Tenable Security Center API: Scanner

Except for method GET, this endpoint may only be used by administrators.

/scanner

Methods
GET

Gets the list of Scanners.

NOTE: This call will return all Scanners for an Administrator. For an Organization User, it will only return agent-capable Scanners associated with that User's Organization.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields (Admin User)

*id
**name
**description
**agentCapable
**wasCapable
**status
**statusMessage
ip
port
useProxy
enabled
verifyHost
managePlugins
authType
cert
username
password
version
webVersion
admin
msp
numScans
numHosts
numSessions
numTCPSessions
loadAvg
uptime
pluginSet
loadedPluginSet
serverUUID
createdTime
modifiedTime
accessKey
secretKey
zones
nessusManagerOrgs

Allowed Fields (Org User)

*id
**name
**description
**status
agentCapable

Legend

* = always comes back

** = comes back if fields list not specified on GET all

red field is a JSON object e.g. "SCI" : {"id" : "2", "name" : "SCI Name", "description" : "Description"} )

Request Query Parameters

None

Example Response
Expand
{
	"type" : "regular",
	"response" : [
		{
			"id" : "12",
			"name" : "Scanner 1",
			"description" : "Copied from QA",
			"agentCapable" : "true",
			"wasCapable" : "false",
			"status" : "1",
			"statusMessage" : ""		},
		{
			"id" : "14",
			"name" : "Scanner using Safe Scan Range",
			"description" : "",
			"agentCapable" : "true",
			"wasCapable" : "false",
			"status" : "16",
			"statusMessage" : ""		},
		{
			"id" : "15",
			"name" : "mp zone 1 scanner",
			"description" : "Copied from QA",
			"agentCapable" : "true",
			"wasCapable" : "false",
			"status" : "1",
			"statusMessage" : ""		},
		{
			"id" : "16",
			"name" : "NessusTest",
			"description" : "Copied From QA",
			"agentCapable" : "false",
			"wasCapable" : "true",
			"status" : "32",
			"statusMessage" : ""		},
		{
			"id" : "17",
			"name" : "sc",
			"description" : "",
			"agentCapable" : "false",
			"wasCapable" : "true",
			"status" : "2",
			"statusMessage" : ""		}
	],
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1426878501
}
POST

Adds a Scanner.

Request Parameters
Expand
{
	"name" : <string>,
	"description" : <string> DEFAULT "",
	"authType" : <string> "certificate" | "apiKeys" | "password" DEFAULT "password",
	"ip" : <string>,
	"port" : <number>,
	"useProxy" : <string> "true" | "false" DEFAULT "false",
	"verifyHost" : <string> "true" | "false" DEFAULT "true",
	"enabled" : <string> "true" | "false" DEFAULT "true",
	"managePlugins" : <string> "true" | "false" DEFAULT "false",
	"agentCapable" : <string> "true" | "false" DEFAULT "false",
	"wasCapable" : <string> "true" | "false" DEFAULT "false",
	"zones" : [
		{
			"id" : <number>		}...
	] DEFAULT [],
	"nessusManagerOrgs" : [
		{
			"id" : <number>		}...
	] DEFAULT [],
	"accessKey" : <string> DEFAULT "",
	"secretKey" : <string> DEFAULT ""...
}

authType "certificate"

...
	"cert" : <string>,
	"password" : <string> DEFAULT "",
...

authType "password"

...
	"username" : <string>,
	"password" : <string>...

authType "apiKeys"

...
	"accessKey" : <string> DEFAULT "",
	"secretKey" : <string> DEFAULT "",
...
  • Details
    • Zones are not used
    • Agent Capable should be set to "true"
Example Response
Expand
{
	"type" : "regular",
	"response" : {
		"id" : "5",
		"name" : "My Active Scanner",
		"description" : "",
		"ip" : "192.168.1.1",
		"port" : "443",
		"useProxy" : "false",
		"enabled" : "true",
		"verifyHost" : "true",
		"managePlugins" : "false",
		"authType" : "password",
		"accessKey" : "SET",
		"secretKey" : "SET",
		"agentCapable" : "true",
		"wasCapable" : "false",
		"cert" : null,
		"username" : "nonadmin",
		"password" : "SET",
		"version" : null,
		"webVersion" : null,
		"admin" : "false",
		"msp" : "false",
		"numScans" : "0",
		"numHosts" : "0",
		"numSessions" : "0",
		"numTCPSessions" : "0",
		"loadAvg" : "0.0",
		"uptime" : -1,
		"status" : "8192",
		"statusMessage" : null,
		"pluginSet" : null,
		"loadedPluginSet" : null,
		"serverUUID" : null,
		"createdTime" : "1402435586",
		"modifiedTime" : "1402435586",
		"zones" : [
			{
				"id" : "1",
				"name" : "Big Zone",
				"description" : "",
				"uuid" : "4F7DD1CD-EB1B-40D7-BCE1-2DB3E31F6F4C"			}
		],
		"nessusManagerOrgs" : [
			{
				"id" : "1",
				"name" : "Big Org",
				"description" : "",
				"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"			}
		]
	},
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1402435586
}

/scanner/{id}

Methods
GET

Gets the Scanner associated with {id}.

NOTE: This call will return all Scanners for an Administrator. For an Organization User, it will only return agent-capable Scanners associated with that User's Organization.

Fields Parameter
Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields (Admin User)

*id
**name
**description
**status
**ip
**port
**useProxy
**enabled
**verifyHost
**managePlugins
**authType
**nessusType
**cert
**username
**password
**agentCapable
**wasCapable
**version
**webVersion
**admin
**msp
**numScans
**numHosts
**numSessions
**numTCPSessions
**loadAvg
**uptime
**statusMessage
**pluginSet
**loadedPluginSet
**serverUUID
**createdTime
**modifiedTime
**accessKey
**secretKey
**zones
**nessusManagerOrgs

Allowed Fields (Org User)

*id
**name
**description
**status
agentCapable

Legend

* = always comes back

** = comes back if fields list not specified on GET all

red field is a JSON object e.g. "SCI" : {"id" : "2", "name" : "SCI Name", "description" : "Description"} )

Request Query Parameters

None

Example Response
Expand
{
	"type" : "regular",
	"response" : {
		"id" : "5",
		"name" : "My Active Scanner",
		"description" : "",
		"ip" : "192.168.1.1",
		"port" : "443",
		"useProxy" : "false",
		"enabled" : "true",
		"verifyHost" : "true",
		"managePlugins" : "false",
		"authType" : "password",
		"nessusType" : "Nessus Manager",
		"cert" : null,
		"username" : "nonadmin",
		"password" : "SET",
		"agentCapable" : "true",
		"wasCapable" : "false",
		"accessKey" : null,
		"secretKey". : null,
		"version" : null,
		"webVersion" : null,
		"admin" : "false",
		"msp" : "false",
		"numScans" : "0",
		"numHosts" : "0",
		"numSessions" : "0",
		"numTCPSessions" : "0",
		"loadAvg" : "0.0",
		"uptime" : -1,
		"status" : "8192",
		"statusMessage" : null,
		"pluginSet" : null,
		"loadedPluginSet" : null,
		"serverUUID" : null,
		"createdTime" : "1402435586",
		"modifiedTime" : "1402435586",
		"zones" : [
			{
				"id" : "1",
				"name" : "Big Zone",
				"description" : "",
				"uuid" : "4F7DD1CD-EB1B-40D7-BCE1-2DB3E31F6F4C"			}
		],
		"nessusManagerOrgs" : [
			{
				"id" : "1",
				"name" : "Big Org",
				"description" : "",
				"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"			}
		]
	},
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1402435871
}
PATCH

Edits the Scanner associated with {id}, changing only the passed in fields.

Request Parameters

(All fields are optional)

See /scanner::POST for parameters.

Example Response
See /scanner/{id}::GET
DELETE

Deletes the Scanner associated with {id}, depending on access and permissions.

Request Parameters

None

Example Response
Expand
{
	"type" : "regular",
	"response" : "",
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1402436001
}

/scanner/{id}/testScansQuery

POST

Tests the Scans glob against the API of the Scanner associated with {id}.

Request Parameters
Expand
{
	"scansGlob" : <string>	"resultsSync" : {
		"id" : <number>	} OPTIONAL
}
Example Response
Expand
{
	"type" : "regular",
	"response" : [
		{
			"name" : "basic agent scan all agents",
			"numResults" : 5
		},
		{
			"name" : "C agent policy compliance scan",
			"numResults" : 4
		},
		{
			"name" : "mp advanced agent scan all plugins plus multiple file contents compliance audits",
			"numResults" : 2
		},
		{
			"name" : "windows agent malware scan",
			"numResults" : 3
		}
	],
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1442351168
}

/scanner/{id}/bug-report

POST

Downloads the bug report logs by querying the Nessus API endpoint for the Scanner associated with {id}.

Request Parameters
Expand
{
	"scrub_mode" : <string> "0" | "1" DEFAULT "0",
	"full_mode" : <string> "0" | "1" DEFAULT "0",
}
Example Response
Expand

None given.

  1. The response will be an inline file representing the bug report requested from Nessus.
  2. Any errors will be returned as JSON using the customary response envelope involved with standard calls.

/scanner/{id}/health

GET

Retrieve scanner health statistics by querying the Nessus API endpoint for the Scanner associated with {id}.  

NOTE: The "count" field represents the number of data points to retrieve over the last 24 hours, with the default of "1" retrieving statistics for the current request.

Field Parameters
Expand

The fields parameter should be specified along the query string, and it takes the syntax i.e. /scanner/{id}/health?count={count}

    ?fields=<field>,...

Allowed Fields (Admin User)

*count

Request Query Paramaters

None

{
	"count" : <integer> DEFAULT "1",
}

Legend

* = always comes back

Example Response
Expand
{
	"type" : "regular",
	"response" : (Object)
		"perf_stats_history" : (Array)(Object)
			"kbytes_received" : 3
			"kbytes_sent" : 12
			"avg_dns_lookup_time" : 0
			"num_dns_lookups" : 0
			"avg_rdns_lookup_time" : 0
			"num_rdns_lookups" : 0
			"cpu_load_avg" : 2
			"nessus_log_disk_free" : 42681
			"nessus_log_disk_total" : 51175
			"nessus_data_disk_free" : 42681
			"nessus_data_disk_total" : 51175
			"temp_disk_free" : 42681
			"temp_disk_total" : 51175
			"num_tcp_sessions" : 0
			"nessus_vmem" : 1290
			"nessus_mem" : 243
			"sys_ram_used" : null
			"sys_ram" : 7727
			"sys_cores" : 2
			"num_hosts" : 0
			"num_scans" : 0
			"timestamp" : 1567631211
		"perf_stats_current" : (Object)
			"kbytes_received" : 0
			"kbytes_sent" : 0
			"avg_dns_lookup_time" : 0
			"num_dns_lookups" : 0
			"avg_rdns_lookup_time" : 0
			"num_rdns_lookups" : 0
			"cpu_load_avg" : 0
			"nessus_log_disk_free" : 42672
			"nessus_log_disk_total" : 51175
			"nessus_data_disk_free" : 42672
			"nessus_data_disk_total" : 51175
			"temp_disk_free" : 42672
			"temp_disk_total" : 51175
			"num_tcp_sessions" : 0
			"nessus_vmem" : 1290
			"nessus_mem" : 195
			"sys_ram_used" : null
			"sys_ram" : 7727
			"sys_cores" : 2
			"num_hosts" : 0
			"num_scans" : 0
			"timestamp" : 1567631211,
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1402435958
}

/scanner/updateStatus

The /scanner/updateStatus resource.

POST

Starts an on-demand Scanner status update.

Request Parameters

None.

Example Response
Expand
{
	"type" : "regular",
	"response" : [
		{
			"id" : "5",
			"name" : "My Active Scanner",
			"description" : "",
			"status" : "8200"		}
	],
	"error_code" : 0,
	"error_msg" : "",
	"warnings" : [],
	"timestamp" : 1402435958
}

Expand Items:

  • details

Show type specific details (such as certificate information, etc.)