/hosts
Methods
Gets the list of Hosts identified from all scan results that are on Tenable Security Center.
Fields Parameter
The fields parameter should be specified along the query string, and it takes the syntax
?fields=<field>,...
The limit parameter should be an integer greater than 0
?limit=<number>,...
The startOffset parameter should an integer greater than 0
?startOffset=<number>,...
The endOffset parameter should an integer greater than 0
?endOffset=<number>,...
The pagination parameter should a boolean
?pagination=<boolean>,..
Allowed Fields
**id
**uuid
*tenableUUID
*name
*ipAddress
*os
*firstSeen
*lastSeen
macAddress
source
repID
netBios
netBiosWorkgroup
createdTime
modifiedTime
acr
aes
Legend
* = always comes back
** = comes back if fields list not specified on GET all
red = field is a JSON object ( e.g. "SCI" : {"id" : "2", "name" : "SCI Name", "description" : "Description"} )
Example Response
{ "type": "regular", "response": [ { "id": "154", "uuid": "68262460-941b-4762-906e-47298f79911e", "tenableUUID": "58bd0909-f66d-4248-8c20-2501b208bb65", "name": "Aerified", "ipAddress": "201.22.196.102", "os": "Linux", "firstSeen": "1770798", "lastSeen": "1685038", }, { "id": "47", "uuid": "e9344880-c32f-458c-b78e-211ce81d10cb", "tenableUUID": "dce3a590-70f0-4530-9843-5d3c83666f75", "name": "Windows 10", "ipAddress": "90.248.112.168", "os": "Windows 10", "firstSeen": "1755893", "lastSeen": "1221376", } ], "error_code": 0, "error_msg": "", "warnings": [], "timestamp": 1626889388 }
/hosts/{uuid}/acr
Methods
Override the Asset Criticality Rating score and reasons for the specified Host.
Request Body Parameter
{
"overwrittenScore": <int> 4,
"reasoning": [
{
"id": <int> 1-6,
"label" <string> "Why score was changed"
}
],
"notes": <string> "Some details on the score change",
"overwritten": <string> "true" | "false"
}
Example Response
{ "type": "regular", "response":{ "id": "95", "uuid": "c2953a1a-c19c-4128-b518-8b0ccc33cb3d", "tenableUUID": null, "name": "172.26.48.1", "ipAddress": "172.26.48.1", "os": null, "firstSeen": "1632765212", "lastSeen": "1632765212", "dns": null, "fqdnIndex": "0", "netBios": null, "netBiosWorkgroup": null, "macAddress": null, "systemType": "general-purpose", "createdTime": "1632765212", "modifiedTime": "1632765212", "source": [ { "type": "Nessus Scan" } ], "repository": { "id": "1", "name": "Repo", "description": "" }, "acr": { "hostUUID": "c2953a1a-c19c-4128-b518-8b0ccc33cb3d", "score": "9.0", "overwritten": "true", "notes": "We changed this because....", "overwrittenScore": "10.0", "lastEditedUserID": "1", "lastEditedOrgID": "1", "lastEvaluatedTime": "1", "internetExposure": null, "capability": null, "reasoning": [ { "id": "4" } ], "user": { "id": "1", "username": "qahead", "firstname": "", "lastname": "", "email": "" } } }, "error_code": 0, "error_msg": "", "warnings": [], "timestamp": 1632923227 }
/hosts/search
Methods
Gets the Asset Criticality Rating score and reasons for the specified Host.
Fields Parameter
Search the list of Hosts identified from all scan results that are on T.sc.
Fields Parameter
The fields parameter should be specified along the query string, and it takes the syntax
?fields=<field>,...
The limit parameter should be an integer greater than 0
?limit=<number>,...
The startOffset parameter should be an integer greater than 0
?startOffset=<number>,...
The endOffset parameter should be an integer greater than 0
?endOffset=<number>,...
The pagination parameter should a boolean
?pagination=<boolean>,...
Allowed Fields
**id
**uuid
*tenableUUID
*name
*ipAddress
*os
*firstSeen
*lastSeen
macAddress
source
repID
netBios
netBiosWorkgroup
createdTime
modifiedTime
acr
aes
Legend
* = always comes back
** = comes back if fields list not specified on GET all
red = field is a JSON object ( e.g. "SCI" : {"id" : "2", "name" : "SCI Name", "description" : "Description"} )
Example Request
{
"filters": {
"and": [
{
"property": "systemType",
"operator": "eq",
"value": "general_purpose,general-purpose"
},
{
"property": "ip",
"operator": "eq",
"value": "172.26.48.0-172.26.48.100"
},
{
"property": "repositoryAll",
"operator": "eq",
"value": "2,1"
},
{
"property": "assetCriticalityRating",
"operator": "eq",
"value": "1-5"
},
{
"property": "assetExposureScore",
"operator": "eq",
"value": "100-1000"
},
{
"property": "sourceType",
"operator": "eq",
"value": "'Nessus Scan','Agent Scan'"
},
{
"property": "hostid",
"operator": "eq",
"value": "74d580c7-4da4-427f-9282-591d99d3ba25,60847aad-f0b1-426c-8bf0-1e8d92da85c4"
}
]
}
}
Example Response
{
"type": "regular",
"response": {
"totalRecords": "1",
"returnedRecords": 1,
"startOffset": "0",
"endOffset": "50",
"results": [
{
"name": "SHAREPOINT2016",
"ipAddress": "172.xx.xx.xx",
"os": "Microsoft Windows 10",
"macAddress": null,
"firstSeen": "1655319261",
"lastSeen": "1655319261",
"netBios": "SHAREPOINT2016",
"dns": "sharepoint2016.target.com",
"id": "7",
"uuid": "xxxx-xxxx-xxxx-xxxx-xxxx",
"source": [
{
"type": "Nessus Scan"
}
],
"repository": {
"id": "1",
"name": "Repo",
"description": "",
"dataFormat": "IPv4",
"type": "Local"
},
"acr": {
"score": "4",
"overwritten": "false",
"notes": null,
"overwrittenScore": "-1",
"lastEditedUserID": null,
"lastEditedOrgID": null,
"lastEvaluatedTime": "1655319340",
"internetExposure": "internal",
"capability": "",
"deviceType": "general_purpose",
"reasoning": [],
"keyDrivers": {
"internet exposure": "internal",
"device capability": "",
"device type": "general_purpose"
}
},
"aes": {
"score": "496"
},
"systemType": "general_purpose"
}
]
},
"error_code": 0,
"error_msg": "",
"warnings": [],
"timestamp": 1655385966
}
/hosts/download
Methods
Export the Host Assets data to a CSV file format.
Fields Parameter
Search the list of Hosts identified from all scan results that are on T.sc.
Fields Parameter
The fields parameter should be specified along the query string, and it takes the syntax
?fields=<field>,...
The sortField parameter should be a string
?sortField=<field>
The sortDirection parameter should be either ASC or DESC
?sortDirection=<string>
The startOffset parameter should be an integer greater than 0
?startOffset=<number>,...
The endOffset parameter should be an integer greater than 0
?endOffset=<number>,...
Allowed Fields
*id
**uuid
**ipAddress
**os
**name
**lastSeen
**source
**netBios
**dns
**acr
**aes
**repository
**systemType
Legend
* = always comes back
** = comes back if fields list not specified
green = The uuid field will be renamed to "assetID" in the CSV header
Filter Parameter
Filter parameters should be posted via the request payload.
Value field for assetCriticalityRating and assetExposureScore should be a range of unsigned integers separated by a "-". Example: "1-10"
Filter Parameter
{
"filters": {
"and": [
{
"property": <string> "systemType" | "assetCriticalityRating" | "assetExposureScore",
"operator": <string> "eq",
"value": <string> "systemTypeId" | "<uint>-<uint>"
}
]
}
}
Example Response (text/csv)
"name","ipAddress","os","macAddress","firstSeen","lastSeen","netBios","dns","id","source","repository","acr","aes","systemType","assetID"
"ABCD-EFGH","0.0.0.0","Linux Kernel 123","a:b:c:d:e","1234567890","1234567890","ABCD-EFGH","abdc-efgh.hijk-lmnop.com","1234","Nessus Scan","ipv4","10","300","","abcd-efgh-ijkl-mnop-qrst-uvwx-yz"
"ABCD-EFGH","0.0.0.0","Linux Kernel 123","a:b:c:d:e","1234567890","1234567890","ABCD-EFGH","abdc-efgh.hijk-lmnop.com","1234","Nessus Scan","ipv4","10","300","","abcd-efgh-ijkl-mnop-qrst-uvwx-yz"
"ABCD-EFGH","0.0.0.0","Linux Kernel 123","a:b:c:d:e","1234567890","1234567890","ABCD-EFGH","abdc-efgh.hijk-lmnop.com","1234","Nessus Scan","ipv4","10","300","","abcd-efgh-ijkl-mnop-qrst-uvwx-yz"