Tenable Security Center API: Asset Template

 

/assetTemplate

Methods
GET

Gets the list of AssetTemplates.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

**id
*name
*description
summary
type
category
definition
assetType
enabled
minUpgradeVersion
templatePubTime
templateModTime
templateDefModTime
definitionModTime
createdTime
modifiedTime
tags
requirements
assetTemplates

Legend

* = always comes back

** = comes back if fields list not specified on GET all

redFont =  field is a JSON object e.g. "repository" :{ "id" : <id>, "name" : <name> } )

Expand Parameters

assetTemplates

Request Parameters
Expand

NOTE #1: Pseudo Category "0" (recent) is currently not supported

NOTE #2: The searchString parameter takes in a space-separated set of keywords/phrases (in parenthesis) and builds a fuzzy match based on them. For excluding a keyword/phrase, is preceded by a '-'. Example:

	"searchString" : "audit" -"SCAP" ..."

Parameters must be passed in as query string (as opposed to JSON) in the format of: /assetTemplate?categoryID="1"&...

{
	"categoryID" : <number> "1" (OS) | "2" (Client Applications) | "3" (Server Applications) | "4" (Virtual Technology) | "5" (Infrastructure Technology) | "6" (Vulnerabilities) | "7" (Compliance) | "8" (Device Behavior) | "9" (Collected Data) DEFAULT "" (All Categories),
	"searchString" : <string> (Search String Format. See NOTE#2) DEFAULT ""
	"startOffset" : <number> (Positive Integer) DEFAULT "0",
	"endOffset" : <number> (Integer > startOffset) DEFAULT NOT_SET (all results)
}
Example Response
Expand
{
	"type" : "regular",
	"response" : [
		{
			"id" : "420",
			"name" : "Helpful Assets for Getting Started",
			"description" : "This collection of assets are some of the most common assets and can be useful when getting started using Tenable.sc.  The collection contains several assets related to networking, operating systems, collected data, and various enterprise applications."
		},
		{
			"id" : "421",
			"name" : "Networking Equipment",
			"description" : "This asset collection contains many of the assets related to network equipment or network protocol usage.  Some example assets included are Cisco, Juniper, Enterasys, and other devices such as load balancers."
		},
		{
			"id" : "22",
			"name" : "Linux\/Unix Operating Systems",
			"description" : "Asset lists used to group different distribution of Linux and Unix operating systems.\n\nThis will be helpful for those getting started with Tenable.sc."
		},
		{
			"id" : "20",
			"name" : "Windows Collection",
			"description" : "Asset lists used to group windows and related related vulnerabilities.\n\nThis will be helpful for those getting started with Tenable.sc."
		}
	],
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1416247907
}

/assetTemplate/{id}

Methods
GET

Gets the AssetTemplate associated with {id}.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

**id
*name
*description
summary
type
category
definition
assetType
enabled
minUpgradeVersion
templatePubTime
templateModTime
templateDefModTime
definitionModTime
createdTime
modifiedTime
tags
requirements
assetTemplates

Legend

* = always comes back

** = comes back if fields list not specified on GET all

redFont =  field is a JSON object e.g. "repository" :{ "id" : <id>, "name" : <name> } )

Expand Parameters

assetTemplates

Request Parameters

None

Example Response
Expand
{
	"type" : "regular",
	"response" : {
		"id" : "5",
		"name" : "Bad Credentials",
		"description" : "The Nessus scanner testing the remote host has been given SMB credentials to log into the remote host,
		 however these credentials do not have administrative privileges.  Local security checks have been disabled for this host because either the credentials supplied in the scan policy did not allow Nessus to log into it or some other problem occurred.\n\nThis will be helpful for those getting started with Tenable.sc.",
		"summary" : "The Nessus scanner testing the remote host has failed.",
		"type" : "asset",
		"definition" : {
			"rules" : {
				"operator" : "any",
				"children" : [
					{
						"filterName" : "pluginid",
						"operator" : "eq",
						"value" : "21745",
						"pluginIDConstraint" : "-1",
						"type" : "clause"
					},
					{
						"filterName" : "pluginid",
						"operator" : "eq",
						"value" : "24786",
						"pluginIDConstraint" : "-1",
						"type" : "clause"
					}
				],
				"type" : "group"
			},
			"assetDataFields" : []
		},
		"assetType" : "dynamic",
		"enabled" : "true",
		"minUpgradeVersion" : "4.7.0",
		"templatePubTime" : "1375243201",
		"templateModTime" : "1391634244",
		"templateDefModTime" : "1375446899",
		"definitionModTime" : "1413553807",
		"createdTime" : "1413553807",
		"modifiedTime" : "1413553807",
		"tags" : [
			"credentials",
			"failed",
			"getting started",
			"login",
			"password",
			"training",
			"unauthorized"
		],
		"requirements" : [
			{
				"requirement" : "localChecks",
				"value" : ""
			},
			{
				"requirement" : "nessus",
				"value" : "5.2 : "
			}
		],
		"category" : {
			"id" : "9",
			"name" : "Collected Data",
			"description" : "Identify devices that have collected system configuration data such as patch level and user credentials."
		}
	},
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1416247491
}

/assetTemplate/categories

Methods
GET

Gets the list of Asset Template categories

Request Query Parameters

None

Example Response
Expand
{
	"type":"regular",
	"response":[
		{
			"id":"1",
			"name":"OS",
			"description":"Use plugins, CPE strings, and\/or other mechanisms to identify common operating systems.",
			"count":"124",
			"status":""
		},
		{
			"id":"2",
			"name":"Client Applications",
			"description":"Identify systems with client centric applications installed.",
			"count":"48",
			"status":""
		},
		{
			"id":"3",
			"name":"Server Applications",
			"description":"Identify systems with server centric applications such as database services, email services, and directory services.",
			"count":"31",
			"status":""
		},
		{
			"id":"4",
			"name":"Virtual Technology",
			"description":"Identify systems with virtualization technology or virtual management applications installed.",
			"count":"9",
			"status":""
		},
		{
			"id":"5",
			"name":"Infrastructure Technology",
			"description":"Identify systems that are used for network communications infrastructure such as routers, switches, and access points.",
			"count":"42",
			"status":""
		},
		{
			"id":"6",
			"name":"Vulnerabilities",
			"description":"Identify devices or applications based on the presence of a specified severity and\/or vulnerability.",
			"count":"9",
			"status":""
		},
		{
			"id":"7",
			"name":"Compliance",
			"description":"Identify devices that have been checked for compliance against a specific audit file.",
			"count":"25",
			"status":""
		},
		{
			"id":"8",
			"name":"Device Behavior",
			"description":"Identify devices that share common traffic patterns and\/or open ports.",
			"count":"31",
			"status":""
		},
		{
			"id":"9",
			"name":"Collected Data",
			"description":"Identify devices that have collected system configuration data such as patch level and user credentials.",
			"count":"111",
			"status":""
		}
	],
	"error_code":0,
	"error_msg":"",
	"warnings":[],
	"timestamp":1416249497
}