Tenable Security Center API: Scan Policy Templates

/policyTemplate

Methods
GET

Gets the list of Policy Templates.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
**name
**description
**status
editor
detailedEditor
createdTime
modifiedTime
templatePubTime
templateModTime
templateDefModTime
agent
isWas

Legend

* = always comes back

** = comes back if fields list not specified on GET all

Request Parameters

None

Example Response
Expand
{
	"type" : "regular",
	"response" : [
		{
			"id" : "2",
			"name" : "Host Discovery",
			"description" : "A simple scan to discover live hosts and open ports."		},
		{
			"id" : "3",
			"name" : "Basic Network Scan",
			"description" : "A full system scan suitable for any host."		},
		{
			"id" : "4",
			"name" : "Credentialed Patch Audit",
			"description" : "Authenticate to hosts and enumerate missing updates."		},
		{
			"id" : "5",
			"name" : "Web Application Tests",
			"description" : "Scan for published and unknown web vulnerabilities."		},
		{
			"id" : "6",
			"name" : "Windows Malware Scan",
			"description" : "Scan for malware on Windows systems."		},
		{
			"id" : "7",
			"name" : "Policy Compliance Auditing",
			"description" : "Audit system configurations against a known baseline."		},
		{
			"id" : "8",
			"name" : "Internal PCI Network Scan",
			"description" : "Perform an internal PCI DSS (11.2.1) vulnerability scan."		},
		{
			"id" : "9",
			"name" : "SCAP Compliance Audit",
			"description" : "Audit systems by using SCAP content."		},
		{
			"id" : "10",
			"name" : "Bash Shellshock Detection",
			"description" : "Remote and local checks for CVE-2014-6271 and CVE-2014-7169."		},
		{
			"id" : "11",
			"name" : "GHOST (glibc) Detection",
			"description" : "Local checks for CVE-2015-0235."		},
		{
			"id" : "12",
			"name" : "Advanced Scan",
			"description" : "Configure a scan without using any recommendations."		}
	],
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1424979243
}

/policyTemplate/{id}

Methods
GET

Gets the Policy Template associated with {id}.

NOTE:

  • Field settings represents left hand navigation in UI.
  • Field regex represents a regular expression. Values INT_REGEX and PORT_REGEX are defined constants.
  • Field values is required for the radio group input type.
  • See the name/value pairs in "options" for naming attributes inside field conditionalSettings.
  • Field name under conditionalSettings forms the name of a sub-section below the current section. If omitted, items are added to the current section.
Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
**name
**description
editor
createdTime
modifiedTime
templatePubTime
templateModTime
templateDefModTime
agent 
isWas

Legend

* = always comes back

** = comes back if fields list not specified on GET all

Request Parameters

None

Example Response
Expand
{
	"type" : "regular",
	"response" : {
		"id" : "2",
		"name" : "Host Discovery",
		"description" : "A simple scan to discover live hosts and open ports.",
		"editor" : "{\"sections\":[{\"name\":\"Setup\",\"id\":\"setup\",\"subsections\":[{\"id\":\"setup_general\",\"name\":\"General\",\"inputs\":[{\"id\":\"name\",\"type\":\"entry\",\"name\":\"Name\",\"required\":\"true\"},{\"id\":\"description\",\"type\":\"textarea\",\"name\":\"Description\"}]},{\"id\":\"setup_modes\",\"name\":\"Configuration\",\"inputs\":[{\"type\":\"dropdown\",\"id\":\"MODE|discovery\",\"name\":\"Discovery\",\"default\":\"host_enumeration\",\"options\":[{\"name\":\"Host enumeration\",\"id\":\"host_enumeration\",\"hint\":\"<ul><li>General Settings:<ul><li>Always test the local Nessus host<\\\/li><li>Use fast network discovery<\\\/li><\\\/ul><li>Ping hosts using:<ul><li>TCP<\\\/li><li>ARP<\\\/li><li>ICMP (2 retries)<\\\/li><\\\/ul><\\\/li><li>Scan all devices, including:<ul><li>Printers<\\\/li><li>Novell Netware hosts<\\\/li><\\\/ul><\\\/li><\\\/ul>\"},{\"name\":\"Port scan (common ports)\",\"id\":\"portscan_common\",\"hint\":\"<ul><li>General Settings:<ul><li>Always test the local Nessus host<\\\/li><li>Use fast network discovery<\\\/li><\\\/ul><\\\/li><li>Port Scanner Settings:<ul><li>Scan common ports<\\\/li><li>Use netstat if credentials are provided<\\\/li><li>Use SYN scanner if necessary<\\\/li><\\\/ul><\\\/li><li>Ping hosts using:<ul><li>TCP<\\\/li><li>ARP<\\\/li><li>ICMP (2 retries)<\\\/li><\\\/ul><\\\/li><li>Scan all devices, including:<ul><li>Printers<\\\/li><li>Novell Netware hosts<\\\/li><\\\/ul><\\\/li><\\\/ul>\"},{\"name\":\"Port scan (all ports)\",\"id\":\"portscan_all\",\"hint\":\"<ul><li>General Settings:<ul><li>Always test the local Nessus host<\\\/li><li>Use fast network discovery<\\\/li><\\\/ul><\\\/li><li>Port Scanner Settings:<ul><li>Scan all ports (1-65535)<\\\/li><li>Use netstat if credentials are provided<\\\/li><li>Use SYN scanner if necessary<\\\/li><\\\/ul><\\\/li><li>Ping hosts using:<ul><li>TCP<\\\/li><li>ARP<\\\/li><li>ICMP (2 retries)<\\\/li><\\\/ul><\\\/li><li>Scan all devices, including:<ul><li>Printers<\\\/li><li>Novell Netware hosts<\\\/li><\\\/ul><\\\/li><\\\/ul>\"},{\"name\":\"Custom\",\"id\":\"custom\",\"custom\":\"true\",\"hint\":\"<ul><li>Choose your own discovery settings.<\\\/li><\\\/ul>\"}]},{\"type\":\"dropdown\",\"id\":\"MODE|report\",\"name\":\"Report\",\"default\":\"default_output\",\"options\":[{\"name\":\"Default\",\"id\":\"default_output\",\"hint\":\"<ul><li>Report output:<ul><li>Allow users to edit scan results<\\\/li><\\\/ul><\\\/li><\\\/ul>\"},{\"name\":\"Custom\",\"id\":\"custom\",\"custom\":\"true\",\"hint\":\"<ul><li>Choose your own report settings.<\\\/li><\\\/ul>\"}]}]}],\"section\":\"setup\"},{\"name\":\"Host Discovery\",\"inputs\":[{\"id\":\"ping_the_remote_host\",\"type\":\"checkbox\",\"name\":\"Ping the remote host\",\"default\":\"yes\",\"conditionalSettings\":{\"yes\":{\"subsections\":[{\"name\":\"General settings\",\"inputs\":[{\"id\":\"test_local_nessus_host\",\"type\":\"checkbox\",\"name\":\"Test the local Nessus host\",\"default\":\"yes\",\"hint\":\"This setting specifies whether the local Nessus host should be scanned when it falls within the target range specified for the scan.\"},{\"id\":\"fast_network_discovery\",\"type\":\"checkbox\",\"name\":\"Use fast network discovery\",\"hint\":\"If a host responds to ping, Nessus attempts to avoid false positives, performing additional tests to verify the response did not come from a proxy or load balancer. Fast network discovery bypasses those additional tests.\",\"default\":\"no\"}],\"id\":\"ping_the_remote_host_general\"},{\"name\":\"Ping Methods\",\"inputs\":[{\"id\":\"arp_ping\",\"type\":\"checkbox\",\"name\":\"ARP\",\"default\":\"yes\"},{\"id\":\"tcp_ping\",\"type\":\"checkbox\",\"name\":\"TCP\",\"default\":\"yes\",\"conditionalSettings\":{\"yes\":{\"inputs\":[{\"id\":\"tcp_ping_dest_ports\",\"type\":\"medium-entry\",\"name\":\"Destination ports\",\"default\":\"built-in\"}]}}},{\"id\":\"icmp_ping\",\"type\":\"checkbox\",\"name\":\"ICMP\",\"default\":\"yes\",\"conditionalSettings\":{\"yes\":{\"inputs\":[{\"id\":\"icmp_unreach_means_host_down\",\"type\":\"checkbox\",\"name\":\"Assume ICMP unreachable from the gateway means the host is down\",\"default\":\"no\"},{\"id\":\"icmp_ping_retries\",\"type\":\"medium-entry\",\"name\":\"Maximum number of retries\",\"default\":\"2\",\"regex\":\"^\\\\d+$\"}]}}},{\"id\":\"udp_ping\",\"type\":\"checkbox\",\"name\":\"UDP\",\"default\":\"no\"}],\"id\":\"ping_the_remote_host_protocols\"}]}}}],\"subsections\":[{\"name\":\"Fragile Devices\",\"inputs\":[{\"id\":\"scan_network_printers\",\"type\":\"checkbox\",\"name\":\"Scan Network Printers\",\"default\":\"no\"},{\"id\":\"scan_netware_hosts\",\"type\":\"checkbox\",\"name\":\"Scan Novell Netware hosts\",\"default\":\"no\"}],\"id\":\"discovery_host_discovery_fragile_devices\"},{\"name\":\"Wake-on-LAN\",\"inputs\":[{\"id\":\"wol_mac_addresses\",\"type\":\"file\",\"name\":\"List of MAC addresses\"},{\"id\":\"wol_wait_time\",\"type\":\"medium-entry\",\"name\":\"Boot time wait (in minutes)\",\"default\":\"5\",\"regex\":\"^\\\\d+$\"}],\"id\":\"discovery_host_discovery_wol\"},{\"name\":\"Network Type\",\"inputs\":[{\"id\":\"network_type\",\"type\":\"dropdown\",\"name\":\"Network Type\",\"options\":[\"Mixed (use RFC 1918)\",\"Private LAN\",\"Public WAN (Internet)\"],\"default\":\"Mixed (use RFC 1918)\"}],\"id\":\"discovery_host_discovery_network_type\"}],\"id\":\"discovery_host_discovery\",\"section\":\"discovery\"},{\"id\":\"discovery_network_discovery\",\"subsections\":[{\"name\":\"Ports\",\"inputs\":[{\"id\":\"unscanned_closed\",\"type\":\"checkbox\",\"name\":\"Consider unscanned ports as closed\",\"default\":\"no\"},{\"id\":\"portscan_range\",\"type\":\"medium-entry\",\"name\":\"Port scan range:\",\"default\":\"default\"}],\"id\":\"discovery_network_discovery_ports\",\"section\":\"discovery_network_discovery\"},{\"name\":\"Network Port Scanners\",\"inputs\":[{\"id\":\"tcp_scanner\",\"type\":\"checkbox\",\"name\":\"TCP\",\"default\":\"no\",\"conditionalSettings\":{\"yes\":{\"inputs\":[{\"id\":\"tcp_firewall_detection\",\"type\":\"dropdown\",\"name\":\"Override automatic firewall detection\",\"default\":\"Automatic (normal)\",\"options\":[{\"name\":\"Automatic (normal)\",\"hint\":\"\"},{\"name\":\"Do not detect RST rate limitation (soft)\",\"hint\":\"Use soft detection\"},{\"name\":\"Ignore closed ports (aggressive)\",\"hint\":\"Use aggressive detection\"},{\"name\":\"Disabled (softer)\",\"hint\":\"Disable detection\"}]}]}}},{\"id\":\"syn_scanner\",\"type\":\"checkbox\",\"name\":\"SYN\",\"default\":\"yes\",\"conditionalSettings\":{\"yes\":{\"inputs\":[{\"id\":\"syn_firewall_detection\",\"type\":\"dropdown\",\"name\":\"Override automatic firewall detection\",\"default\":\"Automatic (normal)\",\"options\":[{\"name\":\"Automatic (normal)\",\"hint\":\"\"},{\"name\":\"Do not detect RST rate limitation (soft)\",\"hint\":\"Use soft detection\"},{\"name\":\"Ignore closed ports (aggressive)\",\"hint\":\"Use aggressive detection\"},{\"name\":\"Disabled (softer)\",\"hint\":\"Disable detection\"}]}]}}},{\"id\":\"udp_scanner\",\"type\":\"checkbox\",\"name\":\"UDP\",\"default\":\"no\",\"hint\":\"Due to the nature of the protocol, it is generally not possible for a port scanner to tell the difference between open and filtered UDP ports.  Enabling the UDP port scanner may dramatically increase the scan time and produce unreliable results. Consider using the netstat or SNMP port enumeration options instead if possible.\"}],\"id\":\"discovery_network_discovery_network_scanners\",\"section\":\"discovery_network_discovery\"}]},{\"name\":\"Report\",\"subsections\":[{\"name\":\"Report output\",\"inputs\":[{\"id\":\"allow_post_scan_editing\",\"type\":\"checkbox\",\"name\":\"Allow users to edit scan results\",\"default\":\"yes\"},{\"id\":\"reverse_lookup\",\"type\":\"checkbox\",\"name\":\"Designate hosts by their DNS name\",\"default\":\"no\"},{\"id\":\"log_live_hosts\",\"type\":\"checkbox\",\"name\":\"Display hosts that respond to ping\",\"default\":\"no\"},{\"id\":\"display_unreachable_hosts\",\"type\":\"checkbox\",\"name\":\"Display unreachable hosts\",\"default\":\"no\"}],\"id\":\"report_report_output\",\"section\":\"report\"}],\"id\":\"report\",\"section\":\"report\"}]}",
		"createdTime" : "1423297810",
		"modifiedTime" : "1424507404",
		"templateModTime" : "1424474588",
		"templatePubTime" : "1406151204",
		"templateDefModTime" : "1424470185",
		"agent" : "false",
		"isWas" : "false"	},
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1424979089
}