Tenable Security Center

connector for tenable security center api integration capabilities this connector provides the following capabilities add a analysis add a scan add asset group download scan results get asset get credentials get policies get repositories get scan results get scans run scan get list queries get alert get hosts asset setup the asset for this connector requires the following inputs access key secret key configurations tenable sc api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required access key access key string required secret key secret key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions add analysis processes a query for analysis endpoint url rest/analysis method post input argument name type required description type string optional type of the resource query object optional parameter for add analysis query id number optional unique identifier sortdir string optional parameter for add analysis sortfield string optional parameter for add analysis sourcetype string optional type of the resource startoffset number optional parameter for add analysis endoffset number optional parameter for add analysis scanid number optional unique identifier view string optional parameter for add analysis input example {"json body" {"type" "vuln","query" {"id" 12345},"sortdir" "asc","sortfield" "field1","sourcetype" "individual","startoffset" 0,"endoffset" 100,"scanid" 67890,"view" "all"}} output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response object output field response response totalrecords string output field response totalrecords response returnedrecords number output field response returnedrecords response startoffset string output field response startoffset response endoffset string output field response endoffset response matchingdataelementcount string response data response results array result of the operation response results pluginid string unique identifier response results severity object result of the operation response results severity id string unique identifier response results severity name string name of the resource response results severity description string result of the operation response results vprscore string result of the operation response results vprcontext array result of the operation response results vprcontext id string unique identifier response results vprcontext name string name of the resource response results vprcontext value string value for the parameter response results vprcontext type string type of the resource response results vprcontext name string name of the resource response results ip string result of the operation response results uuid string unique identifier response results port string result of the operation output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"type" "regular","response" {"totalrecords" "1","returnedrecords" 1,"startoffset" "0","endoffset" "50","matchingdataelementcount" " 1","results" \[]},"error code" 0,"error msg" "","warnings" \[],"timestamp" 1553525692}} add group adds a group endpoint url rest/group method post input argument name type required description name string optional name of the resource description string optional parameter for add group createdefaultobjects string optional parameter for add group repositories array optional parameter for add group repositories id number optional unique identifier lces array optional parameter for add group lces id number optional unique identifier definingassets array optional parameter for add group definingassets id number optional unique identifier assets array optional parameter for add group assets id number optional unique identifier policies array optional parameter for add group policies id number optional unique identifier queries array optional parameter for add group queries id number optional unique identifier credentials array optional parameter for add group credentials id number optional unique identifier dashboardtabs array optional parameter for add group dashboardtabs id number optional unique identifier arcs array optional parameter for add group arcs id number optional unique identifier auditfiles array optional parameter for add group auditfiles id number optional unique identifier input example {"json body" {"name" "dummyname","description" "dummydescription","createdefaultobjects" "false","repositories" \[{"id" 12345}],"lces" \[{"id" 67890}],"definingassets" \[{"id" 12345}],"assets" \[{"id" 67890}],"policies" \[{"id" 12345}],"queries" \[{"id" 67890}],"credentials" \[{"id" 12345}],"dashboardtabs" \[{"id" 67890}],"arcs" \[{"id" 12345}],"auditfiles" \[{"id" 67890}]}} output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response object output field response response id string unique identifier response name string name of the resource response description string output field response description response createdtime string time value response modifiedtime string time value response lces array output field response lces response lces id string unique identifier response lces name string name of the resource response lces description string output field response lces description response lces version string output field response lces version response repositories array output field response repositories response repositories id string unique identifier response repositories name string name of the resource response repositories description string output field response repositories description response repositories lastvulnupdate string date value response repositories type string type of the resource response repositories dataformat string response data response repositories uuid string unique identifier response definingassets array output field response definingassets response definingassets id string unique identifier response definingassets name string name of the resource output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"type" "regular","response" {"id" "5","name" "full access group test","description" "","createdtime" "1436551970","modifiedtime" "1445892755","lces" \[],"repositories" \[],"definingassets" \[],"usercount" 0,"users" \[],"createdefaultobjects" "false","assets" \[],"policies" \[],"queries" \[],"credentials" \[]},"error code" 0,"error msg" "","warnings" \[],"timestamp" 1445892755}} add scan adds a scan, depending on access and permissions endpoint url rest/scan method post input argument name type required description name string optional name of the resource type string optional type of the resource description string optional parameter for add scan repository object optional parameter for add scan repository id number optional unique identifier zone object optional parameter for add scan zone id number optional unique identifier dhcptracking string optional parameter for add scan classifymitigatedage number optional parameter for add scan schedule object optional parameter for add scan schedule type string optional type of the resource reports array optional parameter for add scan reports id number optional unique identifier reports reportsource string optional parameter for add scan assets array optional parameter for add scan assets id number optional unique identifier credentials array optional parameter for add scan credentials id number optional unique identifier emailonlaunch string optional parameter for add scan emailonfinish string optional parameter for add scan timeoutaction string optional parameter for add scan scanningvirtualhosts string optional parameter for add scan rollovertype string optional type of the resource iplist string optional parameter for add scan maxscantime number optional time value input example {"json body" {"name" "dummyname","type" "policy","description" "dummydescription","repository" {"id" 12345},"zone" {"id" 0},"dhcptracking" "false","classifymitigatedage" 0,"schedule" {"type" "template"},"reports" \[{"id" 67890,"reportsource" "cumulative"}],"assets" \[{"id" 12345}],"credentials" \[{"id" 67890}],"emailonlaunch" "false","emailonfinish" "false","timeoutaction" "import","scanningvirtualhosts" "false","rollovertype" "template","iplist" "192 168 1 1","maxscantime" 3600}} output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response object output field response response id string unique identifier response name string name of the resource response description string output field response description response iplist string output field response iplist response type string type of the resource response policyid string unique identifier response pluginid string unique identifier response zoneid string unique identifier response dhcptracking string output field response dhcptracking response classifymitigatedage string output field response classifymitigatedage response emailonlaunch string output field response emailonlaunch response emailonfinish string output field response emailonfinish response timeoutaction string output field response timeoutaction response scanningvirtualhosts string output field response scanningvirtualhosts response rollovertype string type of the resource response status string status value response createdtime string time value response modifiedtime string time value response maxscantime string time value response ownergid string unique identifier response reports array output field response reports output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"type" "regular","response" {"id" "4","name" "posttest","description" "this is a test for post","iplist" "","type" "policy","policyid" "1000002","pluginid" " 1","zoneid" " 1","dhcptracking" "false","classifymitigatedage" "0","emailonlaunch" "false","emailonfinish" "false","timeoutaction" "import","scanningvirtualhosts" "false","rollovertype" "template"},"error code" 0,"error msg" "","warnings" \[],"timestamp" 1406815242}} download scan results downloads the scan result associated with id endpoint url rest/scanresult/{{id}}/download method post input argument name type required description path parameters downloadtype string required parameters for the download scan results action input example {"path parameters" {"downloadtype" "v2"}} output parameter type description file object file file file name string name of the resource file file string output field file file output example {"file" {"file name" "example name","file" "string"}} get alert gets the list of alerts endpoint url /rest/alert method get input argument name type required description parameters fields string optional specify the fields want to include in the response input example {"parameters" {"fields" "id"}} output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response object output field response response usable array output field response usable response usable id string unique identifier response usable name string name of the resource response usable description string output field response usable description response usable status string status value response manageable array output field response manageable response manageable id string unique identifier response manageable name string name of the resource response manageable description string output field response manageable description response manageable status string status value error code number error message if any error msg string error message if any warnings array output field warnings warnings file name string name of the resource warnings file string output field warnings file timestamp number output field timestamp output example {"status code" 200,"response headers" {"date" "mon, 15 apr 2024 06 31 29 gmt","server" "apache","x frame options" "deny","content security policy" "default src 'self'; script src 'self' pendo io static storage googleapis com app ","x content type options" "nosniff","x xss protection" "1; mode=block","expect ct" "max age=31536000","strict transport security" "max age=31536000; includesubdomains","vary" "x apikey","set cookie" "tns sessionid=07ece412570606c2d3fcf7cd39c26812; path=/; secure; http get asset gets the asset associated with id or uuid endpoint url rest/asset/{{id}} method get input argument name type required description path parameters id string required parameters for the get asset action parameters fields string optional parameters for the get asset action input example {"parameters" {"fields" "field1,field2"},"path parameters" {"id" "id or uuid"}} output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response object output field response response id string unique identifier response name string name of the resource response type string type of the resource response description string output field response description response tags string output field response tags response context string output field response context response status string status value response templateid string unique identifier response createdtime string time value response modifiedtime string time value response typefields object type of the resource response typefields combinations object type of the resource response typefields combinations operator string type of the resource response typefields combinations operand1 object type of the resource response typefields combinations operand1 id string unique identifier response typefields combinations operand1 name string name of the resource response typefields combinations operand1 description string type of the resource response typefields combinations operand1 uuid string unique identifier response typefields combinations operand2 object type of the resource response typefields combinations operand2 id string unique identifier response typefields combinations operand2 name string name of the resource output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"type" "regular","response" {"id" "33","name" "test","type" "combination","description" "","tags" "","context" "","status" "0","templateid" " 1","createdtime" "1412171859","modifiedtime" "1412171859","typefields" {},"repositories" \[],"ipcount" 0,"groups" \[],"assetdatafields" \[]},"error code" 0,"error msg" "","warnings" \[],"timestamp" 1412273575}} get credentials get the list of credentials endpoint url rest/credentials method get output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response object output field response response usable array output field response usable response usable id string unique identifier response usable name string name of the resource response usable description string output field response usable description response usable type string type of the resource response usable uuid string unique identifier response manageable array output field response manageable response manageable id string unique identifier response manageable name string name of the resource response manageable description string output field response manageable description response manageable type string type of the resource response manageable uuid string unique identifier error code number error message if any error msg string error message if any warnings array output field warnings warnings file name string name of the resource warnings file string output field warnings file timestamp number output field timestamp output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"type" "regular","response" {"usable" \[],"manageable" \[]},"error code" 0,"error msg" "","warnings" \[],"timestamp" 1408719365}} get hosts gets the list of hosts identified from all scan results that are on tenable sc endpoint url /rest/hosts method get input argument name type required description parameters limit number optional the limit parameter should be an integer greater than 0 parameters startoffset number optional the startoffset parameter should an integer greater than 0 parameters endoffset number optional the endoffset parameter should an integer greater than 0 parameters pagination boolean optional the pagination parameter should a boolean parameters fields string optional specify the fields want to include in the response input example {"parameters" {"limit" 5,"startoffset" 1,"endoffset" 10,"pagination"\ true,"fields" "id"}} output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response array output field response response id string unique identifier response uuid string unique identifier response tenableuuid string unique identifier response name string name of the resource response ipaddress string output field response ipaddress response os string output field response os response firstseen string output field response firstseen response lastseen string output field response lastseen error code number error message if any error msg string error message if any warnings array output field warnings warnings file name string name of the resource warnings file string output field warnings file timestamp number output field timestamp output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"type" "regular","response" \[{},{}],"error code" 0,"error msg" "","warnings" \[],"timestamp" 1626889388}} get list queries gets the list of queries endpoint url /rest/query method get input argument name type required description parameters type string optional parameters for the get list queries action parameters fields string optional specify the fields want to include in the response input example {"parameters" {"type" "mobile","fields" "id"}} output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response object output field response response usable array output field response usable response usable id string unique identifier response usable name string name of the resource response usable description string output field response usable description response usable tool string output field response usable tool response usable type string type of the resource response usable tags string output field response usable tags response usable context string output field response usable context response usable browsecolumns string output field response usable browsecolumns response usable browsesortcolumn string output field response usable browsesortcolumn response usable browsesortdirection string output field response usable browsesortdirection response usable createdtime string time value response usable modifiedtime string time value response usable status string status value response usable groups array output field response usable groups response usable groups file name string name of the resource response usable groups file string output field response usable groups file response usable filters array output field response usable filters response usable filters file name string name of the resource response usable filters file string output field response usable filters file response usable canuse string output field response usable canuse output example {"status code" 200,"response headers" {"date" "mon, 15 apr 2024 06 40 02 gmt","server" "apache","x frame options" "deny","content security policy" "default src 'self'; script src 'self' pendo io static storage googleapis com app ","x content type options" "nosniff","x xss protection" "1; mode=block","expect ct" "max age=31536000","strict transport security" "max age=31536000; includesubdomains","vary" "x apikey","set cookie" "tns sessionid=f65d532d29c8460000085c28c1f12c58; path=/; secure; http get policies gets the list of policies endpoint url rest/policy method get output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response object output field response response usable array output field response usable response usable id string unique identifier response usable name string name of the resource response usable description string output field response usable description response usable status string status value response usable uuid string unique identifier response manageable array output field response manageable response manageable id string unique identifier response manageable name string name of the resource response manageable description string output field response manageable description response manageable status string status value response manageable uuid string unique identifier error code number error message if any error msg string error message if any warnings array output field warnings warnings file name string name of the resource warnings file string output field warnings file timestamp number output field timestamp output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"type" "regular","response" {"usable" \[],"manageable" \[]},"error code" 0,"error msg" "","warnings" \[],"timestamp" 1406233675}} get repositories get the list of repositories endpoint url rest/repository method get input argument name type required description parameters type string required parameters for the get repositories action input example {"parameters" {"type" "all"}} output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response array output field response response id string unique identifier response name string name of the resource response description string output field response description response dataformat string response data response uuid string unique identifier error code number error message if any error msg string error message if any warnings array output field warnings warnings file name string name of the resource warnings file string output field warnings file timestamp number output field timestamp output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"type" "regular","response" \[{"id" "37","name" "ag repo1","description" "copied from qa","dataformat" "agent","uuid" "a2ff7e13 2c0e 470e a3c9 e077fe065a54"},{"id" "38","name" "jm ipv4","description" "copied from qa","dataformat" "ipv4","uuid" "2e950182 08b6 4737 830b 4acc8f6b92f9"},{"id" "39","name" "ipv6 rep","description" "copied from qa (name changed)","dataformat" "ipv6","uuid" "ff00f4d0 5b9f 4a26 998c 19430295284a"}],"error get scan results gets the list of scan results endpoint url rest/scanresult method get input argument name type required description parameters starttime number optional parameters for the get scan results action parameters endtime number optional parameters for the get scan results action input example {"parameters" {"starttime" 1685558400,"endtime" 1690560000}} output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response object output field response response usable array output field response usable response usable id string unique identifier response usable name string name of the resource response usable description string output field response usable description response usable status string status value response manageable array output field response manageable response manageable id string unique identifier response manageable name string name of the resource response manageable description string output field response manageable description response manageable status string status value error code number error message if any error msg string error message if any warnings array output field warnings warnings file name string name of the resource warnings file string output field warnings file timestamp number output field timestamp output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"type" "regular","response" {"usable" \[],"manageable" \[]},"error code" 0,"error msg" "","warnings" \[],"timestamp" 1407249641}} get scans gets the list of scans endpoint url rest/scan method get output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response object output field response response usable array output field response usable response usable id string unique identifier response usable name string name of the resource response usable description string output field response usable description response usable uuid string unique identifier response manageable array output field response manageable response manageable id string unique identifier response manageable name string name of the resource response manageable description string output field response manageable description response manageable uuid string unique identifier error code number error message if any error msg string error message if any warnings array output field warnings warnings file name string name of the resource warnings file string output field warnings file timestamp number output field timestamp output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"type" "regular","response" {"usable" \[],"manageable" \[]},"error code" 0,"error msg" "","warnings" \[],"timestamp" 1406828340}} run scan launches the scan associated with the id or uuid endpoint url rest/scan/{{id}}/launch method post input argument name type required description path parameters id string required parameters for the run scan action parameters diagnostictarget string optional parameters for the run scan action parameters diagnosticpassword string optional parameters for the run scan action input example {"parameters" {"diagnostictarget" "192 168 1 1","diagnosticpassword" "dummypassword"},"path parameters" {"id" "id"}} output parameter type description status code number http status code of the response reason string response reason phrase type string type of the resource response object output field response response scanid string unique identifier response scanresult object result of the operation response scanresult initiatorid string unique identifier response scanresult ownerid string unique identifier response scanresult scanid string unique identifier response scanresult resultssyncid number unique identifier response scanresult jobid string unique identifier response scanresult repositoryid string unique identifier response scanresult name string name of the resource response scanresult description string result of the operation response scanresult details string result of the operation response scanresult status string status value response scanresult downloadformat string result of the operation response scanresult dataformat string response data response scanresult resulttype string type of the resource response scanresult id string unique identifier error code number error message if any error msg string error message if any warnings array output field warnings warnings file name string name of the resource warnings file string output field warnings file output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"type" "regular","response" {"scanid" "2","scanresult" {}},"error code" 0,"error msg" "","warnings" \[],"timestamp" 1407510276}} response headers header description example cache control directives for caching mechanisms no cache, no store connection http response header connection keep alive content length the length of the response body in bytes 249 content security policy http response header content security policy default src 'self'; script src 'self' pendo io static storage googleapis com app pendo io cdn pendo io pendo static 6165929460760576 storage googleapis com data pendo io cdn metarouter io e metarouter io api amplitude com cdn amplitude com cloudfront net; connect src 'self' app pendo io data pendo io pendo static 6165929460760576 storage googleapis com cdn metarouter io e metarouter io api amplitude com cdn amplitude com cloudfront net; img src 'self' data cdn pendo io app pendo io pendo static 6165929460760576 storage googleapis com data pendo io; style src 'self' app pendo io cdn pendo io pendo static 6165929460760576 storage googleapis com; frame ancestors app pendo io; form action 'self'; block all mixed content; upgrade insecure requests 1; object src 'none' content type the media type of the resource application/json date the date and time at which the message was originated mon, 15 apr 2024 06 40 02 gmt expect ct http response header expect ct max age=31536000 expires the date/time after which the response is considered stale thu, 19 nov 1981 08 52 00 gmt keep alive http response header keep alive timeout=15, max=100 pragma http response header pragma no cache securitycenter http response header securitycenter 5 19 1 server information about the software used by the origin server apache set cookie http response header set cookie tns sessionid=f65d532d29c8460000085c28c1f12c58; path=/; secure; httponly; samesite=strict strict transport security http response header strict transport security max age=31536000; includesubdomains vary http response header vary x apikey x content type options http response header x content type options nosniff x frame options http response header x frame options deny x xss protection http response header x xss protection 1; mode=block