Tenable Security Center API: Director Scan Policy

This API resource is only available for administrators in Tenable.sc Director.

/mgmt/policy

Methods
GET

Gets the list of Scan Policies for the specified SCI linked to Director or all SCIs if no parameter is specified.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
*uuid
**name
**description
**orgUUID
**status
**SCI
sciPolicyID
policyTemplateID
creatorUUID
ownerUUID
context
tags
createdTime
modifiedTime
generateXCCDFResults
preferences
families
organization

Legend

* = always comes back
** = comes back if fields list not specified

red = field is a JSON object e.g. "SCI" : {"id" : "2", "name" : "SCI Name", "description" : "Description"} )

Request Parameters
Expand

Parameters can be passed in as a query string if specified in the format of: /mgmt/policy?sciID=<id> or in the request as JSON.

Optional

1
2
{
    "sciID" : <number>}
Example Response
Expand

No query parameters specified to get all SCI Scan Policies.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
{
    "error_code": 0,
    "error_msg": "",
    "response": [
        {
            "id": "2",
            "uuid": "6821F741-EF4C-46BA-98AA-E1CD93456220",
            "name": "Basic Scan Policy",
            "description": "",
            "orgUUID": "00000000-0000-0000-0000-000000000000",
            "status": "0",
            "SCI": {
                "id": "2",
                "name": "SCI 1",
                "description": ""            }
        },
        {
            "id": "5",
            "uuid": "09698C92-B1A2-4526-BA9F-4B4A6B0F81BE",
            "name": "Advanced Scan Policy",
            "description": "",
            "orgUUID": "00000000-0000-0000-0000-000000000000",
            "status": "0",
            "SCI": {
                "id": "3",
                "name": "SCI 1"                "description": ""            }
        }
    ],
    "timestamp": 1643230109,
    "type": "regular",
    "warnings": []
}

Query parameter specified for SCI #3: /mgmt/policy?sciID=3

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
{
    "error_code": 0,
    "error_msg": "",
    "response": [
        {
            "id": "5",
            "uuid": "09698C92-B1A2-4526-BA9F-4B4A6B0F81BE",
            "name": "Advanced Scan Policy",
            "description": "",
            "orgUUID": "00000000-0000-0000-0000-000000000000",
            "status": "0",
            "SCI": {
                "id": "3",
                "name": "SCI 1"                "description": ""            }
        }
    ],
    "timestamp": 1643230109,
    "type": "regular",
    "warnings": []
}
POST

Adds a Scan Policy to the specified SCI.

NOTE: To specify a mixed Plugin Family, the plugins field must be present; otherwise, the family type defaults to enabled.

Request Parameters
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
{
    "name" : <string>,
    "description" : <string> DEFAULT "",
    "sciID" : <number>,
    "tags" : <string> DEFAULT "",
    "preferences" : [
        <string:name> : <string:value>...
    ] DEFAULT [],
    "auditFiles" : [
        {
            "id" : <number>        }...
    ] DEFAULT [],
    "policyTemplate" : {
        "id" : <number>    },
    "generateXCCDFResults" : <string> "false" | "true" DEFAULT "false"}

policyTemplate ID "1" (Advanced Scan Template) or "25" (Advanced Agent Scan Template) 

1
2
3
4
5
6
7
8
9
10
11
...
    "families" : [
        {
            "id" : <number>,
            "plugins" : [
                {
                    "id" : <number>               }...
            ] OPTIONAL (must be specified to effect a "mixed" Plugin Family type)
        }...
    ] DEFAULT []
...
Example Response
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
{
    "type": "regular",
    "response": {
        "id": "5",
        "uuid": "09698C92-B1A2-4526-BA9F-4B4A6B0F81BE",
        "name": "Advanced Scan Policy",
        "description": "",
        "orgUUID": "00000000-0000-0000-0000-000000000000",
        "sciPolicyID": "2",
        "policyTemplateID": "1",
        "creatorUUID": "B87BBF5A-00DD-4CAE-887F-D63F5363E136",
        "ownerUUID": null,
        "context": "",
        "tags": "",
        "status": "0",
        "createdTime": "1646752467",
        "modifiedTime": "1646752467",
        "generateXCCDFResults": "false",
        "preferences": {
            "preference1": "value1",
            "preference2": "value2"     },
        "families": [
            {
                "familyID": "1",
                "type": "enabled",
                "name": "Red Hat Local Security Checks"         },
            {
                "familyID": "35",
                "type": "enabled",
                "name": "Backdoors",
                "plugins": [
                    {
                        "pluginID": "10132",
                        "name": "Kuang2 the Virus Detection",
                        "description": "Kuang2 the Virus was found...",
                        "type": "active"                    }
                ]
            }
        ]
        "SCI": {
            "id": "3",
            "name": "SCI 2",
            "description": ""       },
        "organization": {
            "id": "0",
            "name": "Administrator",
            "description": ""       }
    },
    "error_code": 0,
    "error_msg": "",
    "warnings": [],
    "timestamp": 1615928574
}


/mgmt/policy/{id}

/mgmt/policy/{uuid}

Methods
GET

Gets the SCI Scan Policy associated with {id} or {uuid} on Director.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
*uuid
**name
**description
**orgUUID
**status
**SCI
**sciPolicyID
**policyTemplateID
**creatorUUID
**ownerUUID
**context
**tags
**createdTime
**modifiedTime
**generateXCCDFResults
**preferences
**families
**organization

Legend

* = always comes back
** = comes back if fields list not specified

red = field is a JSON object e.g. "SCI" : {"id" : "2", "name" : "SCI Name", "description" : "Description"} )

Request Parameters

None

Example Response
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
{
    "type": "regular",
    "response": {
        "id": "5",
        "uuid": "09698C92-B1A2-4526-BA9F-4B4A6B0F81BE",
        "name": "Advanced Scan Policy",
        "description": "",
        "orgUUID": "00000000-0000-0000-0000-000000000000",
        "sciPolicyID": "2",
        "policyTemplateID": "1",
        "creatorUUID": "B87BBF5A-00DD-4CAE-887F-D63F5363E136",
        "ownerUUID": null,
        "context": "",
        "tags": "",
        "status": "0",
        "createdTime": "1646752467",
        "modifiedTime": "1646752467",
        "generateXCCDFResults": "false",
        "preferences": {
            "preference1": "value1",
            "preference2": "value2"     },
        "families": [
            {
                "familyID": "1",
                "type": "enabled",
                "name": "Red Hat Local Security Checks"         },
            {
                "familyID": "35",
                "type": "enabled",
                "name": "Backdoors",
                "plugins": [
                    {
                        "pluginID": "10132",
                        "name": "Kuang2 the Virus Detection",
                        "description": "Kuang2 the Virus was found...",
                        "type": "active"                    }
                ]
            }
        ]
        "SCI": {
            "id": "3",
            "name": "SCI 2",
            "description": ""       },
        "organization": {
            "id": "0",
            "name": "Administrator",
            "description": ""       }
    },
    "error_code": 0,
    "error_msg": "",
    "warnings": [],
    "timestamp": 1615928574
}
DELETE

Deletes the Scan Policy associated with {id} or {uuid} on Director.

Request Parameters

None

Example Response
Expand
1
2
3
4
5
6
7
8
{
    "type" : "regular",
    "response" : "",
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1408733643
}