Tenable Security Center API: Director System

This API resource is only usable in Tenable.sc Director.

/mgmt/system/logFiles

Methods
GET

Gets the list of log files on a linked Tenable.sc Instance that are available to the user

Request Parameters
Expand
1
2
{
    "sciID": <number>}
Example Response for Admins
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
{
    "type": "regular",
    "response": [
        {
            "organization": {
                "id": 0,
                "name": "Application",
                "description": ""           },
            "basenames": [
                "202106"            ]
        },
        {
            "organization": {
                "id": "1",
                "name": "Child Org",
                "description": ""           },
            "basenames": [
                "202106"            ]
        }
    ],
    "error_code": 0,
    "error_msg": "",
    "warnings": [],
    "timestamp": 1624370508
}
Example Response for Security Managers
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
{
    "type": "regular",
    "response": [
        {
            "basenames": [
                "202106"            ]
        }
    ],
    "error_code": 0,
    "error_msg": "",
    "warnings": [],
    "timestamp": 1624371093
}

/mgmt/system/logs

Methods
POST

Returns the available log messages on a linked Tenable.sc Instance, based on user permissions and the query filters

Request Parameters
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
{
    "sciID": <number>,
    "date" : scLog basename (eg. "201412") | "all",
    "query": {
        "startOffset" : <number>,
        "endOffset" : <number>,
        "filters" : [
            {
                "filterName" : "keywords",
                "operator" : "=",
                "value" : <string>            },
            {
                "filterName" : "severity",
                "value" : {
                    "id" : <number> [0-2],
                    "operator" : "=",
                    "name":"INFO|WARNING|CRITICAL"              }
            },
            {
                "filterName" : "module",
                "operator" : "=",
                "value" : <string> (eg. "auth")
            },
            {
                "filterName" : "organization",
                "value" : {
                    "id" : <number>               }
            }
        ]
    }
}
Example Response
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
{
   "type": "regular",
    "response": {
        "skip": [],
        "totalRecords": 56,
        "endOffset": 3,
        "results": [
            {
                "rawLog": "Tue, 22 Jun 2021 10:20:28 -0400|qahead|auth|INFO|Successful logout for 'qahead'.\n",
                "organization": {
                    "id": "1",
                    "name": "Child Org",
                    "description": ""                },
                "message": "Successful logout for 'qahead'.",
                "severity": {
                    "id": "0",
                    "name": "INFO",
                    "description": "Information"                },
                "module": "auth",
                "source": "qahead",
                "date": "Tue, 22 Jun 2021 10:20:28 -0400"            },
            {
                "rawLog": "Tue, 22 Jun 2021 09:20:01 -0400|qahead|policy|INFO|' [qahead]' deleted organization policy 'Basic Policy' (id #1000002).\n",
                "organization": {
                    "id": "1",
                    "name": "Child Org",
                    "description": ""                },
                "message": "' [qahead]' deleted organization policy 'Basic Policy' (id #1000002).",
                "severity": {
                    "id": "0",
                    "name": "INFO",
                    "description": "Information"                },
                "module": "policy",
                "source": "qahead",
                "date": "Tue, 22 Jun 2021 09:20:01 -0400"            },
            {
                "rawLog": "Tue, 22 Jun 2021 09:18:08 -0400|qahead|policy|INFO|' [qahead]' created organization policy 'Basic Policy' (id #1000002).\n",
                "organization": {
                    "id": "1",
                    "name": "Child Org",
                    "description": ""                },
                "message": "' [qahead]' created organization policy 'Basic Policy' (id #1000002).",
                "severity": {
                    "id": "0",
                    "name": "INFO",
                    "description": "Information"                },
                "module": "policy",
                "source": "qahead",
                "date": "Tue, 22 Jun 2021 09:18:08 -0400"            }
        ]
    },
    "error_code": 0,
    "error_msg": "",
    "warnings": [],
    "timestamp": 1624372254
}