vulnerabilities, regardless of plugin family.

since long

Specifies the start date (in Unix time) for the range of data you want to export.

  • If you use this filter, the export includes data only for vulnerabilities that were first seen after the start date you specify.
  • If your request omits this parameter, the export includes data from all vulnerabilities, regardless of the date on which they were first seen.


  • The first time you generate a vulnerabilities export file, set the since parameter to the start date of the data you want to export or omit this parameter to export all current data.

  • Every time you export after that, Tenable recommends that you specify parameters for a differential export, with the since parameter set to the time you last exported vulnerability data from



Response Body Example

{ "num_assets": 100, "filters": { "severity": [ "low", "medium", "high", "critical" ], "since": 1532030828 } }

HTTP Response

Response Codes

Status Description
200 Returned if successfully queues the export request. For more information, see "Response Body Syntax."
400 Returned if any of the filters in the request is invalid.
403 Returned if you do not have permission to export vulnerabilities.

Returned if you attempt to send too many requests in a specific period of time. For more information, see Rate Limiting.

Response Body Syntax

{ "export_uuid": {string} }

Response Body Attributes

Attribute Type Description
export_uuid string The unique identifier of the export request.

Response Body Example

{ "export_uuid": "a483adf8-24e3-4c7f-818a-6867b02310dd" }

Reference Guide


Copyright 2017 Tenable, Inc. All rights reserved. Tenable,, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.., Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.