Tenable Security Center API: Organization

 

Adds an Organization

This endpoint may only be used by administrators.

/organization

Methods
GET

Gets the list of Organizations

Fields Parameter
Expand

NOTE: This endpoint is still set to return all fields on this call by default. Eventually, this will be merged to provide the minimal set as noted by the legend below.

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
*uuid
**name
**description
email
address
city
state
country
phone
fax
ipInfoLinks
zoneSelection
restrictedIPs
vulnScoreLow
vulnScoreMedium
vulnScoreHigh
vulnScoreCritical
vulnScoringSystem
createdTime
modifiedTime
passwordExpires
passwordExpiration
userCount
lces
repositories
zones
nessusManagers
pubSites
ldaps

Legend

* = always comes back

** = comes back if fields list not specified on GET all

redFont =  field is a JSON object e.g. "repository" :{ "id" : <id>, "name" : <name> } )

Request Parameters

None

Example Response
Expand
{
	"type" : "regular",
	"response" : [
		{
			"id" : "8",
			"name" : "Org",
			"description" : "New Org",
			"email" : "",
			"address" : "",
			"city" : "",
			"state" : "",
			"country" : "",
			"phone" : "",
			"fax" : "",
			"ipInfoLinks" : [
				{
					"name" : "SANS",
					"link" : "https:\/\/isc.sans.edu\/ipinfo.html?ip=%IP%"
				},
				{
					"name" : "ARIN",
					"link" : "http:\/\/whois.arin.net\/rest\/ip\/%IP%"
				}
			],
			"zoneSelection" : "auto_only",
			"restrictedIPs" : "192.168.1.1",
			"vulnScoreLow" : "1",
			"vulnScoreMedium" : "3",
			"vulnScoreHigh" : "10",
			"vulnScoreCritical" : "40",
			"vulnScoringSystem" : "CVSSv2",
			"createdTime" : "1406321214",
			"modifiedTime" : "1414509795",
         	"passwordExpires": "true",
            "passwordExpiration": "90",
		    "userCount" : "4",
			"lces" : [
				{
					"id" : "3",
					"name" : "LCE 192.168.1.1",
					"description" : "Copied from Box for testing"
				},
				{
					"id" : "4",
					"name" : "NEW LCE",
					"description" : "Copied from Box for testing"
				},
				{
					"id" : "5",
					"name" : "qa-lce4x-lifeA",
					"description" : "Copied from Box for testing"
				}
			],
			"repositories" : [
				{
					"id" : "25",
					"name" : "IPv6 Rep",
					"description" : "",
					"type" : "Local",
					"dataFormat" : "IPv6",
					"groupAssign" : "fullAccess",
					"uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"
				},
				{
					"id" : "26",
					"name" : "agrepo",
					"description" : "",
					"type" : "Local",
					"dataFormat" : "IPv4",
					"groupAssign" : "fullAccess",
					"uuid" : "29F2B9E1-ADE9-4550-B63C-CEA1423E52FC"
				},
				{
					"id" : "27",
					"name" : "mp asset tests IPv6",
					"description" : "Copied from QA",
					"type" : "Local",
					"dataFormat" : "IPv6",
					"groupAssign" : "fullAccess",
					"uuid" : "96F2AD1B-1B83-462E-908A-84E6054F6B64"
				},
				{
					"id" : "29",
					"name" : "Test IPv6",
					"description" : "",
					"type" : "Local",
					"dataFormat" : "IPv6",
					"groupAssign" : "fullAccess",
					"uuid" : "2DF066B8-F310-44BB-B6BE-BC6D5BDEE0AB"
				}
			],
			"zones" : [],
			"ldaps" : [],
			"pubSites" : [
				{
					"id":"2","name":"Test1","description":"","type":"CMRS"
				}
			],
			"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
		},
		{
			"id" : "9",
			"name" : "Test Org 1",
			"description" : "",
			"email" : "",
			"address" : "",
			"city" : "",
			"state" : "",
			"country" : "",
			"phone" : "",
			"fax" : "",
			"ipInfoLinks" : [
				{
					"name" : "SANS",
					"link" : "https:\/\/isc.sans.edu\/ipinfo.html?ip=%IP%"
				},
				{
					"name" : "ARIN",
					"link" : "http:\/\/whois.arin.net\/rest\/ip\/%IP%"
				}
			],
			"zoneSelection" : "auto_only",
			"restrictedIPs" : "",
			"vulnScoreLow" : "1",
			"vulnScoreMedium" : "3",
			"vulnScoreHigh" : "10",
			"vulnScoreCritical" : "40",
			"vulnScoringSystem" : "CVSSv2",
			"createdTime" : "1409944744",
			"modifiedTime" : "1414521257",
          	"passwordExpires": "true",
            "passwordExpiration": "90", 
		    "userCount" : "1",
			"lces" : [],
			"repositories" : [
				{
					"id" : "25",
					"name" : "IPv6 Rep",
					"description" : "",
					"type" : "Local",
					"dataFormat" : "IPv6",
					"groupAssign" : "fullAccess",
					"uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"
				},
				{
					"id" : "26",
					"name" : "agrepo",
					"description" : "",
					"type" : "Local",
					"dataFormat" : "IPv4",
					"groupAssign" : "fullAccess",
					"uuid" : "29F2B9E1-ADE9-4550-B63C-CEA1423E52FC"
				},
				{
					"id" : "27",
					"name" : "mp asset tests IPv6",
					"description" : "Copied from QA",
					"type" : "Local",
					"dataFormat" : "IPv6",
					"groupAssign" : "fullAccess",
					"uuid" : "96F2AD1B-1B83-462E-908A-84E6054F6B64"
				}
			],
			"zones" : [],
			"ldaps" : [],
			"nessusManagers" : [],
			"pubSites" : [],
			"uuid" : "F8F1B126-1B50-4A65-851A-1168F3283D7B"
		}
	],
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1418050287
}

POST

Adds an Organization

Request Parameters
Expand

NOTE: "zoneSelection" has specific "zone" restrictions noted below:

  • auto_only cannot have any zones assigned
  • locked must have one zone assigned
  • selectable and selectable+auto_restricted must have at least one zone assigned
  • selectable+auto has no restrictions


{
	"name" : <string>,
	"passwordExpires" : <string> "false" | "true" OPTIONAL,
	"passwordExpiration" : <number> (a number between 1 and 365) OPTIONAL, 
	"zoneSelection" : <string> "auto_only" | "locked" | "selectable" | "selectable+auto" | "selectable+auto_restricted",
	"restrictedIPs" : <string> (valid IP address or range of IP addresses) OPTIONAL,
	"lces" : [
		{
			"id" : <number>
		}...
	] DEFAULT [],
	"repositories" : [
		{
			"id" : <number> OR "uuid" : <string>
		}...
	] DEFAULT [],
	"pubSites" : [
		{
			"id" : <number>
		}...
	] DEFAULT [],
	"zones" : [
		{
			"id" : <number> OR "uuid" : <string>
		}...
	] DEFAULT [],
	"ldaps" : [
		{
			"id" : <number>
		}...
	] DEFAULT [],
	"nessusManagers" : [
		{
			"id" : <number>
		}...
	] DEFAULT [],
	"vulnScoreLow" : <number> DEFAULT 1,
	"vulnScoreMedium" : <number> DEFAULT 3,
	"vulnScoreHigh" : <number> DEFAULT 10,
	"vulnScoreCritical" : <number> DEFAULT 40,
	"vulnScoringSystem" : <string> "CVSSv2" | "CVSSv3",
	"ipInfoLinks" : [
		{
			"link" : <string>,
			"name" : <string>
		}
		{
			"link" : <string>,
			"name" : <string>
		}
	] DEFAULT []
	...
}
Example Response
Expand
{
	"type" : "regular",
	"response" : {
		"id" : "10",
		"name" : "Org Post",
		"description" : "",
		"email" : "",
		"address" : "",
		"city" : "",
		"state" : "",
		"country" : "",
		"phone" : "",
		"fax" : "",
		"ipInfoLinks" : [
			{
				"name" : "SANS",
				"link" : "https:\/\/isc.sans.edu\/ipinfo.html?ip=%IP%"
			},
			{
				"name" : "ARIN",
				"link" : "http:\/\/whois.arin.net\/rest\/ip\/%IP%"
			}
		],
		"zoneSelection" : "auto_only",
		"restrictedIPs" : "",
		"vulnScoreLow" : "1",
		"vulnScoreMedium" : "3",
		"vulnScoreHigh" : "10",
		"vulnScoreCritical" : "40",
		"vulnScoringSystem" : "CVSSv2",
		"createdTime" : "1418052290",
		"modifiedTime" : "1418052290",
  	    "passwordExpires": "true",	
        "passwordExpiration": "90",    
		"userCount" : "0",
		"lces" : [
			{
				"id" : "5",
				"name" : "qa-lce4x-lifeA",
				"description" : "Copied from Box for testing"
			}
		],
		"repositories" : [
			{
				"id" : "26",
				"name" : "agrepo",
				"description" : "",
				"type" : "Local",
				"dataFormat" : "IPv4",
				"groupAssign" : "all",
				"uuid" : "51C9083D-3AF6-4557-9492-7B25FCF6BAEB"
			}
		],
 		"passwordExpires" : "true", 
		"passwordExpiration" : "90",
		"zones" : [],
		"ldaps" : [],
		"nessusManagers" : [],
		"pubSites" : [],
		"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
	},
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1418052290
}

/organization/{id}

/organization/{uuid}

Methods
GET

Gets the Organization associated with {id} or {uuid}.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
*uuid
**name
**description
email
address
city
state
country
phone
fax
ipInfoLinks
zoneSelection
restrictedIPs
vulnScoreLow
vulnScoreMedium
vulnScoreHigh
vulnScoreCritical
vulnScoringSystem
createdTime
modifiedTime
passwordExpires
passwordExpiration
userCount
lces
repositories
zones
nessusManagers
pubSites
ldaps

Legend

* = always comes back

** = comes back if fields list not specified on GET all

redFont =  field is a JSON object e.g. "repository" :{ "id" : <id>, "name" : <name> } )

Request Parameters

None

Example Response
Expand
{
	"type" : "regular",
	"response" : {
		"id" : "8",
		"name" : "Org",
		"description" : "Testing for Policies with New Schema",
		"email" : "",
		"address" : "",
		"city" : "",
		"state" : "",
		"country" : "",
		"phone" : "",
		"fax" : "",
		"ipInfoLinks" : [
			{
				"name" : "SANS",
				"link" : "https:\/\/isc.sans.edu\/ipinfo.html?ip=%IP%"
			},
			{
				"name" : "ARIN",
				"link" : "http:\/\/whois.arin.net\/rest\/ip\/%IP%"
			}
		],
		"zoneSelection" : "auto_only",
		"restrictedIPs" : "192.168.1.1",
		"vulnScoreLow" : "1",
		"vulnScoreMedium" : "3",
		"vulnScoreHigh" : "10",
		"vulnScoreCritical" : "40",
		"vulnScoringSystem" : "CVSSv2",
		"createdTime" : "1406321214",
		"modifiedTime" : "1414509795",
   	    "passwordExpires": "true",	
        "passwordExpiration": "90",  
		"userCount" : "4",
		"lces" : [
			{
				"id" : "3",
				"name" : "LCE 192.168.1.1",
				"description" : "Copied from Box for testing"
			},
			{
				"id" : "4",
				"name" : "NEW LCE",
				"description" : "Copied from Box for testing"
			},
			{
				"id" : "5",
				"name" : "qa-lce4x-lifeA",
				"description" : "Copied from Box for testing"
			}
		],
		"repositories" : [
			{
				"id" : "25",
				"name" : "IPv6 Rep",
				"description" : "",
				"type" : "Local",
				"dataFormat" : "IPv6",
				"groupAssign" : "fullAccess",
				"uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"
			},
			{
				"id" : "26",
				"name" : "agrepo",
				"description" : "",
				"type" : "Local",
				"dataFormat" : "IPv4",
				"groupAssign" : "fullAccess",
				"uuid" : "29F2B9E1-ADE9-4550-B63C-CEA1423E52FC"
			},
			{
				"id" : "27",
				"name" : "mp asset tests IPv6",
				"description" : "Copied from QA",
				"type" : "Local",
				"dataFormat" : "IPv6",
				"groupAssign" : "fullAccess",
				"uuid" : "96F2AD1B-1B83-462E-908A-84E6054F6B64"
			},
			{
				"id" : "29",
				"name" : "Test IPv6",
				"description" : "",
				"type" : "Local",
				"dataFormat" : "IPv6",
				"groupAssign" : "fullAccess",
				"uuid" : "2DF066B8-F310-44BB-B6BE-BC6D5BDEE0AB"
			}
		],
		"zones" : [],
		"ldaps" : [],
		"nessusManagers" : [],
		"pubSites" : [
			{
				"id":"2","name":"Test1","description":"","type":"CMRS"
			}
		],
		"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
	},
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1418050303
}

PATCH

Edits the Organization associated with {id} or {uuid}, changing only the passed in fields.

Request Parameters
Click here to expand...

All fields are optional.

See /organization::POST for parameters.


NOTE: Additionally, each "repositories" object may have an extra parameter "allUsers" not listed for the POST:

{
	...	
	"repositories" : [
		{
			"id" : <number> OR "uuid" : <string>,
			"allUsers" : <string> "false" | "true" OPTIONAL
		}...
	]
	...
}
Example Response
See /organization/{id}::GET

DELETE

Deletes the Organization associated with {id} or {uuid}, depending on access and permissions.

Request Parameters

None

Example Response
Expand
{
	"type" : "regular",
	"response" : "",
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1408726272
}

/organization/{id}/acceptRiskRule

/organization/{uuid}/acceptRiskRule

Methods

GET

Gets the list of Accept Risk Rules in the Organization associated with {id} or {uuid}, unless filters are provided.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
**repository
**organization
**user
**plugin
**hostType
**hostValue
**port
**protocol
**expires
**status
comments
createdTime
modifiedTime

Legend

* = always comes back
** = comes back if fields list not specified on GET all

redFont =  field is a JSON object e.g. "repository" :{ "id" : <id>, "name" : <name> } )

Filters
Expand
repositoryIDs=<number>,... DEFAULT 0 (i.e. all Repositories) OR repositoryUUIDs=<string>,...
pluginID=<number> | <string> "all" DEFAULT "all" (i.e. all Plugins)
port=<number> | <string> "all" DEFAULT "all" (i.e. all Ports)
Example Response
Expand
 {
	"type" : "regular",
	"response" : [
		{
			"id" : "3",
			"hostType" : "all",
			"hostValue" : "",
			"port" : "any",
			"protocol" : "any",
			"expires" : "-1",
			"status" : "0",
			"repository" : {
				"id" : "17",
				"name" : "New Fields Repo",
				"description" : "",
				"type" : "Local",
				"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
			},
			"organization" : {
				"id" : "8",
				"name" : "Org",
				"description" : "Testing for Policies with New Schema",
				"uuid" : "2E950182-08B6-4737-830B-4ACC8F6B92F9"
			},
			"user" : {
				"id" : "1",
				"username" : "head",
				"firstname" : "Security Manager",
				"lastname" : "",
				"uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"
			},
			"plugin" : {
				"id" : "0",
				"name" : "Open Port",
				"description" : "",
                "type" : "active"
			}
		}
	],
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1410275054
}

/organization/{id}/recastRiskRule

/organization/{uuid}/recastRiskRule

Methods

GET

Gets the list of Recast Risk Rules in the Organization associated with {id} or {uuid}, unless filters are provided.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
**repository
**organization
**user
**plugin
**newSeverity
**hostType
**hostValue
**port
**protocol
**order
**status
comments
createdTime
modifiedTime

Legend

* = always comes back
** = comes back if fields list not specified on GET all

redFont =  field is a JSON object e.g. "repository" :{ "id" : <id>, "name" : <name> } )

Filters
Expand
repositoryIDs=<number>,... DEFAULT 0 (i.e. all Repositories) OR repositoryUUIDs=<string>,...
pluginID=<number> | <string> "all" DEFAULT "all" (i.e. all Plugins)
port=<number> | <string> "all" DEFAULT "all" (i.e. all Ports)
Example Response
Expand
{
	"type" : "regular",
	"response" : [
		{
			"id" : "1",
			"newSeverity" : "0",
			"hostType" : "all",
			"hostValue" : "",
			"port" : "any",
			"protocol" : "any",
			"order" : "1",
			"status" : "0",
			"repository" : {
				"id" : "18",
				"name" : "New Rep 1",
				"description" : "",
				"type" : "Local",
				"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
			},
			"organization" : {
				"id" : "8",
				"name" : "Org",
				"description" : "Testing for Policies with New Schema",
				"uuid" : "2E950182-08B6-4737-830B-4ACC8F6B92F9"
			},
			"user" : {
				"id" : "1",
				"username" : "head",
				"firstname" : "Security Manager",
				"lastname" : "",
				"uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"
			},
			"plugin" : {
				"id" : "0",
				"name" : "Open Port",
				"description" : "",
                "type" : "active"
			}
		}
	],
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1410281615
}