/hosts
Methods
Gets the list of Hosts identified from all scan results that are on T.sc.
Fields Parameter
![](images/icons/grey_arrow_down.png)
The fields parameter should be specified along the query string, and it takes the syntax
?fields=<field>,...
The limit parameter should be an integer greater than 0
?limit=<number>,...
The startOffset parameter should an integer greater than 0
?startOffset=<number>,...
The endOffset parameter should an integer greater than 0
?endOffset=<number>,...
The pagination parameter should a boolean
?pagination=<boolean>,..
Allowed Fields
**id
**uuid
*tenableUUID
*name
*ipAddress
*os
*firstSeen
*lastSeen
macAddress
source
repID
netBios
netBiosWorkgroup
createdTime
modifiedTime
acr
aes
Legend
* = always comes back
** = comes back if fields list not specified on GET all
red = field is a JSON object ( e.g. "SCI" : {"id" : "2", "name" : "SCI Name", "description" : "Description"} )
Example Response
![](images/icons/grey_arrow_down.png)
{ "type": "regular", "response": [ { "id": "154", "uuid": "68262460-941b-4762-906e-47298f79911e", "tenableUUID": "58bd0909-f66d-4248-8c20-2501b208bb65", "name": "Aerified", "ipAddress": "201.22.196.102", "os": "Linux", "firstSeen": "1770798", "lastSeen": "1685038", }, { "id": "47", "uuid": "e9344880-c32f-458c-b78e-211ce81d10cb", "tenableUUID": "dce3a590-70f0-4530-9843-5d3c83666f75", "name": "Windows 10", "ipAddress": "90.248.112.168", "os": "Windows 10", "firstSeen": "1755893", "lastSeen": "1221376", } ], "error_code": 0, "error_msg": "", "warnings": [], "timestamp": 1626889388 }
/hosts/uuid
Methods
Gets the details of Host with the requested uuid.
Fields Parameter
![](images/icons/grey_arrow_down.png)
Allowed Fields
*id
*uuid
*tenableUUID
*name
*ipAddress
*os
*firstSeen
*lastSeen
*macAddress
*source
*repID
*netBios
*netBiosWorkgroup
*createdTime
*modifiedTime
*acr
*aes
*ips
*names
*macs
*segments
*tags
Legend
* = always comes back
red = field is a JSON object ( e.g. "SCI" : {"id" : "2", "name" : "SCI Name", "description" : "Description"} )
Example Response
![](images/icons/grey_arrow_down.png)
{ "type": "regular", "response": { "id": "47", "uuid": "e9344880-c32f-458c-b78e-211ce81d10cb", "tenableUUID": "dce3a590-70f0-4530-9843-5d3c83666f75", "name": "Windows 10", "ipAddress": "90.248.112.168", "os": "Windows 10", "firstSeen": "1755893", "lastSeen": "1221376", "ips": ["90.248.112.168", "90.248.112.169", "90.248.112.170" ], "names": ["Windows 10", "Windows 10 custom name"], "macs": ["a:b:c:d:e", "a:b:c:d:f"], "segments": ["segment1", "segment2"], "tags": [ { "tagName": "tag1", "tagValue": "tagval", "tagType": "", "tagLabel": "" }, { "tagName": "tag2", "tagValue": "tagval2", "tagType": "text", "tagLabel": "customlabel" }, ] }, "error_code": 0, "error_msg": "", "warnings": [], "timestamp": 1626889388 }
/hosts/{uuid}/acr
Methods
Override the Asset Criticality Rating score and reasons for the specified Host.
Request Body Parameter
![](images/icons/grey_arrow_down.png)
{
"overwrittenScore": <int> 4,
"reasoning": [
{
"id": <int> 1-6,
"label" <string> "Why score was changed"
}
],
"notes": <string> "Some details on the score change",
"overwritten": <string> "true" | "false"
}
Example Response
![](images/icons/grey_arrow_down.png)
{ "type": "regular", "response":{ "id": "95", "uuid": "c2953a1a-c19c-4128-b518-8b0ccc33cb3d", "tenableUUID": null, "name": "172.26.48.1", "ipAddress": "172.26.48.1", "os": null, "firstSeen": "1632765212", "lastSeen": "1632765212", "dns": null, "fqdnIndex": "0", "netBios": null, "netBiosWorkgroup": null, "macAddress": null, "systemType": "general-purpose", "createdTime": "1632765212", "modifiedTime": "1632765212", "source": [ { "type": "Nessus Scan" } ], "repository": { "id": "1", "name": "Repo", "description": "" }, "acr": { "hostUUID": "c2953a1a-c19c-4128-b518-8b0ccc33cb3d", "score": "9.0", "overwritten": "true", "notes": "We changed this because....", "overwrittenScore": "10.0", "lastEditedUserID": "1", "lastEditedOrgID": "1", "lastEvaluatedTime": "1", "internetExposure": null, "capability": null, "reasoning": [ { "id": "4" } ], "user": { "id": "1", "username": "qahead", "firstname": "", "lastname": "", "email": "" } } }, "error_code": 0, "error_msg": "", "warnings": [], "timestamp": 1632923227 }
/hosts/search
Methods
Gets the Asset Criticality Rating score and reasons for the specified Host.
Fields Parameter
![](images/icons/grey_arrow_down.png)
Search the list of Hosts identified from all scan results that are on T.sc.
Fields Parameter
![](images/icons/grey_arrow_down.png)
The fields parameter should be specified along the query string, and it takes the syntax
?fields=<field>,...
The limit parameter should be an integer greater than 0
?limit=<number>,...
The startOffset parameter should be an integer greater than 0
?startOffset=<number>,...
The endOffset parameter should be an integer greater than 0
?endOffset=<number>,...
The pagination parameter should a boolean
?pagination=<boolean>,...
Allowed Fields
**id
**uuid
*tenableUUID
*name
*ipAddress
*os
*firstSeen
*lastSeen
macAddress
source
repID
netBios
netBiosWorkgroup
createdTime
modifiedTime
acr
aes
Legend
* = always comes back
** = comes back if fields list not specified on GET all
red = field is a JSON object ( e.g. "SCI" : {"id" : "2", "name" : "SCI Name", "description" : "Description"} )
Example Request
![](images/icons/grey_arrow_down.png)
{
"filters": {
"and": [
{
"property": "systemType",
"operator": "eq",
"value": "general_purpose,general-purpose"
},
{
"property": "ip",
"operator": "eq",
"value": "172.26.48.0-172.26.48.100"
},
{
"property": "repositoryAll",
"operator": "eq",
"value": "2,1"
},
{
"property": "assetCriticalityRating",
"operator": "eq",
"value": "1-5"
},
{
"property": "assetExposureScore",
"operator": "eq",
"value": "100-1000"
},
{
"property": "sourceType",
"operator": "eq",
"value": "'Nessus Scan','Agent Scan'"
},
{
"property": "hostid",
"operator": "eq",
"value": "74d580c7-4da4-427f-9282-591d99d3ba25,60847aad-f0b1-426c-8bf0-1e8d92da85c4"
}
]
}
}
Example Response
![](images/icons/grey_arrow_down.png)
{
"type": "regular",
"response": {
"totalRecords": "1",
"returnedRecords": 1,
"startOffset": "0",
"endOffset": "50",
"results": [
{
"name": "SHAREPOINT2016",
"ipAddress": "172.xx.xx.xx",
"os": "Microsoft Windows 10",
"macAddress": null,
"firstSeen": "1655319261",
"lastSeen": "1655319261",
"netBios": "SHAREPOINT2016",
"dns": "sharepoint2016.target.com",
"id": "7",
"uuid": "xxxx-xxxx-xxxx-xxxx-xxxx",
"source": [
{
"type": "Nessus Scan"
}
],
"repository": {
"id": "1",
"name": "Repo",
"description": "",
"dataFormat": "IPv4",
"type": "Local"
},
"acr": {
"score": "4",
"overwritten": "false",
"notes": null,
"overwrittenScore": "-1",
"lastEditedUserID": null,
"lastEditedOrgID": null,
"lastEvaluatedTime": "1655319340",
"internetExposure": "internal",
"capability": "",
"deviceType": "general_purpose",
"reasoning": [],
"keyDrivers": {
"internet exposure": "internal",
"device capability": "",
"device type": "general_purpose"
}
},
"aes": {
"score": "496"
},
"systemType": "general_purpose"
}
]
},
"error_code": 0,
"error_msg": "",
"warnings": [],
"timestamp": 1655385966
}
/hosts/download
Methods
Export the Host Assets data to a CSV file format.
Fields Parameter
![](images/icons/grey_arrow_down.png)
Search the list of Hosts identified from all scan results that are on T.sc.
Fields Parameter
![](images/icons/grey_arrow_down.png)
The fields parameter should be specified along the query string, and it takes the syntax
?fields=<field>,...
The sortField parameter should be a string
?sortField=<field>
The sortDirection parameter should be either ASC or DESC
?sortDirection=<string>
The startOffset parameter should be an integer greater than 0
?startOffset=<number>,...
The endOffset parameter should be an integer greater than 0
?endOffset=<number>,...
Allowed Fields
*id
**uuid
**ipAddress
**os
**name
**lastSeen
**source
**netBios
**dns
**acr
**aes
**repository
**systemType
***ips
***names
***segments
***macs
***tags
Legend
* = always comes back
** = comes back if fields list not specified
*** = comes back if fields list not specified and if atleast one of the hosts is an OT asset based on the filters applied
green = The uuid field will be renamed to "assetID" in the CSV header
Filter Parameter
![](images/icons/grey_arrow_down.png)
Filter parameters should be posted via the request payload.
Value field for assetCriticalityRating and assetExposureScore should be a range of unsigned integers separated by a "-". Example: "1-10"
Filter Parameter
![](images/icons/grey_arrow_down.png)
{
"filters": {
"and": [
{
"property": <string> "systemType" | "assetCriticalityRating" | "assetExposureScore",
"operator": <string> "eq",
"value": <string> "systemTypeId" | "<uint>-<uint>"
}
]
}
}
Example Response (text/csv)
![](images/icons/grey_arrow_down.png)
"name","ipAddress","os","macAddress","firstSeen","lastSeen","netBios","dns","id","source","repository","acr","aes","systemType","assetID"
"ABCD-EFGH","0.0.0.0","Linux Kernel 123","a:b:c:d:e","1234567890","1234567890","ABCD-EFGH","abdc-efgh.hijk-lmnop.com","1234","Nessus Scan","ipv4","10","300","","abcd-efgh-ijkl-mnop-qrst-uvwx-yz"
"ABCD-EFGH","0.0.0.0","Linux Kernel 123","a:b:c:d:e","1234567890","1234567890","ABCD-EFGH","abdc-efgh.hijk-lmnop.com","1234","Nessus Scan","ipv4","10","300","","abcd-efgh-ijkl-mnop-qrst-uvwx-yz"
"ABCD-EFGH","0.0.0.0","Linux Kernel 123","a:b:c:d:e","1234567890","1234567890","ABCD-EFGH","abdc-efgh.hijk-lmnop.com","1234","Nessus Scan","ipv4","10","300","","abcd-efgh-ijkl-mnop-qrst-uvwx-yz"
Example Response with atleast one OT asset (text/csv)
![](images/icons/grey_arrow_down.png)
"name","ipAddress","os","macAddress","firstSeen","lastSeen","netBios","dns","id","source","repository","acr","aes","systemType","assetID","ips","macs","names","segments","tag1","tag2","tag3"
"ABCD-EFGH","0.0.0.0","Linux Kernel 123","a:b:c:d:e","1234567890","1234567890","ABCD-EFGH","abdc-efgh.hijk-lmnop.com","1234","Nessus Scan","ipv4","10","300","","abcd-efgh-ijkl-mnop-qrst-uvwx-yz","0.0.0.0,1.0.0.1,2.0.0.2","a:b:c:d:e,a:b:c:d:f,a:b:c:d:g","name1,name2,name3","segment1,segment2,segment3","tagvalue1","tagvalue2","tagvalue3"
"ABCD-EFGH","0.0.0.0","Linux Kernel 123","a:b:c:d:e","1234567890","1234567890","ABCD-EFGH","abdc-efgh.hijk-lmnop.com","1234","Nessus Scan","ipv4","10","300","","abcd-efgh-ijkl-mnop-qrst-uvwx-yz","","","","","","",""
"ABCD-EFGH","0.0.0.0","Linux Kernel 123","a:b:c:d:e","1234567890","1234567890","ABCD-EFGH","abdc-efgh.hijk-lmnop.com","1234","Nessus Scan","ipv4","10","300","","abcd-efgh-ijkl-mnop-qrst-uvwx-yz","0.0.0.0,1.0.0.1,2.0.0.2","a:b:c:d:e,a:b:c:d:f,a:b:c:d:g","name1,name2,name3","segment1,segment2,segment3","tagvalue1","tagvalue2","tagvalue3"