Tenable.sc API: Dashboard Template

/dashboardTemplate

Methods
GET

Gets the list of Dashboard Templates.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

**id
*name
*description
summary
type
category
definition
componentType
suggestedNumColumns
suggestedColumnWidths
enabled
minUpgradeVersion
templatePubTime
templateModTime
templateDefModTime
definitionModTime
createdTime
modifiedTime
tags
requirements
components

Legend

* = always comes back

** = comes back if fields list not specified on GET all
Expand Parameters

components

Request Parameters
Expand

NOTE #1: Pseudo Category "0" (recent) is currently not supported

NOTE #2: The searchString parameter takes in a space-separated set of keywords/phrases (in parenthesis) and builds a fuzzy match based on them. For excluding a keyword/phrase, is preceded by a '-'. Example:

	"searchString" : "audit" -"SCAP" ..."

Parameters must be passed in as query string (as opposed to JSON) in the format of: /dashboardTemplate?categoryID="1"&...

{
    "categoryID" : <number> "1" (Threat Detection & Vulnerability Assessments) | "2" (Monitoring) | "3" (Security Industry Trends) | "4" (Executive) | "5" (Compliance & Configuration Assessment) | "6" (Discovery & Detection) DEFAULT "" (All Categories),
    "searchString" : <string> (Search String Format. See NOTE#2) DEFAULT ""
}
Example Response
Expand
{
	"type" : "regular",
	"response" : [
		{
			"id" : "384",
			"name" : "Mitigated Patch Rates",
			"description" : "This dashboard provides a great deal of information at a glance, such as comparing items like overall patch rates to that of items with CVSS scores of 10.  The dashboard facilitates a comparative analysis of Linux patches vs. Windows patching over 30 day and 60 day cycle periods.  Some organizations might be surprised how successful one patch management process is over another."
		},
		{
			"id" : "555",
			"name" : "Executive Summary",
			"description" : "Using a series of charts, tables, and graphs, this overview dashboard provides a summary for an executive to gain a high level understanding of the vulnerability management status of the network environment.  This dashboard contains valuable information, including Top 10 Summaries of Assets, Networks and Systems that are vulnerable, as well as useful trend information on vulnerabilities and how long they have existed within the network environment.\n\nThis will be helpful for those getting started with SecurityCenter"
		},
		{
			"id" : "986",
			"name" : "Executive Vulnerability Metrics",
			"description" : "Monitoring security just got easier with this dashboard and Nessus.  This dashboard provides an executive view into the active vulnerability detection and remediation of discovered vulnerabilities.   Using the Nessus vulnerability scanner, security professionals can discover vulnerabilities in networks. This dashboard helps security professionals to communicate metrics and status of vulnerabilities with executives.  \n\nThis dashboard begins with four tables that show vulnerabilities in various states of remediation.  The top left component provides a vulnerability age summary, and the top right provides a remediation summary.  Both of these components show the count of vulnerabilities by the days of discovery or mitigation.  \n\nThe following row of components display the number of discovered vulnerabilities by the date that a patch or vulnerability is published.  The table on the left provides a focus on the patch date and severities, while the table on the right provides a summary of vulnerability publication dates.  \n\nBoth tables provide columns for each severity, ranging from low to critical.  The low severities are displayed with a blue background and white text, and the medium severities are black on orange.  The high and critical severities are red and purple with white text.  \n\nThe third row contains two trend graphs displaying a trend over the past 25 days for Windows and *nix vulnerabilities.  The last two components are tables, one with a Windows user management summary, and the other with the top 10 most vulnerable systems.\n\nOverall, this dashboard provides executives with metrics to which they can oversee a risk mitigation program."
		},
		{
			"id" : "350",
			"name" : "Ticketing Summary",
			"description" : "SecurityCenter's internal workflow feature includes a robust ticketing system for tracking ticket assignments. This dashboard displays the current status of tickets by classification, assignee and ticket.\n\nComprised of four components, this SC dashboard tracks the following : \n\nStatus Summary - Last 30 Days (pie chart)\nClassification Summary - Last 30 Days (pie chart)\nAssignee Summary (table) - Displays the current statistics for each user with ticket entries\nList of Tickets (table) - Displays tickets with more detail, including name, assignee, status, classification and modified date\/time\n\nThis information will help your staff and management better track what work needs to be done, and the progress made for each ticket created."
		},
		{
			"id" : "862",
			"name" : "Executive 30 Day",
			"description" : "This dashboard provides an executive summary of a weekly status of the current vulnerability management program.  A series of tables, charts and graphs provide a detailed view into the vulnerabilities discovered and mitigated within the last 30 days.\n\nThe dashboard is comprised of 18 components that provide an overview analysis of a vulnerability management program that is easy to understand by managers, CISO's and other executives.  \n\nThe first set of tables show a detailed ratio of vulnerabilities to the risk of exploitation, and if the vulnerability has been mitigated or not.  The tables are followed by series of pie charts, which summarize the severities and risk of exploitation.\n \nThe next two rows provide a trend analysis of the vulnerabilities by severity and plugin type.  Both sets of trend data are calculated every day over the past 30 days.  The data points are designed to show the daily changes, allowing for detection of unusual activity.  In the third column are the trend graphs showing the vulner"
		},
		{
			"id" : "863",
			"name" : "Executive 30 Day - Current Vulnerabilities",
			"description" : "This dashboard provides an executive summary of a weekly status of the current vulnerability management program.  A series of tables, charts and graphs provide a detailed view into the vulnerabilities discovered within the last 30 days.\n\nThe dashboard is comprised of 12 components that provide an overview analysis of a vulnerability management program that is easy to understand by managers, CISO's and other executives.  \n\nThe first set of tables show a detailed ratio of vulnerabilities to the risk of exploitation, and if the vulnerability has been mitigated or not.  The tables are followed by series of pie charts, which summarize the severities and risk of exploitation.\n \nThe next two rows provide a trend analysis of the vulnerabilities by severity and plugin type.  Both sets of trend data are calculated every day over the past 30 days.  The data points are designed to show the daily changes, allowing for detection of unusual activity.  \n\nThe remaining components show an analysis of assets, and the vulnerabilities with top 10 most vulnerable assets.  Using a bar chart and table, a high level summary is depicted."
		},
		{
			"id" : "709",
			"name" : "Executive 7 Day",
			"description" : "This dashboard provides an executive summary of a weekly status of the current vulnerability management program.  A series of tables, charts and graphs provide a detailed view into the vulnerabilities discovered and mitigated within the last 7 days.\n\nThe dashboard is comprised of 18 components that provide an overview analysis of a vulnerability management program that is easy to understand by managers, CISO's and other executives.  \n\nThe first set of tables show a detailed ratio of vulnerabilities to the risk of exploitation, and if the vulnerability has been mitigated or not.  The tables are followed by series of pie charts, which summarize the severities and risk of exploitation.\n \nThe next two rows provide a trend analysis of the vulnerabilities by severity and plugin type.  Both sets of trend data are calculated every day over the past 7 days.  The data points are designed to show the daily changes, allowing for detection of unusual activity.  In the third column are the trend graphs showing the vulnerabilities that have returned after they have been previously mitigated. \n\nThe remaining components show an analysis of assets, and the vulnerabilities with top 10 most vulnerable assets.  Using a bar chart and table, a high level summary is depicted."
		},
		{
			"id" : "739",
			"name" : "Executive 7 Day - Current Vulnerabilities",
			"description" : "This dashboard provides an executive summary of a weekly status of the current vulnerability management program.  A series of tables, charts and graphs provide a detailed view into the vulnerabilities discovered within the last 7 days.\n\nThe dashboard is comprised of 12 components that provide an overview analysis of a vulnerability management program that is easy to understand by managers, CISO's and other executives.  \n\nThe first set of tables show a detailed ratio of vulnerabilities to the risk of exploitation, and if the vulnerability has been mitigated or not.  The tables are followed by series of pie charts, which summarize the severities and risk of exploitation.\n \nThe next two rows provide a trend analysis of the vulnerabilities by severity and plugin type.  Both sets of trend data are calculated every day over the past 7 days.  The data points are designed to show the daily changes, allowing for detection of unusual activity.  \n\nThe remaining components show an analysis of assets, and the vulnerabilities with top 10 most vulnerable assets.  Using a bar chart and table, a high level summary is depicted."
		},
		{
			"id" : "567",
			"name" : "Ticket Management",
			"description" : "SecurityCenter can use other data besides vulnerabilities or events to create dashboards. In this dashboard example, a table component is used to list recent tickets and a matrix component is used to list ticket load for specific users."
		},
		{
			"id" : "413",
			"name" : "Mobile Summary",
			"description" : "This dashboard provides an executive summary of the current Mobile Device Management (MDM) status.  The dashboard was created using the new features within SecurityCenter 4.7 and the features within Nessus to collect mobile data from the MDM solution.  There are 4 components showing a summary of mobile device types, charts displaying the current vulnerability count, a matrix with device and vulnerability count, and a top 50 user summary."
		},
		{
			"id" : "404",
			"name" : "IAVM Executive Summary",
			"description" : "This dashboard provides an executive summary to the current Information Assurance Vulnerability Management (IAVM) program."
		},
		{
			"id" : "383",
			"name" : "Mitigated Patch Rates - Remediation Rates",
			"description" : "On the bottom, I created a matrix chart that lists some very generic columns including : \\n- Now - number of current vulnerabilities\\n- Patched - number of vulnerabilities in the mitigated status\\n- 30d Rate - number of patched vulnerabilities that took 30 days or less to patch\\n- 30d Date - number of patches that occurred within the past 30 days\\n- 30d Rate - Lifetime - percent of patches that occurred within 30 days of being tracked by SecurityCenter\\n- 30d Rate Past 30d - percent of patches that occurred within 30 days of being tracked by SecurityCenter for the past 30 calendar days\\n- 30d Rate Past 31d - 60d - percent of patches that occurred within 30 days of being tracked by SecurityCenter between 31 and 60 calendar days ago\\n- 30d Rate Past 61d - 90d - percent of patches that occurred within 30 days of being tracked by SecurityCenter between 61 and 90 calendar days ago\\n\\nFor the rows, I created different types of arbitrary categories, including all vulnerabilities, vulnerabilities with a CVSS score of 10, exploitable vulnerabilities, and vulnerabilities, which were Windows or Linux in nature.\\n\\nFor each ratio, the percentage from 0 to 25 is red, 24 to 50 is yellow and higher than 50 is green."
		},
		{
			"id" : "382",
			"name" : "Mitigated Patch Rates - Vulnerabilities Over Time",
			"description" : "This component is a 90 day summary chart tracking active vulnerabilities with low, medium, high, and critical severities."
		},
		{
			"id" : "551",
			"name" : "Executive Summary - Vulnerability Age",
			"description" : "This component contains a matrix displaying vulnerability age. The columns identify new hosts (within the past 24 hours), and vulnerabilities from low to critical severities. The rows are labeled by the number of days the vulnerabilities have existed within the environment from the first discovery date, sorted by less than 7, 30, 90 days, and greater than 90 days."
		},
		{
			"id" : "546",
			"name" : "Executive Summary - Outstanding Patches by Operating System",
			"description" : "This component displays a summary of vulnerabilities by operating system, using the Local Check Plugin Families.  The data is sorted by the critical vulnerabilities."
		},
		{
			"id" : "845",
			"name" : "Executive 30 Day - Current Vulnerability Summary by Severity",
			"description" : "This component displays a severity summary of vulnerabilities discovered over the past 30 days. Please note that the chart is configured only to show medium, high, and critical severities."
		},
		{
			"id" : "983",
			"name" : "Executive Vulnerability Metrics - Vulnerability Mitigation",
			"description" : "This component contains a matrix displaying mitigated vulnerability ages. The columns identify new hosts (within the past 24 hours), and vulnerabilities from low to critical severities. The rows are labeled by the number of days the vulnerabilities have existed within the environment from the first discovery date, sorted by less than 7, 30, 90 days, and greater than 90 days."
		},
		{
			"id" : "980",
			"name" : "Executive Vulnerability Metrics - Patch Publication Age",
			"description" : "This component provides a summary of vulnerabilities and patch release dates.  The dates are summarized with 7, 30, 90 and more than 90 days.  The matrix provides columns for each severity, ranging from low to critical.  The low severities are displayed with a blue background and white text, and the medium severities are black on orange.  The high and critical severities are red and purple with white text."
		},
		{
			"id" : "981",
			"name" : "Executive Vulnerability Metrics - 25 Day Trend Windows Vulnerabilities",
			"description" : "This component provides a 25-day trend of Microsoft vulnerabilities.  The graph provides separate colors to denote the severity.  The vulnerability trending is calculated with 24-hour data points."
		},
		{
			"id" : "982",
			"name" : "Executive Vulnerability Metrics - Windows User Management",
			"description" : "This table provides a list of informational vulnerabilities on Microsoft user accounts.  This component selects the 'Windows :  User management' plugin family and is then sorted by the total of vulnerabilities discovered.  The 'Windows :  User management' plugin family checks for issues in Microsoft Windows user management, and includes user information disclosure, group enumeration, and more."
		},
		{
			"id" : "984",
			"name" : "Executive Vulnerability Metrics - Vulnerability Publication Age",
			"description" : "This component provides a summary of vulnerabilities and their release dates.  The dates are summarized with 7, 30, 90, and more than 90 days.  The matrix provides columns for each severity ranging from low to critical.  The low severities are displayed with a blue background and white text, and the medium severities are black on orange.  The high and critical severities are red and purple with white text."
		},
		{
			"id" : "985",
			"name" : "Executive Vulnerability Metrics - 25 Day Trend Linux Vulnerabilities",
			"description" : "This component provides a 25-day trend of Linux vulnerabilities.  The graph provides separate colors to denote the severities.  The vulnerability trending is calculated with 24-hour data points."
		},
		{
			"id" : "853",
			"name" : "Executive 30 Day - Exploitable Vulnerability Trending by Type",
			"description" : "This component trend analysis displays exploitable vulnerabilities discovered in the past 25 days, and by vulnerability type. The data points for this trend analysis are reporting newly discovered exploitable vulnerabilities within the last 24 hours.  This allows for the understanding of newly discovered exploitable vulnerabilities found each day over the last 25 days."
		},
		{
			"id" : "854",
			"name" : "Executive 30 Day - Exploitable Vulnerability Asset Summary",
			"description" : "This component shows an exploitable vulnerability analysis by asset list, displaying a bar for medium, high, and critical severities for each asset.  The data is sorted by the count of critical severities in a descending direction."
		},
		{
			"id" : "855",
			"name" : "Executive 30 Day - Exploitable Asset Vulnerability Breakdown",
			"description" : "This component displays the newly discovered exploitable vulnerability count of the top 10 assets.  The counts are vulnerabilities that have been discovered over the past 30 days."
		},
		{
			"id" : "856",
			"name" : "Executive 30 Day - Mitigated Vulnerability Type Matrix",
			"description" : "The component shows a summary of the remediated vulnerabilities that have been discovered over the past 30 days. To allow for better understanding of risk, the data is separated by exploit frameworks, Metasploit, Core Impact, Canvas, and malware that are tracked by Tenable Research.\n\nThe first column shows the percentage of remediated vulnerabilities that have public exploits.   The subsequent columns are broken down using the exploit framework.  The cells show the percentage of the exploitable vulnerabilities for each framework.  If 0% is present, then less than 1% of total vulnerabilities are identified and text is green with black text.  If 1% - 10% of vulnerabilities are exploitable by a framework, the cell is black on orange with a ratio-bar.   If 11 - 50% are exploitable by a framework, the cell is white on red with a ratio-bar.   If 51% - 100% are exploitable by a framework, the cell is white on purple with a ratio-bar."
		},
		{
			"id" : "857",
			"name" : "Executive 30 Day - Mitigated Vulnerability Summary by Severity",
			"description" : "This component displays a severity summary of remediated vulnerabilities discovered over the past 30 days. Please note that the chart is configured only to show medium, high, and critical severities."
		},
		{
			"id" : "858",
			"name" : "Executive 30 Day - Previously Mitigated Vulnerability Trend",
			"description" : "This component displays a trend analysis of previously remediated vulnerabilities discovered over the past 25 days.  Please note that the trend line is configured only to show the medium, high, and critical severities.  The data points for this trend analysis are reporting newly discovered previously remediated vulnerabilities within the last 24 hours.  This allows for the understanding of which vulnerabilities have returned each day over the last 25 days."
		},
		{
			"id" : "859",
			"name" : "Executive 30 Day - Previously Mitigated Vulnerability Trending by Type",
			"description" : "This component trend analysis displays previously mitigated vulnerabilities discovered in the past 25 days, and by vulnerability type. The data points for this trend analysis are reporting the newly discovered previously mitigated vulnerabilities within the last 24 hours.  This allows for the understanding of what new vulnerabilities have returned each day over the last 25 days."
		},
		{
			"id" : "860",
			"name" : "Executive 30 Day - Mitigated Vulnerability Asset Summary",
			"description" : "This component shows a mitigated vulnerability analysis by asset list, displaying a bar for medium, high, and critical severities for each asset.  The data is sorted by the count of critical severities in a descending direction."
		},
		{
			"id" : "861",
			"name" : "Executive 30 Day - Mitigated Asset Vulnerability Breakdown",
			"description" : "This component displays the newly discovered exploitable vulnerability count of the top 10 assets.  The counts are vulnerabilities that have been discovered over the past 30 days.  The data is sorted in descending order by the number of critical vulnerabilities."
		},
		{
			"id" : "846",
			"name" : "Executive 30 Day - Current Vulnerability Trending by Severity",
			"description" : "This component displays a trend analysis of vulnerabilities discovered over the past 25 days.  Please note that the trend line is configured only to show medium, high, and critical severities.   The data points for this trend analysis are reporting newly discovered vulnerabilities within the last 24 hours.  This allows for the understanding of newly discovered vulnerabilities found each day over the last 25 days."
		},
		{
			"id" : "847",
			"name" : "Executive 30 Day - Current Vulnerability Trending by Type",
			"description" : "This component trend analysis displays vulnerabilities discovered of the past 25 days, and by vulnerability type. The data points for this trend analysis are reporting newly discovered vulnerabilities within the last 24 hours.  This allows for the understanding of newly discovered vulnerabilities found each day over the last 25 days."
		},
		{
			"id" : "848",
			"name" : "Executive 30 Day - Current Vulnerability Asset Summary",
			"description" : "This component shows vulnerability analysis by asset list, displaying a bar for medium, high, and critical severities of each asset.  The data is sorted by the count of critical severities in a descending direction."
		},
		{
			"id" : "849",
			"name" : "Executive 30 Day - Current Asset Vulnerability Breakdown",
			"description" : "This component displays the newly discovered vulnerability count of the top 10 assets.  The counts are vulnerabilities that have been discovered over the past 30 days.  The data is sorted in descending order by the number of critical vulnerabilities."
		},
		{
			"id" : "850",
			"name" : "Executive 30 Day - Exploitable Vulnerability Type Matrix",
			"description" : "The component shows a summary of the exploitable vulnerabilities that have been discovered over the past 30 days. To allow for better understanding of risk, the data is separated by exploit frameworks, Metasploit, Core Impact, Canvas, and malware that are tracked by Tenable Research.\n\nThe first column shows the percentage of vulnerabilities that have public exploits.   The subsequent columns are broken down using the exploit framework.  The cells show the percentage of the exploitable vulnerabilities for each framework.  If 0% is present, then less than 1% of total vulnerabilities are identified and text is green with black text.  If 1% - 10% of vulnerabilities are exploitable by a framework, the cell is black on orange with a ratio-bar.   If 11 - 50% are exploitable by a framework, the cell is white on red with a ratio-bar.   If 51% - 100% are exploitable by a framework, the cell is white on purple with a ratio-bar."
		},
		{
			"id" : "851",
			"name" : "Executive 30 Day - Exploitable Vulnerability Summary by Severity",
			"description" : "This component displays a severity summary of exploitable vulnerabilities discovered over the past 30 days. Please note that the chart is configured only to show medium, high, and critical severities."
		},
		{
			"id" : "852",
			"name" : "Executive 30 Day - Exploitable Vulnerability Trending by Severity",
			"description" : "This component displays a trend analysis of exploitable vulnerabilities discovered over the past 25 days.  Please note that the trend line is configured only to show medium, high, and critical severities.  The data points for this trend analysis are reporting newly discovered exploitable vulnerabilities within the last 24 hours.  This allows for the understanding of newly discovered exploitable vulnerabilities found each day over the last 25 days."
		},
		{
			"id" : "844",
			"name" : "Executive 30 Day - Current Vulnerability Type Matrix",
			"description" : "This component provides a summary of the vulnerabilities discovered within the pasts 30 days.  The rows are separated by severity level.   Columns are sorted by plugin type.  Please note that if your deployment does not use Nessus, PVS, or LCE, some data will show as a 0 quantity, and columns can be removed if necessary."
		},
		{
			"id" : "703",
			"name" : "Executive 7 Day - Mitigated Vulnerability Type Matrix",
			"description" : "The component shows a summary of the remediated vulnerabilities that have been discovered over the past 7 days. To allow for better understanding of risk, the data is separated by exploit frameworks, Metasploit, Core Impact, Canvas, and malware that are tracked by Tenable Research.\n\nThe first column shows the percentage of remediated vulnerabilities that have public exploits.   The subsequent columns are broken down using the exploit framework.  The cells show the percentage of the exploitable vulnerabilities for each framework.  If 0% is present, then less than 1% of total vulnerabilities are identified and text is green with black text.  If 1% - 10% of vulnerabilities are exploitable by a framework, the cell is black on orange with a ratio-bar.   If 11 - 50% are exploitable by a framework, the cell is white on red with a ratio-bar.   If 51% - 100% are exploitable by a framework, the cell is white on purple with a ratio-bar."
		},
		{
			"id" : "545",
			"name" : "Executive Summary - Vulnerability Trend (Medium, High, Critical) last 90 days",
			"description" : "This component contains a trend analysis for medium, high and critical severity vulnerabilities over the past 90 days. This method of analysis allows executives to see how risk to the organization has changed during the previous 90 days."
		},
		{
			"id" : "547",
			"name" : "Executive Summary - Most Vulnerable Hosts",
			"description" : "This component contains a bar chart of the top 10 most vulnerable hosts. The bar chart contains critical, high and medium severity vulnerabilities. The number of critical severities is used to rank the hosts in the chart."
		},
		{
			"id" : "548",
			"name" : "Executive Summary - CVSS Scoring",
			"description" : "This matrix component displays current vulnerabilities by CVSS scores ranging from 10-7, 6.9-5, 4.9-3 and below 2.9."
		},
		{
			"id" : "549",
			"name" : "Executive Summary - Asset Outstanding Patches by Operating System (Medium, Highs and Criticals)",
			"description" : "This component shows a table of the top 10 summary of the most vulnerable assets, sorted by the number of critical severities. Asset lists are dynamically and\/or statically generated lists of IP enabled devices (a.k.a. Assets) within the organization. Assets are commonly static or dynamic, however there are other types such as DNS and LDAP-based assets. Static assets are a predefined set of IP addresses using either a range or subnet boundary as the asset parameter, while dynamic asset lists are created to group common devices together (via rules that use vulnerability data to create a list) for more advanced functions."
		},
		{
			"id" : "550",
			"name" : "Executive Summary - Severity Summary",
			"description" : "This component contains a single pie chart displaying a summary of the vulnerabilities by severity level. The chart is separated in critical, high, medium and low severities."
		},
		{
			"id" : "552",
			"name" : "Executive Summary - Most Vulnerable Networks",
			"description" : "This component contains a bar chart of the top 10 most vulnerable networks. The bar chart contains critical, high and medium severity. The number of critical severities is used to sort the assets in the graph. The network sorting is based on the native class 'C' subnet mask boundary, which is based on masking with 24 bits, and the result is groups of 256 IP addresses."
		},
		{
			"id" : "553",
			"name" : "Executive Summary - CVSS Scoring (Previously Mitigated Items)",
			"description" : "This matrix displays mitigated vulnerabilities by CVSS scores ranging from 10-7, 6.9-5, 4.9-3 and below 2.9."
		},
		{
			"id" : "554",
			"name" : "Executive Summary - Asset Summary by MS Bulletins",
			"description" : "This component is a table showing a top 10 summary of the most vulnerable assets with missing Microsoft Bulletins, sorted by critical severities. The chart indicates all critical, high, and medium severities."
		},
		{
			"id" : "691",
			"name" : "Executive 7 Day - Current Vulnerability Type Matrix",
			"description" : "This component provides a summary of the vulnerabilities discovered within the pasts 7 days.  The rows are separated by severity level.   Columns are sorted by plugin type.  Please note that if your deployment does not use Nessus, PVS, or LCE, some data will show as a 0 quantity, and columns can be removed if necessary."
		},
		{
			"id" : "692",
			"name" : "Executive 7 Day - Current Vulnerability Summary by Severity",
			"description" : "This component displays a severity summary of vulnerabilities discovered over the past 7 days. Please note that the chart is configured only to show medium, high, and critical severities."
		},
		{
			"id" : "693",
			"name" : "Executive 7 Day - Current Vulnerability Trending by Severity",
			"description" : "This component displays a trend analysis of vulnerabilities discovered over the past 7 days.  Please note that the trend line is configured only to show medium, high, and critical severities.   The data points for this trend analysis are reporting newly discovered vulnerabilities within the last 24 hours.  This allows for the understanding of newly discovered vulnerabilities found each day over the last 7 days."
		},
		{
			"id" : "694",
			"name" : "Executive 7 Day - Current Vulnerability Trending by Type",
			"description" : "This component trend analysis displays vulnerabilities discovered of the past 7 days, and by vulnerability type. The data points for this trend analysis are reporting newly discovered vulnerabilities within the last 24 hours.  This allows for the understanding of newly discovered vulnerabilities found each day over the last 7 days."
		},
		{
			"id" : "695",
			"name" : "Executive 7 Day - Current Vulnerability Asset Summary",
			"description" : "This component shows vulnerability analysis by asset list, displaying a bar for medium, high, and critical severities of each asset.  The data is sorted by the count of critical severities in a descending direction."
		},
		{
			"id" : "696",
			"name" : "Executive 7 Day - Current Asset Vulnerability Breakdown",
			"description" : "This component displays the newly discovered vulnerability count of the top 10 assets.  The counts are vulnerabilities that have been discovered over the past 7 days.  The data is sorted in descending order by the number of critical vulnerabilities."
		},
		{
			"id" : "697",
			"name" : "Executive 7 Day - Exploitable Vulnerability Type Matrix",
			"description" : "The component shows a summary of the exploitable vulnerabilities that have been discovered over the past 7 days. To allow for better understanding of risk, the data is separated by exploit frameworks, Metasploit, Core Impact, Canvas, and malware that are tracked by Tenable Research.\n\nThe first column shows the percentage of vulnerabilities that have public exploits.   The subsequent columns are broken down using the exploit framework.  The cells show the percentage of the exploitable vulnerabilities for each framework.  If 0% is present, then less than 1% of total vulnerabilities are identified and text is green with black text.  If 1% - 10% of vulnerabilities are exploitable by a framework, the cell is black on orange with a ratio-bar.   If 11 - 50% are exploitable by a framework, the cell is white on red with a ratio-bar.   If 51% - 100% are exploitable by a framework, the cell is white on purple with a ratio-bar."
		},
		{
			"id" : "698",
			"name" : "Executive 7 Day - Exploitable Vulnerability Summary by Severity",
			"description" : "This component displays a severity summary of exploitable vulnerabilities discovered over the past 7 days. Please note that the chart is configured only to show medium, high, and critical severities."
		},
		{
			"id" : "699",
			"name" : "Executive 7 Day - Exploitable Vulnerability Trending by Severity",
			"description" : "This component displays a trend analysis of exploitable vulnerabilities discovered over the past 7 days.  Please note that the trend line is configured only to show medium, high, and critical severities.  The data points for this trend analysis are reporting newly discovered exploitable vulnerabilities within the last 24 hours.  This allows for the understanding of newly discovered exploitable vulnerabilities found each day over the last 7 days."
		},
		{
			"id" : "700",
			"name" : "Executive 7 Day - Exploitable Vulnerability Trending by Type",
			"description" : "This component trend analysis displays exploitable vulnerabilities discovered in the past 7 days, and by vulnerability type. The data points for this trend analysis are reporting newly discovered exploitable vulnerabilities within the last 24 hours.  This allows for the understanding of newly discovered exploitable vulnerabilities found each day over the last 7 days."
		},
		{
			"id" : "701",
			"name" : "Executive 7 Day - Exploitable Vulnerability Asset Summary",
			"description" : "This component shows an exploitable vulnerability analysis by asset list, displaying a bar for medium, high, and critical severities for each asset.  The data is sorted by the count of critical severities in a descending direction."
		},
		{
			"id" : "702",
			"name" : "Executive 7 Day - Exploitable Asset Vulnerability Breakdown",
			"description" : "This component displays the newly discovered exploitable vulnerability count of the top 10 assets.  The counts are vulnerabilities that have been discovered over the past 7 days."
		},
		{
			"id" : "704",
			"name" : "Executive 7 Day - Mitigated Vulnerability Summary by Severity",
			"description" : "This component displays a severity summary of remediated vulnerabilities discovered over the past 7 days. Please note that the chart is configured only to show medium, high, and critical severities."
		},
		{
			"id" : "705",
			"name" : "Executive 7 Day - Previously Mitigated Vulnerability Trend",
			"description" : "This component displays a trend analysis of previously remediated vulnerabilities discovered over the past 7 days.  Please note that the trend line is configured only to show the medium, high, and critical severities.  The data points for this trend analysis are reporting newly discovered previously remediated vulnerabilities within the last 24 hours.  This allows for the understanding of which vulnerabilities have returned each day over the last 7 days."
		},
		{
			"id" : "706",
			"name" : "Executive 7 Day - Previously Mitigated Vulnerability Trending by Type",
			"description" : "This component trend analysis displays previously mitigated vulnerabilities discovered in the past 7 days, and by vulnerability type. The data points for this trend analysis are reporting the newly discovered previously mitigated vulnerabilities within the last 24 hours.  This allows for the understanding of what new vulnerabilities have returned each day over the last 7 days."
		},
		{
			"id" : "707",
			"name" : "Executive 7 Day - Mitigated Vulnerability Asset Summary",
			"description" : "This component shows a mitigated vulnerability analysis by asset list, displaying a bar for medium, high, and critical severities for each asset.  The data is sorted by the count of critical severities in a descending direction."
		},
		{
			"id" : "708",
			"name" : "Executive 7 Day - Mitigated Asset Vulnerability Breakdown",
			"description" : "This component displays the newly discovered exploitable vulnerability count of the top 10 assets.  The counts are vulnerabilities that have been discovered over the past 7 days.  The data is sorted in descending order by the number of critical vulnerabilities."
		},
		{
			"id" : "566",
			"name" : "Ticket Load",
			"description" : "This component is used to list ticket load for specific users."
		},
		{
			"id" : "565",
			"name" : "This Weeks Tickets",
			"description" : "This table component is used to list recent SecurityCenter tickets."
		},
		{
			"id" : "412",
			"name" : "Mobile Summary - Vulnerable Mobile Devices",
			"description" : "This component contains a matrix with columns for the device count, critical severity, high severity, and medium severity.  The numeric value denotes the device count.  This component uses multiple fields to query the displayed data.  \n\nThe basis of each cell query within the matrix is the 'Model' type. Please note that this field is case sensitive.  As an example, if the model type is set to'ipad', the returned result will be 0.  To ensure the correct values are displayed, use the Analysis > Mobile > Model Summary to view the current device models present.\n\nWhen device models use a common OS over several platforms (for example, Android), an additional filter can be used.  This component illustrates this functionality by combining the 'Model' and 'Serial Number' fields.  The HTC devices have HTC as the serial number prefix, while Samsung has SAMSUNG.  This allows the component to display a more granular data view.  However, all Android based devices don't follow this pattern. Therefore the 'Android' row uses only the 'Model' field as the filter."
		},
		{
			"id" : "409",
			"name" : "Mobile Summary - Device Type Summary Pie Chart",
			"description" : "This component provides a model summary of the managed devices with the MDM solution.  Using the 'Model Summary' tool and sorting devices based on the Model column, the device count is used to create a pie chart that is easy to read and understand.  From a quick glance, the user can understand the number of managed mobile devices."
		},
		{
			"id" : "410",
			"name" : "Mobile Summary - Top 50 Mobile Users",
			"description" : "This component contains a table listing the users with the most mobile devices registered to MDM. The table is based on the 'User Summary' tool, and displays the top 50 users based on the total number of mobile devices.  The sort column is based on the device total count and is sorted in descending order.  The user, low, medium, high, critical, and total columns are displayed."
		},
		{
			"id" : "411",
			"name" : "Mobile Summary - Mobile Device Count, Critical and High Severity Summary",
			"description" : "This component displays a bar chart that includes a device count, critical severity, and high severity. Using the device model as the sort column with a descending sort direction, the component provides an easy to view status of all managed device models, with a bar representing the count of device with critical and high severities."
		},
		{
			"id" : "401",
			"name" : "IAVM High Severity Summary Yr 2013",
			"description" : "This component provides a pie chart of the top 10 high severity IAVM vulnerabilities identified in 2013.  The pie chart is comprised of the host count for total hosts per IAVM Notice Number."
		},
		{
			"id" : "399",
			"name" : "IAVM By Year (25 Day Trend)",
			"description" : "This component displays a 25-day trend analysis IAVMs per year.  Each year starting with 2013 through 2010 has its own line, while all years from 2002 - 2009 share a common line.  The trend is calculated by using the total vulnerabilities on the respective date."
		},
		{
			"id" : "400",
			"name" : "IAVM Indicator by Year",
			"description" : "This indicator style component shows a host count for each severity level for the corresponding year.  The host count is calculated by putting the year in as an IAVM filter and the respective severity level."
		},
		{
			"id" : "402",
			"name" : "IAVM Plugin Family Vulnerabilities for YR 2013",
			"description" : "This component displays a bar chart summary of the IAVM status per plugin family.  The bar chart is also filtered to only display the top 5 plugin families."
		},
		{
			"id" : "403",
			"name" : "IAVM Indicator By Vendor",
			"description" : "This indicator style component provides a correlation between IAVM and software vendor.  Using the CPE and\/or Plugin name fields, SecurityCenter is able to map the IAVM Notice Number (s) to the software vendor and severity level."
		},
		{
			"id" : "398",
			"name" : "IAVM Critical Severity Summary Yr 2013",
			"description" : "This component provides a pie chart of the top 10 critical severity IAVM vulnerabilities identified in 2013.  The pie chart is comprised of the host count for total hosts per IAVM Notice Number."
		},
		{
			"id" : "348",
			"name" : "Ticket Overview - Assignee Summary",
			"description" : "Assignee Summary Table displays the current statistics for each user with ticket entries"
		},
		{
			"id" : "346",
			"name" : "Ticket Overview - Tickey Status Summary Last 30 Days",
			"description" : "Status summary of tickets created in the last 30 days."
		},
		{
			"id" : "347",
			"name" : "Ticket Overview - Ticket Classification Summary - Last 30 Days",
			"description" : "Classification summary of tickets created in the last 30 days."
		},
		{
			"id" : "349",
			"name" : "Ticket Overview - List of Tickets",
			"description" : "The 'List of Tickets' table displays tickets with more detail, including name, assignee, status, classification and modified date\/time"
		}
	],
	"error_code" : 0,"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1414182980
}

/dashboardTemplate/{id}

Methods
GET

Gets the Dashboard Template associated with {id}.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

**id
*name
*description
summary
type
category
definition
componentType
suggestedNumColumns
suggestedColumnWidths
enabled
minUpgradeVersion
templatePubTime
templateModTime
templateDefModTime
definitionModTime
createdTime
modifiedTime
tags
requirements
components

Legend

* = always comes back

** = comes back if fields list not specified on GET all
Expand Parameters

components

Request Parameters

None

Example Response
Expand
{
	"type" : "regular",
	"response" : {
		"id" : "1574",
		"name" : "FTI Security Guidelines",
		"description" : "The most recent version of IRS Publication 1075 - Tax Information Security Guidelines for Federal, State, and Local Agencies took effect on January 1, 2014, and provides thorough guidance for organizations that deal with Federal Taxpayer Information (FTI). Not only does Publication 1075 outline the technical and physical security requirements, but it also details incident response and data disclosure requirements. According to Publication 1075, the FTI guidelines not only apply to the organization receiving FTI; they also apply to contractors or consolidated data centers that may come into contact with the FTI as well. This means that organizations need to take a comprehensive approach to securing this sensitive information.\n\nThis dashboard focuses on IRS Publication 1075. Tenable's SecurityCenter Continuous View (SC CV) is the market-defining continuous network monitoring platform, which includes active vulnerability detection with Nessus, passive vulnerability detection with the Passive Vulnerability Scanner (PVS), and log correlation with the Log Correlation Engine (LCE). SC CV assists organizations in discovering compliance and vulnerability concerns on the network, assessing their impact, reporting on the results, and taking action to remediate issues. SC CV provides the tools that state and local government agencies can use to meet and demonstrate FTI compliance.\n\nIRS Publication 1075 is largely based on the standard NIST Special Publication 800-53, but with special considerations for additional sensitive information. Tenable Network Security has extensive expertise in helping customers meet the requirements of NIST Special Publication 800-53, and as a result, the SC CV solution is well suited for meeting IRS Publication 1075 requirements as well.",
		"summary" : "IRS Publication 1075 - Tax Information Security Guidelines for Federal, State, and Local Agencies, 2014 edition, provides thorough guidance for organizations that deal with Federal Taxpayer Information (FTI). Tenable's SecurityCenter Continuous View (SC CV) assists organizations in discovering compliance and vulnerability concerns on the network, assessing their impact, reporting on the results, and taking action to remediate issues. SC CV provides the tools that state and local government agencies can use to meet and demonstrate FTI compliance.",
		"type" : "collection",
		"suggestedNumColumns" : "3",
		"suggestedColumnWidths" : "33,34,33",
		"enabled" : "true",
		"minUpgradeVersion" : "4.8.1",
		"templatePubTime" : "1414009276",
		"templateModTime" : "1414009276",
		"templateDefModTime" : "1414009276",
		"definitionModTime" : "1414049413",
		"createdTime" : "1414049413",
		"modifiedTime" : "1414049413",
		"tags" : [
			"anomalies",
			"compliance",
			"dlp",
			"fti",
			"mitigated",
			"network",
			"vulnerabilities"
		],
		"requirements" : [
			{
				"requirement" : "lce",
				"value" : "4.4.0 : "
			},
			{
				"requirement" : "nessus",
				"value" : "5.2.7 : "
			},
			{
				"requirement" : "pvs",
				"value" : "4.0.2 : "
			}
		],
		"components" : [
			{
				"id" : "786",
				"name" : "Vulnerability Top Ten - Top 10 Remediations",
				"description" : "This table displays the top 10 remediations for the network. For each remediation, the risk reduction for the network if the remediation is implemented is shown, along with the number of hosts affected. The list is sorted so that the highest risk reduction is at the top of the list. Implementing the remediations will decrease the vulnerability of the network.",
				"order" : "1",
				"column" : "1"
			},
			{
				"id" : "789",
				"name" : "Vulnerability Top Ten - Top 10 Exploitable Vulnerabilities",
				"description" : "This table displays the top 10 exploitable vulnerabilities on the network. The list is sorted so that the most critical vulnerability is at the top of the list. For each vulnerability, the severity and the number of hosts affected is shown.\n\nThis will be helpful for those getting started with SecurityCenter",
				"order" : "1",
				"column" : "2"
			},
			{
				"id" : "787",
				"name" : "Vulnerability Top Ten - Top 10 Most Vulnerable Hosts",
				"description" : "This table displays the 10 hosts on the network that have the greatest number of exploitable critical and high severity vulnerabilities. The list is sorted so that the most vulnerable host is at the top of the list. For each host, a bar graph of its critical and high severity vulnerabilities are shown.",
				"order" : "1",
				"column" : "3"
			},
			{
				"id" : "1100",
				"name" : "Track Mitigation Progress - Vulnerability Summary by Severity",
				"description" : "SecurityCenter records when vulnerabilities are discovered, when patches are issued, and when vulnerabilities are mitigated. This component assists in tracking vulnerability mitigations. \n\nThe matrix presents vulnerability summary information by severity. In the matrix, the row with purple is critical severity vulnerability information, the row with red is high severity, the row with orange is medium severity, and the row with blue is low severity. The Mitigated column displays the total number of mitigated vulnerabilities. The Unmitigated column displays the total number of vulnerabilities that have not yet been mitigated. The Exploitable column displays the percentage of those unmitigated vulnerabilities that are known to be exploitable. The Patch Available column displays the percentage of the unmitigated, exploitable vulnerabilities that have had a patch available for more than 30 days. Ideally, both of these percentages should be 0%, because all exploitable vulnerabilities and all vulnerabilities with patches available should have been mitigated already. The Exploitable Hosts column displays the number of hosts on the network that have unmitigated, exploitable vulnerabilities.\n\nThe Common Vulnerability Scoring System (CVSS) is an open industry standard for assessing the severity of computer system security vulnerabilities; it attempts to establish a measure of how much concern a vulnerability warrants, compared to other vulnerabilities, so efforts can be prioritized. The Tenable severity levels correspond to the CVSS scores as follows :  Critical severity = CVSS score 10.0, High = 9.9-7.0, Medium = 6.9-4.0, and Low = 3.9-0.0.",
				"order" : "2",
				"column" : "1"
			},
			{
				"id" : "1102",
				"name" : "Detect Changes - Changes in Last 72 Hours",
				"description" : "This component assists in maintaining up-to-date inventories and detecting changes. The matrix presents indicators for network changes detected in the last 72 hours. Each indicator is based on one or more Log Correlation Engine (LCE) events; the indicator is highlighted yellow if the event occurred in the last 72 hours.\n\n - New Host - New MAC address was detected on network.\n - New Wireless Host - New wireless MAC address was detected on network.\n - New Login - A user has logged into a new host (and\/or a new account type on a host) for the first time, or a user has logged into a host from a new location for the first time.\n - New User - New user was detected on network.\n - User Added - A log was detected indicating a user account was added.\n - User Removed - A log was detected indicating a user account was removed or disabled.\n - User Change - A log was detected indicating a change to a user account.\n - New Software - A log was detected indicating that software was installed.\n - Software Removed - A log was detected indicating that software was uninstalled.\n - App Change - A log was detected indicating a change to an application.\n - Database Change - A log was detected indicating a change to a database.\n - File\/Dir Change - A file or directory modification was detected.\n - Sched. Task Change - A scheduled task modification was detected.\n - Server Change - A log was detected indicating a change in a server.\n - Firewall Change - A log was detected indicating a change in a firewall.\n - Network Change - A log was detected indicating a change in the network.\n - Device Change - A log was detected indicating a change in a device.\n - Router Change - A log was detected indicating a change in a router.\n - Switch Change - A log was detected indicating a change in a switch.\n - New Website - A new website hosted on an existing web server was detected.\n - New Connection - A new trust relationship, external connection, and\/or Internet connection was detected.\n - New Open Port - A new open port was detected.\n - Change Spike - A large number of changes, compared to previous change event rates, were detected. If unexpected, this might indicate unauthorized or malicious activity.\n\nAny changes should be investigated to determine if they are authorized. More information can be obtained on these events (such as change details, time, and IP address) by clicking on the specific indicator in the dashboard component and viewing the raw syslog.\n\nNote that some of these events rely on PVS detections being forwarded to the LCE. Make sure that the PVS is configured to send syslog messages to the LCE :  in Configuration > PVS Settings > Syslog, include the LCE host (with port 514) in the Realtime Syslog Server List. The LCE listens for syslog messages by default.",
				"order" : "2",
				"column" : "2"
			},
			{
				"id" : "1572",
				"name" : "Compliance Summary - FTI Security Guidelines 9.3.1 - 9.3.10",
				"description" : "This matrix provides a sense of how the network complies with the security guidelines in IRS Publication 1075. Sections from the Computer System Security chapter of the Publication are listed. For each section, the equivalent NIST 800-53 controls are displayed, along with the number of network systems that were audited against these controls, and ratio bars for the percentage of these compliance checks that either passed (green bar), failed (red bar), or require manual verification (orange bar). Since the Publication specifically mentions the equivalent NIST 800-53 controls, the displayed information will give a good sense of how the network complies with the security guidelines in IRS Publication 1075.",
				"order" : "2",
				"column" : "3"
			},
			{
				"id" : "1103",
				"name" : "Monitor Security Solutions - Activity in Last 72 Hours",
				"description" : "This component assists in monitoring security solutions. The matrix presents activity indicators for various security solutions :  Firewall, IDS, Antivirus, Antispam, and Anti-scanning. This component assumes that if log events were received in the last 72 hours from a particular technology, then that technology is active on the network, so the indicator is highlighted green. Further investigation is warranted if a protection technology should be active, but no events are being received.",
				"order" : "3",
				"column" : "1"
			},
			{
				"id" : "1570",
				"name" : "Detect Suspicious Activity - Alerts in Last 72 Hours",
				"description" : "This matrix presents warning indicators for potentially suspicious network activity detected in the last 72 hours. Each indicator is based either on one or more Log Correlation Engine (LCE) events, or on active or passive vulnerability detections. The indicator is highlighted red if the event occurred in the last 72 hours.\n\n- Targeted Intrusion - An intrusion attack was detected that targeted systems and ports likely to be exploited by the detected attack \n- Botnet Activity - Traffic to or from a known malicious IP address was detected\n- Botnet Vulns - Botnet activity was actively detected\n- Data Leak - Potential data leakage was detected\n- Malware Vulns - Malware was actively or passively detected\n- Malicious Process - A malicious process was actively detected\n- Malicious Content - Malicious hosted web content was actively detected\n- Bad AutoRuns - Windows AutoRun and scheduled task registry entries known to be associated with malware were actively detected\n- Long-Term - Potentially suspicious activity occurring over a long period of time was detected\n- Crowd Surge - A large number of local hosts visiting the same server was detected\n- Long TCP - A TCP session lasting more than a day was detected\n- Large Xfr TCP - A TCP session which transferred more than 1GB was detected\n\nAny warnings should be further investigated. More information can be obtained on these events (such as details, time, and IP address) by clicking on the specific indicator and viewing the raw syslog (for events) or the detailed vulnerability list (for vulnerabilities). \n\nNote that some of these events rely on PVS detections being forwarded to the LCE. Make sure that the PVS is configured to send syslog messages to the LCE :  in Configuration > PVS Settings > Syslog, include the LCE host (with port 514) in the Realtime Syslog Server List. The LCE listens for syslog messages by default.",
				"order" : "3",
				"column" : "2"
			},
			{
				"id" : "1573",
				"name" : "Compliance Summary - FTI Security Guidelines 9.3.11 - 9.3.17",
				"description" : "This matrix provides a sense of how the network complies with the security guidelines in IRS Publication 1075. Sections from the Computer System Security chapter of the Publication are listed. For each section, the equivalent NIST 800-53 controls are displayed, along with the number of network systems that were audited against these controls, and ratio bars for the percentage of these compliance checks that either passed (green bar), failed (red bar), or require manual verification (orange bar). Since the Publication specifically mentions the equivalent NIST 800-53 controls, the displayed information will give a good sense of how the network complies with the security guidelines in IRS Publication 1075.",
				"order" : "3",
				"column" : "3"
			},
			{
				"id" : "1021",
				"name" : "SEC Risk Alert - Potential Data Loss",
				"description" : "This matrix displays various indications of potential for data leakage and loss. Red indicators signify that activity of high severity has occurred. Green indicators signify that activity that has the potential for data loss has occurred and further investigation may be warranted.",
				"order" : "4",
				"column" : "1"
			},
			{
				"id" : "1571",
				"name" : "Detect Suspicious Activity - Spikes in Last 72 Hours",
				"description" : "This matrix presents warning indicators for potentially suspicious spikes in network activity detected in the last 72 hours. Each indicator is based on one or more Log Correlation Engine (LCE) events. The indicator is highlighted red if the event occurred in the last 72 hours.\n\n- Firewall Spike - A large number of firewall events, compared to previous event rates, were detected\n- Intrusion Spike - A large number of intrusion events, compared to previous event rates, were detected\n- Virus Spike - A large number of virus events, compared to previous event rates, were detected\n- Scanning Spike - A large number of scanning events (port scans, port sweeps, and probes), compared to previous event rates, were detected\n- Botnet Spike - A large number of threatlist events (traffic to or from known malicious IP addresses), compared to previous event rates, were detected\n- Process Spike - A large number of process events (such as process starts, stops, and crashes), compared to previous event rates, were detected\n- Auth Spike - A large number of login events, compared to previous event rates, were detected\n- Auth Fail Spike - A large number of login failure events, compared to previous event rates, were detected\n- File Access Spike - A large number of remote file access events (such as FTP and SMB transfers, and e-mail attachments), compared to previous event rates, were detected \n- Access Denied Spike - A large number of access denied events (attempts to retrieve objects, files, network shares and other resources that are denied), compared to previous event rates, were detected\n- Web Access Spike - A large number of web access events (successful connections to web resources), compared to previous event rates, were detected\n- Web Error Spike - A large number of web error events (web access events that are denied because the file does not exist, the server responded with an error, or a firewall or web application firewall blocked the access), compared to previous event rates, were detected\n- DNS Spike - A large number of DNS events, compared to previous event rates, were detected\n- Network Spike - A large number of network events, compared to previous event rates, were detected\n- NetFlow Spike - A large number of NetFlow events (detected by the Tenable NetFlow Monitor (TFM)), compared to previous event rates, were detected\n- Connect Spike - A large number of connection events (such as allowed connections through firewalls and established VPN sessions), compared to previous event rates, were detected\n\nAny warnings should be further investigated. More information can be obtained on these events (such as details, time, and IP address) by clicking on the specific indicator and viewing the raw syslog. \n\nNote that some of these events rely on PVS detections being forwarded to the LCE. Make sure that the PVS is configured to send syslog messages to the LCE :  in Configuration > PVS Settings > Syslog, include the LCE host (with port 514) in the Realtime Syslog Server List. The LCE listens for syslog messages by default.",
				"order" : "4",
				"column" : "2"
			}
		],
		"category" : {
			"id" : "5",
			"name" : "Compliance & Configuration Assessment",
			"description" : "Aid with configuration, change and compliance management."
		}
	},
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1414182834
}

/dashboardTemplate/{templateID}/image

Methods
GET

Gets the Dashboard Template image associated with template {templateID}

NOTE: This endpoint is handled before token validation.

Request Query Parameters

None

Example Response

None given. The response will be a raw png file containing the requested Dashboard Template image.

/dashboardTemplate/categories

Methods
GET

Gets the list of Dashboard Template categories

Request Query Parameters

None

Example Response
Expand
{
	"type" : "regular",
	"response" : [
		{
			"id" : "1",
			"name" : "Threat Detection & Vulnerability Assessments",
			"description" : "Aid with identifying vulnerabilities and potential threats.",
			"collectionCount" : "74",
			"collectionStatus" : "new",
			"componentCount" : "388",
			"componentStatus" : "new"
		},
		{
			"id" : "2",
			"name" : "Monitoring",
			"description" : "Provide intrusion monitoring, alerting and analysis.",
			"collectionCount" : "48",
			"collectionStatus" : "new",
			"componentCount" : "305",
			"componentStatus" : "new"
		},
		{
			"id" : "3",
			"name" : "Security Industry Trends",
			"description" : "Influenced by trends, reports, and analysis from industry leaders.",
			"collectionCount" : "15",
			"collectionStatus" : "new",
			"componentCount" : "90",
			"componentStatus" : "new"
		},
		{
			"id" : "4",
			"name" : "Executive",
			"description" : "Provide operational insight and metrics geared towards executives.",
			"collectionCount" : "11",
			"collectionStatus" : "new",
			"componentCount" : "70",
			"componentStatus" : "new"
		},
		{
			"id" : "5",
			"name" : "Compliance & Configuration Assessment",
			"description" : "Aid with configuration, change and compliance management.",
			"collectionCount" : "48",
			"collectionStatus" : "new",
			"componentCount" : "288",
			"componentStatus" : "new"
		},
		{
			"id" : "6",
			"name" : "Discovery & Detection",
			"description" : "Aid in trust identification,rogue detection, and new device discovery.",
			"collectionCount" : "21",
			"collectionStatus" : "new",
			"componentCount" : "113",
			"componentStatus" : "new"
		}
	],
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1413925223
}