Tenable Security Center API: LCE

/lce

Methods
GET

Gets the list of LCEs.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields 

*id
**name
**description
**status
ip
ntpIP
port
username
password
privateKeyPassphrase
managedRanges
version
downloadVulns
vulnStatus
lastReportTime
createdTime
modifiedTime
silos
canUse
canManage
organizations
repositories

Legend

* = always comes back

** = comes back if fields list not specified on GET all
redFont =  field is a JSON object e.g. "repository" :{ "id" : <id>, "name" : <name> } )
Request Parameters

None

Example Response
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
{
    "type" : "regular",
    "response" : [
        {
            "id" : "3",
            "name" : "LCE 192.168.1.11",
            "description" : "",
            "ip" : "192.168.1.11",
            "ntpIP" : "192.168.1.1",
            "port" : "1243",
            "username" : "root",
            "password" : "SET",
            "privateKeyPassphrase": null,
            "managedRanges" : null,
            "version" : "4.0.2",
            "downloadVulns" : "false",
            "status" : "1",
            "vulnStatus" : "2",
            "lastReportTime" : "0",
            "createdTime" : "1409837073",
            "modifiedTime" : "1409944978",
            "silos" : [
                {
                    "id" : "1",
                    "file" : "\/opt\/lce\/silo_archive\/\/lceSep122014-Sep132014.ndb",
                    "startDate" : "Sep 12, 2014",
                    "endDate" : "Sep 13, 2014",
                    "records":"0"           }
            "organizations" : [
                {
                    "id" : "8",
                    "name" : "Org",
                    "description" : "Testing for Policies with New Schema",
                    "uuid" : "4F7DD1CD-EB1B-40D7-BCE1-2DB3E31F6F4C"                }
            ],
            "repositories" : [],
            "canUse" : "true",
            "canManage" : "true"        }
    ],
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1409945528
}
POST

Adds an LCE.

Request Parameters
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
{
    "name" : <string>,
    "description" : <string> DEFAULT "",
    "ip" : <string> (valid IP address or IP addresses separated by a comma),
    "downloadVulns" : <string> "false" | "true",
    "organizations" : [
        {
            "id" : <number>,
            "uuid" : <uuid>,
        }...
    ] DEFAULT [],
    ...
}

downloadVulns is "true"

1
2
3
4
5
6
7
8
9
10
11
12
13
{
    ...
    "ntpIP" : <string> (valid IP address, host name, IP addresses separated by a comma, or host names separated by a comma) DEFAULT {ip},
    "port" : <number> {valid port) DEFAULT "1243",
    "username" : <string>,
    "password" : <string>,
    "repositories" : [
        {
            "id" : <number>,
            "uuid" : <uuid>       }...
    ] DEFAULT []
    ...
}
Example Response
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
{
    "type" : "regular",
    "response" : {
        "organizations" : [
            {
                "id" : "8",
                "name" : "Org",
                "description" : "Testing for Policies with New Schema",
                "uuid" : "4F7DD1CD-EB1B-40D7-BCE1-2DB3E31F6F4C"         },
            {
                "id" : "9",
                "name" : "Test Org",
                "description" : "",
                "uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"         }
        ],
        "repositories" : [],
        "id" : "9",
        "name" : "TEST2",
        "description" : "",
        "ip" : "192.168.1.1",
        "ntpIP" : "192.168.1.1",
        "port" : "1243",
        "username" : "",
        "password" : "",
        "privateKeyPassphrase" : "",
        "managedRanges" : null,
        "version" : "Unknown",
        "downloadVulns" : "false",
        "status" : "2",
        "vulnStatus" : "0",
        "lastReportTime" : "0",
        "createdTime" : "1409946064",
        "modifiedTime" : "1409946074",
        "canUse" : "true",
        "canManage" : "true"    },
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1409946054
}

/lce/authorize

Methods
POST

Authorizes the LCE associated with the provided id or ip to be installed on remote machine, changing only the passed in fields.

NOTE: Either (not both) the ip or the id field must be specified. Alternatively, an lce being authorize by ID may be performed by lce/{id}/authorize::POST

Request Parameters
Expand
1
2
3
4
5
6
{
    "id" : <number> OPTIONAL,
    "uuid" : <uuid> OPTIONAL,
    "ip" : <string> (valid IP address) OPTIONAL,
    "username" : <string> DEFAULT "",
    "password" : <string> DEFAULT ""}
Example Response
Expand
1
2
3
4
5
6
7
8
9
10
{
    "type" : "regular",
    "response" : {
        "status" : 1,
        "version" : "unknown"   },
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1408726631
}

/lce/{id}

Methods
GET

Gets the LCE associated with {id}.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields 

*id
**name
**description
**status
ip
ntpIP
port
username
password
managedRanges
version
downloadVulns
vulnStatus
lastReportTime
createdTime
modifiedTime
canUse
canManage
organizations
repositories

Legend

* = always comes back

** = comes back if fields list not specified on GET all
redFont =  field is a JSON object e.g. "repository" :{ "id" : <id>, "name" : <name> } )
Request Parameters

None

Example Response
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
{
    "type" : "regular",
    "response" : {
        "organizations" : [
            {
                "id" : "8",
                "name" : "Org",
                "description" : "Testing for Policies with New Schema",
                "uuid" : "4F7DD1CD-EB1B-40D7-BCE1-2DB3E31F6F4C"         }
        ],
        "repositories" : [],
        "id" : "1",
        "name" : "testlce",
        "description" : "This is being used to test fields",
        "ip" : "192.168.1.1",
        "ntpIP" : "192.168.1.1",
        "port" : "24",
        "username" : "head",
        "password" : "SET",
        "managedRanges" : null,
        "version" : "Unknown",
        "downloadVulns" : "false",
        "status" : "2",
        "vulnStatus" : "2",
        "lastReportTime" : "0",
        "createdTime" : "1408131074",
        "modifiedTime" : "1409945570",
        "canUse" : "true",
        "canManage" : "true"    },
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1409945751
}
PATCH

Edits the LCE associated with {id}, changing only the passed in fields.

Request Parameters

(All fields are optional)

See /lce::POST for parameters.

Example Response

See /lce/{id}::GET

DELETE

Deletes the LCE associated with {id}.

Request Parameters

None

Example Response
Expand
1
2
3
4
5
6
7
8
{
    "type" : "regular",
    "response" : "",
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1408726631
}

 

/lce/{id}/authorize

Methods
POST

Authorizes the LCE associated with {id} to be installed on remote machine, changing only the passed in fields.

NOTE: To authorize by IP, See /lce/authorize::POST. An ip parameter may not be provided here.

Request Parameters
Expand
1
2
3
{
    "username" : <string> DEFAULT "",
    "password" : <string> DEFAULT ""}
Example Response
Expand
1
2
3
4
5
6
7
8
9
10
{
    "type" : "regular",
    "response" : {
        "status" : 1,
        "version" : "unknown"   },
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1408726631
}

/lce/eventTypes

Methods
GET
Request Parameters

Gets the list of LCE event types.

Example Response
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
{
    "type" : "regular",
    "response" : {
        "types" : [
            "(unknown)",
            "access-denied",
            "application",
            "connection",
            "continuous",
            "data-leak",
            "database",
            "detected-change",
            "dhcp",
            "dns",
            "dos",
            "error",
            "file-access",
            "firewall",
            "honeypot",
            "indicator",
            "intrusion",
            "lce",
            "login",
            "login-failure",
            "logout",
            "nbs",
            "network",
            "process",
            "restart",
            "scanning",
            "social-networks",
            "spam",
            "stats",
            "system",
            "threatlist",
            "unnormalized",
            "usb",
            "virus",
            "vulnerability",
            "web-access",
            "web-error"     ]
    },
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1409946200
}