Tenable Security Center API: Organization

Adds an Organization

This endpoint may only be used by administrators.

/organization

Methods
GET

Gets the list of Organizations

Fields Parameter
Expand

NOTE: This endpoint is still set to return all fields on this call by default. Eventually, this will be merged to provide the minimal set as noted by the legend below.

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
*uuid
**name
**description
email
address
city
state
country
phone
fax
ipInfoLinks
zoneSelection
restrictedIPs
vulnScoreLow
vulnScoreMedium
vulnScoreHigh
vulnScoreCritical
vulnScoringSystem
createdTime
modifiedTime
passwordExpires
passwordExpiration
userCount
lces
repositories
zones
nessusManagers
pubSites
ldaps

Legend

* = always comes back
** = comes back if fields list not specified on GET all

redFont =  field is a JSON object e.g. "repository" :{ "id" : <id>, "name" : <name> } )

Request Parameters

None

Example Response
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
{
    "type" : "regular",
    "response" : [
        {
            "id" : "8",
            "name" : "Org",
            "description" : "New Org",
            "email" : "",
            "address" : "",
            "city" : "",
            "state" : "",
            "country" : "",
            "phone" : "",
            "fax" : "",
            "ipInfoLinks" : [
                {
                    "name" : "SANS",
                    "link" : "https:\/\/isc.sans.edu\/ipinfo.html?ip=%IP%"              },
                {
                    "name" : "ARIN",
                    "link" : "http:\/\/whois.arin.net\/rest\/ip\/%IP%"              }
            ],
            "zoneSelection" : "auto_only",
            "restrictedIPs" : "192.168.1.1",
            "vulnScoreLow" : "1",
            "vulnScoreMedium" : "3",
            "vulnScoreHigh" : "10",
            "vulnScoreCritical" : "40",
            "vulnScoringSystem" : "CVSSv2",
            "createdTime" : "1406321214",
            "modifiedTime" : "1414509795",
            "passwordExpires": "true",
            "passwordExpiration": "90",
            "userCount" : "4",
            "lces" : [
                {
                    "id" : "3",
                    "name" : "LCE 192.168.1.1",
                    "description" : "Copied from Box for testing"               },
                {
                    "id" : "4",
                    "name" : "NEW LCE",
                    "description" : "Copied from Box for testing"               },
                {
                    "id" : "5",
                    "name" : "qa-lce4x-lifeA",
                    "description" : "Copied from Box for testing"               }
            ],
            "repositories" : [
                {
                    "id" : "25",
                    "name" : "IPv6 Rep",
                    "description" : "",
                    "type" : "Local",
                    "dataFormat" : "IPv6",
                    "groupAssign" : "fullAccess",
                    "uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"             },
                {
                    "id" : "26",
                    "name" : "agrepo",
                    "description" : "",
                    "type" : "Local",
                    "dataFormat" : "IPv4",
                    "groupAssign" : "fullAccess",
                    "uuid" : "29F2B9E1-ADE9-4550-B63C-CEA1423E52FC"             },
                {
                    "id" : "27",
                    "name" : "mp asset tests IPv6",
                    "description" : "Copied from QA",
                    "type" : "Local",
                    "dataFormat" : "IPv6",
                    "groupAssign" : "fullAccess",
                    "uuid" : "96F2AD1B-1B83-462E-908A-84E6054F6B64"             },
                {
                    "id" : "29",
                    "name" : "Test IPv6",
                    "description" : "",
                    "type" : "Local",
                    "dataFormat" : "IPv6",
                    "groupAssign" : "fullAccess",
                    "uuid" : "2DF066B8-F310-44BB-B6BE-BC6D5BDEE0AB"             }
            ],
            "zones" : [],
            "ldaps" : [],
            "pubSites" : [
                {
                    "id":"2","name":"Test1","description":"","type":"CMRS"              }
            ],
            "uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"     },
        {
            "id" : "9",
            "name" : "Test Org 1",
            "description" : "",
            "email" : "",
            "address" : "",
            "city" : "",
            "state" : "",
            "country" : "",
            "phone" : "",
            "fax" : "",
            "ipInfoLinks" : [
                {
                    "name" : "SANS",
                    "link" : "https:\/\/isc.sans.edu\/ipinfo.html?ip=%IP%"              },
                {
                    "name" : "ARIN",
                    "link" : "http:\/\/whois.arin.net\/rest\/ip\/%IP%"              }
            ],
            "zoneSelection" : "auto_only",
            "restrictedIPs" : "",
            "vulnScoreLow" : "1",
            "vulnScoreMedium" : "3",
            "vulnScoreHigh" : "10",
            "vulnScoreCritical" : "40",
            "vulnScoringSystem" : "CVSSv2",
            "createdTime" : "1409944744",
            "modifiedTime" : "1414521257",
            "passwordExpires": "true",
            "passwordExpiration": "90",
            "userCount" : "1",
            "lces" : [],
            "repositories" : [
                {
                    "id" : "25",
                    "name" : "IPv6 Rep",
                    "description" : "",
                    "type" : "Local",
                    "dataFormat" : "IPv6",
                    "groupAssign" : "fullAccess",
                    "uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"             },
                {
                    "id" : "26",
                    "name" : "agrepo",
                    "description" : "",
                    "type" : "Local",
                    "dataFormat" : "IPv4",
                    "groupAssign" : "fullAccess",
                    "uuid" : "29F2B9E1-ADE9-4550-B63C-CEA1423E52FC"             },
                {
                    "id" : "27",
                    "name" : "mp asset tests IPv6",
                    "description" : "Copied from QA",
                    "type" : "Local",
                    "dataFormat" : "IPv6",
                    "groupAssign" : "fullAccess",
                    "uuid" : "96F2AD1B-1B83-462E-908A-84E6054F6B64"             }
            ],
            "zones" : [],
            "ldaps" : [],
            "nessusManagers" : [],
            "pubSites" : [],
            "uuid" : "F8F1B126-1B50-4A65-851A-1168F3283D7B"     }
    ],
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1418050287
}
POST

Adds an Organization

Request Parameters
Expand

NOTE: "zoneSelection" has specific "zone" restrictions noted below:

  • auto_only cannot have any zones assigned
  • locked must have one zone assigned
  • selectable and selectable+auto_restricted must have at least one zone assigned
  • selectable+auto has no restrictions


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
{
    "name" : <string>,
    "passwordExpires" : <string> "false" | "true" OPTIONAL,
    "passwordExpiration" : <number> (a number between 1 and 365) OPTIONAL,
    "zoneSelection" : <string> "auto_only" | "locked" | "selectable" | "selectable+auto" | "selectable+auto_restricted",
    "restrictedIPs" : <string> (valid IP address or range of IP addresses) OPTIONAL,
    "lces" : [
        {
            "id" : <number>       }...
    ] DEFAULT [],
    "repositories" : [
        {
            "id" : <number> OR "uuid" : <string>        }...
    ] DEFAULT [],
    "pubSites" : [
        {
            "id" : <number>       }...
    ] DEFAULT [],
    "zones" : [
        {
            "id" : <number> OR "uuid" : <string>        }...
    ] DEFAULT [],
    "ldaps" : [
        {
            "id" : <number>       }...
    ] DEFAULT [],
    "nessusManagers" : [
        {
            "id" : <number>       }...
    ] DEFAULT [],
    "vulnScoreLow" : <number> DEFAULT 1,
    "vulnScoreMedium" : <number> DEFAULT 3,
    "vulnScoreHigh" : <number> DEFAULT 10,
    "vulnScoreCritical" : <number> DEFAULT 40,
    "vulnScoringSystem" : <string> "CVSSv2" | "CVSSv3",
    "ipInfoLinks" : [
        {
            "link" : <string>,
            "name" : <string>     }
        {
            "link" : <string>,
            "name" : <string>     }
    ] DEFAULT []
    ...
}
Example Response
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
{
    "type" : "regular",
    "response" : {
        "id" : "10",
        "name" : "Org Post",
        "description" : "",
        "email" : "",
        "address" : "",
        "city" : "",
        "state" : "",
        "country" : "",
        "phone" : "",
        "fax" : "",
        "ipInfoLinks" : [
            {
                "name" : "SANS",
                "link" : "https:\/\/isc.sans.edu\/ipinfo.html?ip=%IP%"          },
            {
                "name" : "ARIN",
                "link" : "http:\/\/whois.arin.net\/rest\/ip\/%IP%"          }
        ],
        "zoneSelection" : "auto_only",
        "restrictedIPs" : "",
        "vulnScoreLow" : "1",
        "vulnScoreMedium" : "3",
        "vulnScoreHigh" : "10",
        "vulnScoreCritical" : "40",
        "vulnScoringSystem" : "CVSSv2",
        "createdTime" : "1418052290",
        "modifiedTime" : "1418052290",
        "passwordExpires": "true"
        "passwordExpiration": "90",   
        "userCount" : "0",
        "lces" : [
            {
                "id" : "5",
                "name" : "qa-lce4x-lifeA",
                "description" : "Copied from Box for testing"           }
        ],
        "repositories" : [
            {
                "id" : "26",
                "name" : "agrepo",
                "description" : "",
                "type" : "Local",
                "dataFormat" : "IPv4",
                "groupAssign" : "all",
                "uuid" : "51C9083D-3AF6-4557-9492-7B25FCF6BAEB"         }
        ],
        "passwordExpires" : "true",
        "passwordExpiration" : "90",
        "zones" : [],
        "ldaps" : [],
        "nessusManagers" : [],
        "pubSites" : [],
        "uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A" },
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1418052290
}

/organization/{id}

/organization/{uuid}

Methods
GET

Gets the Organization associated with {id} or {uuid}.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
*uuid
**name
**description
email
address
city
state
country
phone
fax
ipInfoLinks
zoneSelection
restrictedIPs
vulnScoreLow
vulnScoreMedium
vulnScoreHigh
vulnScoreCritical
vulnScoringSystem
createdTime
modifiedTime
passwordExpires
passwordExpiration
userCount
lces
repositories
zones
nessusManagers
pubSites
ldaps

Legend

* = always comes back
** = comes back if fields list not specified on GET all

redFont =  field is a JSON object e.g. "repository" :{ "id" : <id>, "name" : <name> } )

Request Parameters

None

Example Response
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
{
    "type" : "regular",
    "response" : {
        "id" : "8",
        "name" : "Org",
        "description" : "Testing for Policies with New Schema",
        "email" : "",
        "address" : "",
        "city" : "",
        "state" : "",
        "country" : "",
        "phone" : "",
        "fax" : "",
        "ipInfoLinks" : [
            {
                "name" : "SANS",
                "link" : "https:\/\/isc.sans.edu\/ipinfo.html?ip=%IP%"          },
            {
                "name" : "ARIN",
                "link" : "http:\/\/whois.arin.net\/rest\/ip\/%IP%"          }
        ],
        "zoneSelection" : "auto_only",
        "restrictedIPs" : "192.168.1.1",
        "vulnScoreLow" : "1",
        "vulnScoreMedium" : "3",
        "vulnScoreHigh" : "10",
        "vulnScoreCritical" : "40",
        "vulnScoringSystem" : "CVSSv2",
        "createdTime" : "1406321214",
        "modifiedTime" : "1414509795",
        "passwordExpires": "true"
        "passwordExpiration": "90"
        "userCount" : "4",
        "lces" : [
            {
                "id" : "3",
                "name" : "LCE 192.168.1.1",
                "description" : "Copied from Box for testing"           },
            {
                "id" : "4",
                "name" : "NEW LCE",
                "description" : "Copied from Box for testing"           },
            {
                "id" : "5",
                "name" : "qa-lce4x-lifeA",
                "description" : "Copied from Box for testing"           }
        ],
        "repositories" : [
            {
                "id" : "25",
                "name" : "IPv6 Rep",
                "description" : "",
                "type" : "Local",
                "dataFormat" : "IPv6",
                "groupAssign" : "fullAccess",
                "uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"         },
            {
                "id" : "26",
                "name" : "agrepo",
                "description" : "",
                "type" : "Local",
                "dataFormat" : "IPv4",
                "groupAssign" : "fullAccess",
                "uuid" : "29F2B9E1-ADE9-4550-B63C-CEA1423E52FC"         },
            {
                "id" : "27",
                "name" : "mp asset tests IPv6",
                "description" : "Copied from QA",
                "type" : "Local",
                "dataFormat" : "IPv6",
                "groupAssign" : "fullAccess",
                "uuid" : "96F2AD1B-1B83-462E-908A-84E6054F6B64"         },
            {
                "id" : "29",
                "name" : "Test IPv6",
                "description" : "",
                "type" : "Local",
                "dataFormat" : "IPv6",
                "groupAssign" : "fullAccess",
                "uuid" : "2DF066B8-F310-44BB-B6BE-BC6D5BDEE0AB"         }
        ],
        "zones" : [],
        "ldaps" : [],
        "nessusManagers" : [],
        "pubSites" : [
            {
                "id":"2","name":"Test1","description":"","type":"CMRS"          }
        ],
        "uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A" },
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1418050303
}
PATCH

Edits the Organization associated with {id} or {uuid}, changing only the passed in fields.

Request Parameters
Click here to expand...

All fields are optional.

See /organization::POST for parameters.

NOTE: Additionally, each "repositories" object may have an extra parameter "allUsers" not listed for the POST:

1
2
3
4
5
6
7
8
9
10
{
    ...
    "repositories" : [
        {
            "id" : <number> OR "uuid" : <string>,
            "allUsers" : <string> "false" | "true" OPTIONAL
        }...
    ]
    ...
}
Example Response
See /organization/{id}::GET
DELETE

Deletes the Organization associated with {id} or {uuid}, depending on access and permissions.

Request Parameters

None

Example Response
Expand
1
2
3
4
5
6
7
8
{
    "type" : "regular",
    "response" : "",
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1408726272
}

/organization/{id}/acceptRiskRule

/organization/{uuid}/acceptRiskRule

Methods
GET

Gets the list of Accept Risk Rules in the Organization associated with {id} or {uuid}, unless filters are provided.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
**repository
**organization
**user
**plugin
**hostType
**hostValue
**port
**protocol
**expires
**status
comments
createdTime
modifiedTime

Legend

* = always comes back
** = comes back if fields list not specified on GET all

redFont =  field is a JSON object e.g. "repository" :{ "id" : <id>, "name" : <name> } )

Filters
Expand
1
2
3
repositoryIDs=<number>,... DEFAULT 0 (i.e. all Repositories) OR repositoryUUIDs=<string>,...
pluginID=<number> | <string> "all" DEFAULT "all" (i.e. all Plugins)
port=<number> | <string> "all" DEFAULT "all" (i.e. all Ports)
Example Response
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
 {
    "type" : "regular",
    "response" : [
        {
            "id" : "3",
            "hostType" : "all",
            "hostValue" : "",
            "port" : "any",
            "protocol" : "any",
            "expires" : "-1",
            "status" : "0",
            "repository" : {
                "id" : "17",
                "name" : "New Fields Repo",
                "description" : "",
                "type" : "Local",
                "uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"         },
            "organization" : {
                "id" : "8",
                "name" : "Org",
                "description" : "Testing for Policies with New Schema",
                "uuid" : "2E950182-08B6-4737-830B-4ACC8F6B92F9"         },
            "user" : {
                "id" : "1",
                "username" : "head",
                "firstname" : "Security Manager",
                "lastname" : "",
                "uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"         },
            "plugin" : {
                "id" : "0",
                "name" : "Open Port",
                "description" : "",
                "type" : "active"           }
        }
    ],
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1410275054
}

/organization/{id}/recastRiskRule

/organization/{uuid}/recastRiskRule

Methods
GET

Gets the list of Recast Risk Rules in the Organization associated with {id} or {uuid}, unless filters are provided.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
**repository
**organization
**user
**plugin
**newSeverity
**hostType
**hostValue
**port
**protocol
**order
**status
comments
createdTime
modifiedTime

Legend

* = always comes back
** = comes back if fields list not specified on GET all

redFont =  field is a JSON object e.g. "repository" :{ "id" : <id>, "name" : <name> } )

Filters
Expand
1
2
3
repositoryIDs=<number>,... DEFAULT 0 (i.e. all Repositories) OR repositoryUUIDs=<string>,...
pluginID=<number> | <string> "all" DEFAULT "all" (i.e. all Plugins)
port=<number> | <string> "all" DEFAULT "all" (i.e. all Ports)
Example Response
Expand
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
{
    "type" : "regular",
    "response" : [
        {
            "id" : "1",
            "newSeverity" : "0",
            "hostType" : "all",
            "hostValue" : "",
            "port" : "any",
            "protocol" : "any",
            "order" : "1",
            "status" : "0",
            "repository" : {
                "id" : "18",
                "name" : "New Rep 1",
                "description" : "",
                "type" : "Local",
                "uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"         },
            "organization" : {
                "id" : "8",
                "name" : "Org",
                "description" : "Testing for Policies with New Schema",
                "uuid" : "2E950182-08B6-4737-830B-4ACC8F6B92F9"         },
            "user" : {
                "id" : "1",
                "username" : "head",
                "firstname" : "Security Manager",
                "lastname" : "",
                "uuid" : "A2FF7E13-2C0E-470E-A3C9-E077FE065A54"         },
            "plugin" : {
                "id" : "0",
                "name" : "Open Port",
                "description" : "",
                "type" : "active"           }
        }
    ],
    "error_code" : 0,
    "error_msg" : "",
    "warnings" : [],
    "timestamp" : 1410281615
}