Tenable Vulnerability Management

the tenable vulnerability management connector facilitates seamless integration with swimlane turbine, enabling automated vulnerability assessment and prioritization tenable vulnerability management is a comprehensive solution for identifying, investigating, and prioritizing vulnerabilities within your it environment this connector enables swimlane turbine users to integrate tenable's powerful scanning and reporting capabilities directly into their security workflows by leveraging this integration, users can automate vulnerability assessments, streamline remediation processes, and enhance their overall security posture with minimal manual intervention prerequisites to effectively utilize the tenable vulnerability management connector with swimlane turbine, ensure you have the following prerequisites api key authentication with the following parameters url endpoint for tenable api access access key unique identifier for api authentication secret key confidential key paired with the access key for secure api calls capabilities this connector provides the following capabilities check scan export status create report create scan download assets chunk download exported scan download report download vulnerabilities chunk export assets information export scan export vulnerabilities get asset details get assets export status get folders list get host details from scan get plugin details and so on asset setup the asset for this connector requires the following inputs access key secret key for more information on how to get these keys, see https //docs tenable com/tenableio/content/settings/generateapikey htm for more information on workbench filters, see https //developer tenable com/docs/workbench filters notes for the get scan details task, tenable archives the vulnerability details if the scan is 40 days or older api specific links https //developer tenable com/reference/assets list assets https //developer tenable com/reference/assets asset info https //developer tenable com/reference/exports assets request export https //developer tenable com/reference/exports assets export status https //developer tenable com/reference/exports assets download chunk https //developer tenable com/reference/scans list https //developer tenable com/reference/scans launch https //developer tenable com/reference/scans details https //developer tenable com/reference/scans get latest status https //developer tenable com/reference/scans export request https //developer tenable com/reference/scans export status https //developer tenable com/reference/scans export download https //developer tenable com/reference/scans create https //developer tenable com/reference/scans host details https //developer tenable com/reference/exports vulns request export and so on configurations tenable io api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required access key access key generated by tenable io api string required secret key secret key generated by tenable io api string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions check scan export status checks the export status of a scan in tenable vulnerability management using scan id and file id endpoint url scans/{{scan id}}/export/{{file id}}/status method get input argument name type required description path parameters scan id string required the unique identifier for the scan this identifier can be either the scans schedule uuid or the scans id attribute in the response message from the get /scans endpoint tenable recommends that you use scans schedule uuid path parameters file id string required the id of the file to poll (included in response from /scans/{scan id}/export) input example {"path parameters" {"scan id" "333","file id" "sse 4de5371f 34f3 4806 af16 087ad636df63 csv"}} output parameter type description status code number http status code of the response reason string response reason phrase status string status value output example {"status code" 200,"response headers" {"date" "tue, 23 jan 2024 17 46 30 gmt","content type" "application/json; charset=utf 8","content length" "18","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","access control allow origin" " ","x request uuid" "a5a1cbd867e14f708e21002adc786a9b","access control allow headers" "accept, content type, authorization, x request uuid, x client id, x session uuid ","access control allow m create report generates a detailed pdf report in tenable vulnerability management using a specified template endpoint url reports/export method post input argument name type required description name string optional a name for the report if this parameter is omitted, tenable vulnerability management uses the default name vulnerabilities export report with a timestamp in iso 8601 format appended to the end to create a unique name for example, vulnerabilities export report 2023 11 30t00 23 13 199227748z template name string optional the type of template to use for the report host vulns summary—an executive summary report that provides operations teams a snapshot of risk based on vulnerable assets host vulns by plugins—a report that provides a summary of the plugins that detected vulnerabilities on affected assets plugins are sorted by severity and the assets are sorted by the asset criticality rating (acr) host vulns by assets—a summary of the most vulnerable assets filters array optional a set of filters to apply to the report filters can be used to narrow the vulnerabilities or assets included in the report filters property string required the property to filter the results by filters operator string required the comparison operator to apply to the filter for example, eq, neq, gt, etc filters value array required the value to compare the given property to using the specified operator some properties can only be compared to a specific set of values input example {"json body" {"name" "my summary report","template name" "host vulns summary","filters" \[{"property" "first found","operator" "gte","value" 1701824400000},{"property" "severity","operator" "eq","value" \["critical","high"]}]}} output parameter type description status code number http status code of the response reason string response reason phrase uuid string unique identifier output example {"status code" 200,"response headers" {"date" "mon, 03 feb 2025 06 56 46 gmt","content type" "application/json; charset=utf 8","content length" "47","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x request uuid" "757c9907169d14fb9538ff049c8f36e8","vary" "origin","strict transport security" "max age=63072000; includesubdomains","x frame options" "deny","x xss protection" "1; mode=block","x download options" "noopen","x create scan initiates a new scan in tenable vulnerability management with specific 'uuid' and 'settings' endpoint url scans method post input argument name type required description uuid string optional the uuid for the tenable provided scan template to use use the get /editor/scan/templates endpoint to find the template uuid settings object optional parameter for create scan settings name string required the name of the scan settings description string optional the description of the scan settings policy id number optional the unique id of the policy to use to create the scan use the get /policies endpoint to find the policy id settings folder id number optional the unique id of the folder where you want to store the scan use the get /folders endpoint to find the folder id settings scanner id string optional the unique id of the scanner to use use the get /scanners endpoint to find the scanner id settings target network uuid string optional the target network uuid this field is required if the scanner id parameter is auto routed settings enabled boolean required if true, the schedule for the scan is enabled settings launch string optional when to launch the scan possible values are on demand, daily, weekly, monthly, yearly settings scan time window number optional for nessus agent scans, scan time window is the time frame, in minutes, during which agents must transmit scan results to tenable io in order to be included in dashboards and reports if your request omits this parameter, the default value is 180 minutes for nessus scanner scans, scan time window is the time frame, in minutes, after which the scan will automatically stop if your request omits this parameter, the default value is 0 and the scan will not stop after a certain time frame settings starttime string optional for one time scans, the starting time and date for the scan for recurrent scans, the first date on which the scan schedule is active and the time that recurring scans launch based on the rrules parameter settings rrules string optional the interval at which the scan repeats the interval is formatted as a string of three values delimited by semi colons these values are the frequency (freq=onetime or daily or weekly or monthly or yearly), the interval (interval=1 or 2 or 3 x), and the days of the week (byday=su,mo,tu,we,th,fr,sa) settings timezone string optional the timezone of the scheduled start time for the scan (as specified in the starttime parameter) settings text targets string optional the list of targets to scan settings target groups array optional an array of target group ids to scan settings file targets string optional the name of a file containing the list of targets to scan settings tag targets array optional the list of asset tag identifiers that the scan uses to determine which assets it evaluates settings host tagging string optional creates a unique identifier on hosts scanned using credentials settings agent group id array optional an array of agent group uuids to scan required if the scan is an agent scan settings agent scan launch type string optional indicates whether an agent scan should use the scan window (scheduled) or rule based (triggered) method for scan launches settings triggers array optional describes the scan triggers used when agent scan launch type is set to triggered settings triggers type string optional the type of scan launch trigger (periodic or file exists) settings triggers options object optional it can be either periodic hourly interval or filename parameter depends on the type of scan settings emails string optional a comma separated list of accounts that receive the email summary report input example {"json body" {"uuid" "9afd5e49 b4a8 4ab3 8c44 4ed329a505c44e51e1f403febe40","settings" {"name" "test","description" "test scan","policy id" 270,"folder id" 8,"scanner id" "00000000 0000 0000 0000 00000000000000000000000000001","target network uuid" "00000000 0000 0000 0000 000000000000","enabled"\ true,"launch" "on demand","scan time window" 90,"starttime" "20240125t091000","rrules" "freq=onetime;interval=1;byday=th","timezone" "gmt","text targets" "192 168 0 1","target groups" \[1],"file targets" "scan targets txt","tag targets" \["31e9a613 1b05 40a8 ad42 b05b6715a93a","bfb3bbd0 8dd4 48b4 8f4c a0053032b3d9"],"host tagging" "yes","agent group id" \["0000000 0000 0000 0000 000000000000"],"agent scan launch type" "triggered","triggers" \[{"type" "periodic","options" {"periodic hourly interval" 12,"filename" "upload txt"}}],"emails" "test1\@test com","acls" \[{"permissions" 16,"owner" 0,"display name" "analyst group","name" "analyst group","id" 1,"type" "group"}]},"credentials" {"add" {"host" {"windows" {"domain" "test","username" "test","auth method" "password","password" "test"}}}},"plugins" {"web servers" {"individual" {"11213" "enabled"}}}}} output parameter type description status code number http status code of the response reason string response reason phrase scan object output field scan scan tag type object type of the resource scan container id string unique identifier scan owner uuid string unique identifier scan uuid string unique identifier scan name string name of the resource scan description object output field scan description scan policy id number unique identifier scan scanner id object unique identifier scan scanner uuid string unique identifier scan emails object output field scan emails scan sms string output field scan sms scan enabled boolean output field scan enabled scan include aggregate boolean output field scan include aggregate scan scan time window object output field scan scan time window scan custom targets string output field scan custom targets scan target network uuid object unique identifier scan auto routed number output field scan auto routed scan remediation number output field scan remediation scan version number output field scan version scan triggers object output field scan triggers scan reporting mode object output field scan reporting mode scan interval type object type of the resource output example {"scan" {"tag type" {},"container id" "string","owner uuid" "string","uuid" "12345678 1234 1234 1234 123456789abc","name" "example name","description" {},"policy id" 123,"scanner id" {},"scanner uuid" "string","emails" {},"sms" "string","enabled"\ true,"include aggregate"\ true,"scan time window" {},"custom targets" "string"}} download assets chunk downloads a specified chunk of exported assets from tenable vulnerability management using export uuid and chunk id endpoint url assets/export/{{export uuid}}/chunks/{{chunk id}} method get input argument name type required description path parameters export uuid string required the uuid of the export request path parameters chunk id number required the id of the asset chunk you want to export input example {"path parameters" {"export uuid" "194","chunk id" 1}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {"date" "wed, 24 jan 2024 07 31 50 gmt","content type" "application/json;charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x content type options" "nosniff","x frame options" "deny","x xss protection" "1; mode=block","vary" "origin,accept encoding","cache control" "no store","content encoding" "gzip","x request uuid" "10b5fcc99897f990a8704 download exported scan retrieve a previously exported scan report from tenable vulnerability management using the provided scan and file ids endpoint url scans/{{scan id}}/export/{{file id}}/download method get input argument name type required description path parameters scan id string required the unique identifier for the exported scan you want to download this identifier can be either the scans schedule uuid or the scans id attribute in the response message from the get /scans endpoint tenable recommends that you use scans schedule uuid path parameters file id string required the id of the file to download (included in response from /scans/{scan id}/export) headers object required http headers for the request headers accept string required http headers for the request input example {"path parameters" {"scan id" "311","file id" "sse 3f06e801 0175 3e55 1dbd 0cefdfa31565bf36d8be25b21d01 csv"},"headers" {"accept" "application/octet stream"}} output parameter type description status code number http status code of the response reason string response reason phrase response text string output field response text output example {"response text" "string"} download report downloads a specified pdf report from tenable vulnerability management using the report's unique identifier endpoint url reports/export/{{report uuid}}/download method get input argument name type required description headers object optional http headers for the request headers accept string required the content type to accept path parameters report uuid string required the uuid of the report to download input example {"headers" {"accept" "application/pdf"},"path parameters" {"report uuid" "4e461c25 600f 4e0a 8735 df85513d6c81"}} output parameter type description status code number http status code of the response reason string response reason phrase file object output field file file file string output field file file file file name string name of the resource output example {"file" {"file" "string","file name" "example name"}} download vulnerabilities chunk downloads a specified chunk of exported vulnerabilities from tenable using export uuid and chunk id, returning a json file endpoint url vulns/export/{{export uuid}}/chunks/{{chunk id}} method get input argument name type required description path parameters export uuid string required the uuid of the vulnerability export request path parameters chunk id number required the id of the chunk you want to export headers object required http headers for the request headers accept string required http headers for the request input example {"path parameters" {"export uuid" "a7cee931 f7c4 408d be1e a6da3964a639","chunk id" 1},"headers" {"accept" "application/octet stream"}} output parameter type description status code number http status code of the response reason string response reason phrase asset object output field asset asset fqdn string output field asset fqdn asset hostname string name of the resource asset uuid string unique identifier asset ipv4 string output field asset ipv4 asset operating system array output field asset operating system asset network id string unique identifier asset tracked boolean output field asset tracked output string output field output plugin object output field plugin plugin cve array output field plugin cve plugin cvss base score number score value plugin cvss temporal score number score value plugin cvss temporal vector object output field plugin cvss temporal vector plugin cvss temporal vector exploitability string output field plugin cvss temporal vector exploitability plugin cvss temporal vector remediation level string output field plugin cvss temporal vector remediation level plugin cvss temporal vector report confidence string unique identifier plugin cvss temporal vector raw string output field plugin cvss temporal vector raw plugin cvss vector object output field plugin cvss vector plugin cvss vector access complexity string output field plugin cvss vector access complexity plugin cvss vector access vector string output field plugin cvss vector access vector plugin cvss vector authentication string output field plugin cvss vector authentication plugin cvss vector confidentiality impact string unique identifier output example {"status code" 200,"response headers" {"date" "wed, 24 jan 2024 07 30 09 gmt","content type" "application/json;charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x request uuid" "b98b82f6c11f66104d7354c69c68bbad","x content type options" "nosniff","x frame options" "deny","x xss protection" "1; mode=block","vary" "origin","cache control" "no store","strict transport security" " export assets information exports asset data from tenable vulnerability management based on criteria, with a specified chunk size for the output endpoint url assets/export method post input argument name type required description chunk size number optional specifies the number of assets per exported chunk include open ports boolean optional specifies whether or not to include open port findings from info level plugins if this parameter is omitted, tenable vulnerability management uses a default value of false filters object optional specifies filters for exported assets filters created at number optional returns all assets created later than the date specified the specified date must be in the unix timestamp format filters updated at number optional returns all assets updated later than the date specified the specified date must be in the unix timestamp format filters terminated at number optional returns all assets terminated later than the date specified the specified date must be in the unix timestamp format filters is terminated boolean optional when set to true, returns assets which have any value for the terminated at attribute filters deleted at number optional returns all assets deleted later than the date specified the specified date must in the unix timestamp format filters is deleted boolean optional when set to true, returns assets which have any value for the deleted at attribute filters is licensed boolean optional specifies whether the asset is included in the asset count for the tenable vulnerability management instance if true, tenable vulnerability management returns only licensed assets if false, tenable vulnerability management returns only unlicensed assets filters first scan time number optional returns all assets with a first scan time later than the date specified the specified date must be in the unix timestamp format filters last authenticated scan time number optional returns all assets with a last credentialed scan time later than the date specified the specified date must be in the unix timestamp format filters last assessed number optional returns all assets with a last assessed time later than the date specified filters servicenow sysid boolean optional if true, returns all assets that have a servicenow sys id, regardless of value if false, returns all assets that do not have a servicenow sys id filters sources array optional returns assets that have the specified asset source commonly used names include aws, nessus agent, pvs, nessus scan and was filters has plugin results boolean optional filter by whether or not the asset has plugin results associated with it if true, tenable vulnerability management returns all assets that have plugin results filters network id string optional the id of the network object associated with scanners that identified the assets you want to export filters last scan id string optional returns all assets that were last scanned by the specified scan configuration uuid input example {"json body" {"chunk size" 10,"include open ports"\ true,"filters" {"created at" 0,"updated at" 0,"terminated at" 0,"is terminated"\ false,"deleted at" 0,"is deleted"\ false,"is licensed"\ false,"first scan time" 0,"last authenticated scan time" 0,"last assessed" 0,"servicenow sysid"\ true,"sources" \["nessus agent","aws"],"has plugin results"\ true,"network id" "00000000 0000 0000 0000 000000000000","last scan id" "00000000 0000 0000 0000 000000000000"}}} output parameter type description status code number http status code of the response reason string response reason phrase export uuid string unique identifier output example {"status code" 200,"response headers" {"date" "wed, 24 jan 2024 07 26 12 gmt","content type" "application/json;charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x request uuid" "61c516579cc87225ca80e92cbcf97211","x content type options" "nosniff","x frame options" "deny","x xss protection" "1; mode=block","vary" "origin","cache control" "no store","strict transport security" " export scan exports a specified scan's results from tenable vulnerability management, requiring the scan id and output format endpoint url scans/{{scan id}}/export method post input argument name type required description path parameters scan id string required the identifier for the scan you want to export this identifier can be either the scans schedule uuid or the scans id attribute in the response message from the get /scans endpoint tenable recommends that you use scans schedule uuid parameters history id number optional the unique identifier of the historical data that you want tenable io to export this identifier corresponds to the history id attribute of the response message from the get /scans/{scan id}/history endpoint parameters history uuid string optional the uuid of the historical data that you want tenable io to return this identifier corresponds to the history scan uuid attribute of the response message from the get /scans/{scan id}/history endpoint format string optional the file format to use (nessus, html, pdf, or csv) chapters string optional the chapters to include in the export this parameter accepts a semi colon delimited string comprised of some combination of the following options (vuln hosts summary, vuln by host, compliance exec, remediations, vuln by plugin, compliance) asset id string optional the id of the asset scanned input example {"parameters" {"history id" 23,"history uuid" "00000000 0000 0000 0000 000000000000"},"json body" {"format" "csv","chapters" "compliance","asset id" "00000000 0000 0000 0000 000000000000"},"path parameters" {"scan id" "311"}} output parameter type description status code number http status code of the response reason string response reason phrase file string output field file output example {"status code" 200,"response headers" {"date" "tue, 23 jan 2024 17 44 45 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","vary" "origin","cache control" "no cache","x request uuid" "3b4df445cf8b2d6f75e7f0c690bac8f1","x xss protection" "1; mode=block","x frame options" "deny","strict transport security" "max age=63072000; includesubdomain export vulnerabilities exports a list of vulnerabilities from tenable based on specified criteria, with the option to define the number of assets endpoint url vulns/export method post input argument name type required description num assets number optional specifies the number of assets used to chunk the vulnerabilities include unlicensed boolean optional specifies whether or not to include unlicensed assets the default is false when no parameter is specified filters object optional specifies filters for exported vulnerabilities filters cidr range string optional restricts search for vulnerabilities to assets assigned an ip address within the specified cidr range filters first found number optional returns vulnerabilities that were first found between the specified date and now the date must be specified in unix 10 digit time format (seconds) filters indexed at number optional returns vulnerabilities that were indexed into tenable vulnerability management at the specified date the date must be specified in unix 10 digit time format (seconds) filters last fixed number optional returns vulnerabilities that were fixed between the specified date and now the date must be specified in unix 10 digit time format (seconds) filters last found number optional returns vulnerabilities that were last found between the specified date and now the date must be specified in unix 10 digit time format (seconds) filters since number optional the start date for the range of data you want to export the date must be specified in unix 10 digit time format (seconds) filters network id string optional the id of the network object associated with scanners that detected the vulnerabilities you want to export filters plugin family array optional a list of plugin families for which you want to filter the vulnerabilities returned in the vulnerability export for a list of supported plugin family values, use the get /plugins/families endpoint filters plugin id array optional a list of plugin ids for which you want to filter the vulnerabilities returned in the vulnerability export filters plugin type string optional the plugin type for which you want to filter the vulnerabilities returned in the vulnerability export for example, remote, local, combined, etc filters scan uuid string optional the uuid of the scan for which you want to filter vulnerabilities returned in the vulnerability export filters severity array optional the severity of the vulnerabilities to include in the export defaults to all severity levels supported array values are info, low, medium, high and critical filters severity modification type array optional returns vulnerabilities with the specified severity modification type this filter can be used to return vulnerabilities with a modified severity due to a recast or accept rule supported case sensitive values are none, recasted and accepted filters state array optional the state of the vulnerabilities you want the export to include supported, case insensitive values are open(the vulnerability is currently present on a host), reopened(the vulnerability was previously marked as fixed on a host, but has returned) and fixed(the vulnerability was present on a host, but is no longer detected) filters source array optional returns vulnerabilities identified by the specified source a source is the entity that reported the vulnerability details filters vpr score object optional returns vulnerabilities with the specified vulnerability priority rating (vpr) score or scores filters vpr score eq array optional returns vulnerabilities with a vpr equal to the specified score or scores this property cannot be combined with the following range operators lt, gt, lte, or gte filters vpr score neq array optional returns vulnerabilities with a vpr not equal to the specified score or scores this property can be combined with the eq property filters vpr score gt number optional returns vulnerabilities with a vpr greater than the specified score this property cannot be combined with the eq property filters vpr score gte number optional returns vulnerabilities with a vpr greater than or equal to the specified score this property cannot be combined with the eq property filters vpr score lt number optional returns vulnerabilities with a vpr lesser than the specified score this property cannot be combined with the eq property filters vpr score lte number optional returns vulnerabilities with a vpr lesser than or equal to the specified score this property cannot be combined with the eq property input example {"json body" {"num assets" 50,"include unlicensed"\ true,"filters" {"cidr range" "0 0 0 0/0","first found" 0,"indexed at" 0,"last fixed" 0,"last found" 0,"since" 0,"network id" "3fa85f64 5717 4562 b3fc 2c963f66afa6","plugin family" \["backdoors"],"plugin id" \[0],"plugin type" "remote","scan uuid" "3fa85f64 5717 4562 b3fc 2c963f66afa6","severity" \["low"],"severity modification type" \["accepted"],"state" \["open"],"source" \["aws"],"vpr score" {"eq" \[0],"neq" \[0],"gt" 0,"gte" 0,"lt" 0,"lte" 0}}}} output parameter type description status code number http status code of the response reason string response reason phrase export uuid string unique identifier output example {"status code" 200,"response headers" {"date" "wed, 24 jan 2024 09 24 15 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x content type options" "nosniff","x frame options" "deny","x xss protection" "1; mode=block","vary" "origin","cache control" "no store","x request uuid" "9c71f6b38d372df7fb607052dc20705d","strict transport security" get asset details retrieve detailed information for a specified asset using its unique identifier (uuid) in tenable vulnerability management endpoint url assets/{{asset uuid}} method get input argument name type required description path parameters asset uuid string required the uuid of the asset input example {"path parameters" {"asset uuid" "00fdbc7a e3e9 42f9 b96b ef91fbe86f94"}} output parameter type description status code number http status code of the response reason string response reason phrase id string unique identifier has agent boolean output field has agent created at string output field created at updated at string output field updated at terminated at object output field terminated at deleted at object output field deleted at first seen string output field first seen last seen string output field last seen last scan target string output field last scan target last authenticated scan date object date value last licensed scan date string date value last scan id string unique identifier last schedule id string unique identifier sources array output field sources sources name string name of the resource sources first seen string output field sources first seen sources last seen string output field sources last seen tags array output field tags acr score object score value acr drivers array output field acr drivers acr drivers driver name string name of the resource acr drivers driver value array value for the parameter exposure score object score value output example {"id" "12345678 1234 1234 1234 123456789abc","has agent"\ true,"created at" "string","updated at" "string","terminated at" {},"deleted at" {},"first seen" "string","last seen" "string","last scan target" "string","last authenticated scan date" {},"last licensed scan date" "string","last scan id" "string","last schedule id" "string","sources" \[{"name" "example name","first seen" "string","last seen" "string"}],"tags" \["string"]} get assets export status retrieve the status of a tenable asset export request using the specified export uuid endpoint url assets/export/{{export uuid}}/status method get input argument name type required description path parameters export uuid string required the uuid for the export request input example {"path parameters" {"export uuid" "194"}} output parameter type description status code number http status code of the response reason string response reason phrase status string status value chunks available array output field chunks available output example {"status code" 200,"response headers" {"date" "wed, 24 jan 2024 07 27 55 gmt","content type" "application/json;charset=utf 8","content length" "43","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x request uuid" "22a7d1c4b1e0fbc505397c99b24660f7","x content type options" "nosniff","x frame options" "deny","x xss protection" "1; mode=block","vary" "origin","cache control" "no store","accept ranges" "bytes","strict trans get folders list retrieve a comprehensive list of default and user created folders from tenable vulnerability management endpoint url folders method get output parameter type description status code number http status code of the response reason string response reason phrase folders array output field folders folders id number unique identifier folders name string name of the resource folders type string type of the resource folders custom number output field folders custom folders unread count number count value folders default tag number output field folders default tag output example {"status code" 200,"response headers" {"date" "tue, 21 mar 2023 06 30 16 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x request uuid" "d1b9a54938eb03610c10e042027aaed8","x content type options" "nosniff","x frame options" "deny","x xss protection" "1; mode=block","vary" "origin","cache control" "no store","strict transport security" get host details from scan retrieve detailed information for a specific host from a scan in tenable vulnerability management using the provided scan uuid and host id endpoint url scans/{{scan uuid}}/hosts/{{host id}} method get input argument name type required description path parameters scan uuid string required the identifier for the scan this identifier can be the either the schedule uuid or the numeric id attribute for the scan recommended to use schedule uuid path parameters host id number required the id of the host to retrieve parameters history id number optional the unique identifier of the historical data that you want tenable io to return parameters history uuid string optional the uuid of the historical data that you want tenable io to return input example {"parameters" {"history id" 23,"history uuid" "f5fb06b6 3de3 4fb0 b21c 40c24423e77a"},"path parameters" {"scan uuid" "840fd26f 9272 4324 9a61 63cd57389b12","host id" 45}} output parameter type description status code number http status code of the response reason string response reason phrase info object output field info info mac address object output field info mac address info host fqdn string output field info host fqdn info host ip string output field info host ip info operating system array output field info operating system info host end string output field info host end info host start string output field info host start vulnerabilities array output field vulnerabilities vulnerabilities count number count value vulnerabilities host id number unique identifier vulnerabilities hostname string name of the resource vulnerabilities plugin family string output field vulnerabilities plugin family vulnerabilities plugin id number unique identifier vulnerabilities plugin name string name of the resource vulnerabilities severity number output field vulnerabilities severity vulnerabilities severity index number output field vulnerabilities severity index vulnerabilities vuln index number output field vulnerabilities vuln index compliance array output field compliance compliance count number count value compliance host id number unique identifier compliance hostname string name of the resource compliance plugin family string output field compliance plugin family compliance plugin id string unique identifier output example {"status code" 200,"response headers" {"date" "mon, 29 jan 2024 06 03 33 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","vary" "origin,accept encoding","cache control" "no cache","content encoding" "gzip","x request uuid" "ed50d37af715f50215ad1d9d56be523d","x xss protection" "1; mode=block","x frame options" "deny","strict transport sec get plugin details retrieve detailed information for a specified plugin in tenable vulnerability management using the provided plugin id endpoint url plugins/plugin/{{id}} method get input argument name type required description path parameters id number required the id of the plugin input example {"path parameters" {"id" 34256}} output parameter type description attributes array output field attributes attributes attribute value string value for the parameter attributes attribute name string name of the resource family name string name of the resource name string name of the resource id number unique identifier output example {"attributes" \[{"attribute value" "aix iy19744 nasl","attribute name" "fname"},{"attribute value" "aix 5 1 iy19744","attribute name" "plugin name"},{"attribute value" "$revision 1 5 $","attribute name" "script version"}],"family name" "aix local security checks","name" "aix 5 1 iy19744","id" 22372} get report status retrieve the current status of a report export request in tenable vulnerability management using the report's uuid endpoint url reports/export/{{report uuid}}/status method get input argument name type required description path parameters report uuid string required the uuid of the report to check the status for input example {"path parameters" {"report uuid" "4e461c25 600f 4e0a 8735 df85513d6c81"}} output parameter type description status code number http status code of the response reason string response reason phrase status string status value output example {"status code" 200,"response headers" {"date" "mon, 03 feb 2025 06 58 36 gmt","content type" "application/json; charset=utf 8","content length" "22","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x request uuid" "195b0e5dbe98e89ce5e1b909a9e999a5","vary" "origin","strict transport security" "max age=63072000; includesubdomains","x frame options" "deny","x xss protection" "1; mode=block","x download options" "noopen","x get scan details retrieve detailed results for a specific scan in tenable vulnerability management using the provided scan id endpoint url scans/{{scan id}} method get input argument name type required description path parameters scan id string required the unique identifier for the scan you want to retrieve this identifier can be either the 'scans schedule uuid' or the 'scans id' attribute in the response message from the 'get /scans' endpoint tenable recommends that you use 'scans schedule uuid' parameters history id string optional the unique identifier of the historical data that you want tenable io to return this identifier corresponds to the 'history id' attribute of the response message from the 'get /scans/{scan id}/history' endpoint input example {"parameters" {"history id" "6c568d0d aaf9 17a6 b780 fcce7082351ca90b6a6b535a0c4c"},"path parameters" {"scan id" "0b9317b7 f633 4ca7 b695 8f219bb13f2a"}} output parameter type description status code number http status code of the response reason string response reason phrase info object output field info info owner string output field info owner info name string name of the resource info no target boolean output field info no target info folder id number unique identifier info control boolean output field info control info user permissions number output field info user permissions info schedule uuid string unique identifier info edit allowed boolean output field info edit allowed info scanner name object name of the resource info policy object output field info policy info shared boolean output field info shared info object id number unique identifier info tag targets array output field info tag targets info acls array output field info acls info acls permissions number output field info acls permissions info acls owner number output field info acls owner info acls display name string name of the resource info acls name string name of the resource info acls id number unique identifier info acls type string type of the resource info hostcount number count value info uuid string unique identifier output example {"info" {"owner" "string","name" "example name","no target"\ true,"folder id" 123,"control"\ true,"user permissions" 123,"schedule uuid" "string","edit allowed"\ true,"scanner name" {},"policy" {},"shared"\ true,"object id" 123,"tag targets" \["string"],"acls" \[{}],"hostcount" 123},"history" \[{"history id" 123,"owner id" 123,"creation date" 123,"last modification date" 123,"uuid" "12345678 1234 1234 1234 123456789abc","type" {},"status" "active","scheduler" 123,"alt targets used"\ true,"is archived"\ t get scan status retrieve the latest status of a specific scan from tenable vulnerability management using the unique scan id endpoint url scans/{{scan id}}/latest status method get input argument name type required description path parameters scan id string required the unique identifier for the scan this identifier can be either the scans schedule uuid or the scans id attribute in the response message from the get /scans endpoint input example {"path parameters" {"scan id" "123"}} output parameter type description status code number http status code of the response reason string response reason phrase status string status value progress number output field progress output example {"status code" 200,"response headers" {"date" "tue, 23 jan 2024 10 49 11 gmt","content type" "application/json; charset=utf 8","content length" "34","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x request uuid" "7ad545d3b8b9bf10d0a5384729448460","x content type options" "nosniff","x frame options" "deny","x xss protection" "1; mode=block","vary" "origin","cache control" "no cache","accept ranges" "bytes","strict tran get scans list retrieve a list of scans from tenable vulnerability management with 'can view' permissions endpoint url scans method get input argument name type required description parameters folder id number optional parameters for the get scans list action parameters last modification date number optional parameters for the get scans list action input example {"parameters" {"folder id" 311,"last modification date" 1633990491}} output parameter type description scans array output field scans scans control boolean output field scans control scans creation date number date value scans enabled boolean output field scans enabled scans id number unique identifier scans last modification date number date value scans legacy boolean output field scans legacy scans name string name of the resource scans owner string output field scans owner scans policy id number unique identifier scans read boolean output field scans read scans schedule uuid string unique identifier scans shared boolean output field scans shared scans status string status value scans template uuid string unique identifier scans has triggers boolean output field scans has triggers scans type string type of the resource scans permissions number output field scans permissions scans user permissions number output field scans user permissions scans uuid string unique identifier scans wizard uuid string unique identifier scans progress number output field scans progress scans total targets number output field scans total targets folders array output field folders folders id number unique identifier output example {"scans" \[],"folders" \[],"timestamp" 123} get timezones obtain a list of timezones supported by tenable vulnerability management for scan scheduling endpoint url scans/timezones method get output parameter type description status code number http status code of the response reason string response reason phrase timezones array output field timezones timezones name string name of the resource timezones value string value for the parameter timezones current boolean output field timezones current output example {"status code" 200,"response headers" {"date" "wed, 24 jan 2024 11 38 47 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","cache control" "no store","pragma" "no cache","expires" "0","x frame options" "deny","x content type options" "nosniff","x xss protection" "1; mode=block","vary" "origin,accept encoding","content encoding" "gzip","x r get vulnerabilities export status retrieve the status of a vulnerability export in tenable vulnerability management using the specified export uuid endpoint url vulns/export/{{export uuid}}/status method get input argument name type required description path parameters export uuid string required the uuid for the vulnerability export request input example {"path parameters" {"export uuid" "a7cee931 f7c4 408d be1e a6da3964a639"}} output parameter type description status code number http status code of the response reason string response reason phrase uuid string unique identifier status string status value chunks available array output field chunks available chunks failed array output field chunks failed chunks cancelled array output field chunks cancelled total chunks number output field total chunks chunks available count number count value empty chunks count number count value finished chunks number output field finished chunks filters object output field filters filters state array output field filters state filters tags object output field filters tags filters since number output field filters since filters first found number output field filters first found filters last found number output field filters last found filters last fixed number output field filters last fixed filters first seen number output field filters first seen filters last seen number output field filters last seen filters indexed at number output field filters indexed at filters indexed at end value number value for the parameter num assets per chunk number output field num assets per chunk created number output field created output example {"status code" 200,"response headers" {"date" "wed, 24 jan 2024 09 28 28 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x request uuid" "ab9bcf704507acec0e4e7fba7a868b65","x content type options" "nosniff","x frame options" "deny","x xss protection" "1; mode=block","vary" "origin","cache control" "no store","strict transport security" launch scan initiates a vulnerability scan in tenable vulnerability management using the provided scan id endpoint url scans/{{scan id}}/launch method post input argument name type required description path parameters scan id string required the unique identifier of the scan to launch alt targets array optional targets which are scanned by tenable io instead of the default rollover boolean optional indicates whether or not to launch a rollover scan instead of full scan a rollover scan only runs against the targets that tenable io did not scan due to a previous scan timeout input example {"json body" {"alt targets" \["test","target"],"rollover"\ true},"path parameters" {"scan id" "840fd26f 9272 4324 9a61 63cd57389b12"}} output parameter type description status code number http status code of the response reason string response reason phrase scan uuid string unique identifier output example {"status code" 200,"response headers" {"date" "tue, 23 jan 2024 18 00 53 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","cache control" "no cache","pragma" "","expires" "0","x frame options" "deny","x content type options" "nosniff","x xss protection" "1; mode=block","vary" "origin","x request uuid" "f17eb317082da50a7cfdb53ca907ef0b","s list asset vulnerabilities retrieves a list of vulnerabilities for a specified asset in tenable vulnerability management using the asset id endpoint url /workbenches/assets/{{asset id}}/vulnerabilities method get input argument name type required description path parameters asset id string required the uuid of the asset parameters date range number optional the number of days of data prior to and including today that should be returned see readme for details parameters filter 0 filter string optional the name of the filter to apply to the exported scan report see readme for details parameters filter 0 quality string optional the operator of the filter to apply to the exported scan report see readme for details parameters filter 0 value string optional the value of the filter to apply to the exported scan report the value is case sensitive when used with the match (contains) or nmatch (does not contain) operators see readme for details parameters filter search type string optional for multiple filters, specifies whether to use the and or the or logical operator see readme for details input example {"parameters" {"date range" 7,"filter 0 filter" "plugin name","filter 0 quality" "match","filter 0 value" "rhel","filter search type" "and"},"path parameters" {"asset id" "4e461c25 600f 4e0a 8735 df85513d6c81"}} output parameter type description status code number http status code of the response reason string response reason phrase vulnerabilities array output field vulnerabilities vulnerabilities count number count value vulnerabilities plugin family string output field vulnerabilities plugin family vulnerabilities plugin id number unique identifier vulnerabilities plugin name string name of the resource vulnerabilities vulnerability state string output field vulnerabilities vulnerability state vulnerabilities vpr score number score value vulnerabilities accepted count number count value vulnerabilities recasted count number count value vulnerabilities counts by severity array output field vulnerabilities counts by severity vulnerabilities counts by severity count number count value vulnerabilities counts by severity value number value for the parameter vulnerabilities severity number output field vulnerabilities severity total vulnerability count number count value total asset count number count value output example {"status code" 200,"response headers" {"date" "thu, 30 jan 2025 07 41 03 gmt","content type" "application/octet stream","content length" "0","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x request uuid" "c75dcec9e874bb6b4064535d2aee9a54","vary" "origin","strict transport security" "max age=63072000; includesubdomains","x frame options" "deny","x xss protection" "1; mode=block","x download options" "noopen","x content list assets retrieve up to 5,000 assets from tenable vulnerability management for analysis or tracking endpoint url assets method get output parameter type description status code number http status code of the response reason string response reason phrase assets array output field assets assets id string unique identifier assets has agent boolean output field assets has agent assets last seen string output field assets last seen assets last scan target string output field assets last scan target assets sources array output field assets sources assets sources name string name of the resource assets sources first seen string output field assets sources first seen assets sources last seen string output field assets sources last seen assets acr score object score value assets acr drivers array output field assets acr drivers assets acr drivers driver name string name of the resource assets acr drivers driver value array value for the parameter assets exposure score object score value assets scan frequency array output field assets scan frequency assets scan frequency interval number output field assets scan frequency interval assets scan frequency frequency number output field assets scan frequency frequency assets scan frequency licensed boolean output field assets scan frequency licensed assets ipv4 array output field assets ipv4 assets ipv6 string output field assets ipv6 assets fqdn string output field assets fqdn assets mac address array output field assets mac address assets netbios name string name of the resource output example {"status code" 200,"response headers" {"date" "tue, 23 jan 2024 11 27 11 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x request uuid" "15cfff713c2b2ef855947c064dfbf063","cache control" "no store","vary" "accept encoding,origin","content encoding" "gzip","x content type options" "nosniff","x frame options" "deny","x xss protection" "1 list assets with vulnerabilities retrieve a list of assets along with their associated vulnerabilities from tenable vulnerability management endpoint url workbenches/assets/vulnerabilities method get input argument name type required description parameters date range number optional the number of days of data prior to and including today that should be returned see readme for details parameters filter 0 filter string optional the name of the filter to apply to the exported scan report see readme for details parameters filter 0 quality string optional the operator of the filter to apply to the exported scan report see readme for details parameters filter 0 value string optional the value of the filter to apply to the exported scan report the value is case sensitive when used with the match (contains) or nmatch (does not contain) operators see readme for details parameters filter search type string optional for multiple filters, specifies whether to use the and or the or logical operator see readme for details input example {"parameters" {"date range" 7,"filter 0 filter" "plugin name","filter 0 quality" "match","filter 0 value" "rhel","filter search type" "and"}} output parameter type description status code number http status code of the response reason string response reason phrase assets array output field assets assets id string unique identifier assets severities array output field assets severities assets severities count number count value assets severities level number output field assets severities level assets severities name string name of the resource assets total number output field assets total assets fqdn array output field assets fqdn assets ipv4 array output field assets ipv4 assets ipv6 array output field assets ipv6 assets last seen string output field assets last seen assets netbios name array name of the resource assets agent name array name of the resource total asset count number count value output example {"assets" \[{"id" "12345678 1234 1234 1234 123456789abc","severities" \[],"total" 123,"fqdn" \[],"ipv4" \[],"ipv6" \[],"last seen" "string","netbios name" \[],"agent name" \[]}],"total asset count" 123} list credential types retrieve all supported credential types for managed credentials in tenable io endpoint url credentials/types method get output parameter type description status code number http status code of the response reason string response reason phrase credentials array output field credentials credentials id string unique identifier credentials category string output field credentials category credentials default expand boolean output field credentials default expand credentials types array type of the resource credentials types id string unique identifier credentials types name string name of the resource credentials types max number type of the resource credentials types configuration array type of the resource credentials types configuration type string type of the resource credentials types configuration name string name of the resource credentials types configuration hint string type of the resource credentials types configuration id string unique identifier credentials types configuration filetype string type of the resource credentials types configuration required boolean type of the resource credentials types configuration default string type of the resource output example {"status code" 200,"response headers" {"date" "mon, 29 jan 2024 05 22 37 gmt","content type" "application/json;charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x content type options" "nosniff","x frame options" "deny","x xss protection" "1; mode=block","vary" "origin,accept encoding","cache control" "no store","content encoding" "gzip","x request uuid" "818c0a982173a7ae88ac4 list plugin families retrieves a comprehensive list of plugin families from tenable vulnerability management endpoint url plugins/families method get input argument name type required description parameters all boolean optional specifies whether to return all plugin families if true, the plugin families hidden in tenable io ui, for example, port scanners, are included in the list input example {"parameters" {"all"\ true}} output parameter type description families array output field families families count number count value families name string name of the resource families id number unique identifier output example {"families" \[{"count" 11342,"name" "aix local security checks","id" 1},{"count" 1164,"name" "amazon linux local security checks","id" 35},{"count" 114,"name" "backdoors","id" 17}]} list plugins retrieve a paginated list of detailed plugin information from tenable vulnerability management endpoint url plugins/plugin method get input argument name type required description parameters last updated string optional the last updated date to filter on in the yyyy mm dd format parameters size number optional the number of records to include in the result set default is 1,000 the maximum size is 10,000 parameters page number optional the index of the page to return relative to the specified page size for example, to return records 10 19 with page size 10, you must specify page 2 if you omit this parameter, tenable io applies the default value of 1 input example {"parameters" {"last updated" "2023 04 13","size" 1000,"page" 10}} output parameter type description data object response data data plugin details array response data data plugin details id number response data data plugin details name string response data data plugin details attributes object response data data plugin details attributes plugin modification date string response data data plugin details attributes plugin version string response data data plugin details attributes exploited by malware boolean response data data plugin details attributes description string response data data plugin details attributes unsupported by vendor boolean response data data plugin details attributes cvss temporal score number response data data plugin details attributes patch publication date string response data data plugin details attributes see also array response data data plugin details attributes default account boolean response data data plugin details attributes exploit available boolean response data data plugin details attributes exploit framework canvas boolean response data data plugin details attributes cvss base score number response data data plugin details attributes solution string response data data plugin details attributes exploit framework exploithub boolean response data data plugin details attributes cpe array response data data plugin details attributes plugin publication date string response data data plugin details attributes exploit framework core boolean response data data plugin details attributes in the news boolean response data data plugin details attributes has patch boolean response data data plugin details attributes xref array response data output example {"data" {"plugin details" \[{},{},{}]},"size" 1000,"params" {"page" 3,"size" 1000,"last updated" "2018 01 01"},"total count" 75621} list plugins in family retrieve a list of plugins within a specified family from tenable vulnerability management using the family id endpoint url plugins/families/{{id}} method get input argument name type required description path parameters id number required the id of the family to lookup input example {"path parameters" {"id" 34256}} output parameter type description plugins array output field plugins plugins id number unique identifier plugins name string name of the resource name string name of the resource id number unique identifier output example {"plugins" \[{"id" 22372,"name" "aix 5 1 iy19744"},{"id" 22373,"name" "aix 5 1 iy20486"},{"id" 22374,"name" "aix 5 1 iy21309"}],"name" "aix local security checks","id" 1} list policies retrieves a comprehensive list of scan policies available in tenable vulnerability management endpoint url policies method get output parameter type description status code number http status code of the response reason string response reason phrase policies array output field policies policies no target string output field policies no target policies template uuid string unique identifier policies description object output field policies description policies name string name of the resource policies owner string output field policies owner policies visibility string output field policies visibility policies shared number output field policies shared policies user permissions number output field policies user permissions policies last modification date number date value policies creation date number date value policies owner id number unique identifier policies id number unique identifier output example {"policies" \[{"no target" "string","template uuid" "string","description" {},"name" "example name","owner" "string","visibility" "string","shared" 123,"user permissions" 123,"last modification date" 123,"creation date" 123,"owner id" 123,"id" 123}]} list scanners retrieve all available scanners from tenable vulnerability management to track and analyze assets endpoint url scanners method get output parameter type description status code number http status code of the response reason string response reason phrase scanners array output field scanners scanners creation date number date value scanners group boolean output field scanners group scanners id number unique identifier scanners key string output field scanners key scanners last connect number output field scanners last connect scanners last modification date number date value scanners license object output field scanners license scanners license record id string unique identifier scanners license type string type of the resource scanners license activation code string output field scanners license activation code scanners license agents number output field scanners license agents scanners license ips number output field scanners license ips scanners license scanners number output field scanners license scanners scanners license users number output field scanners license users scanners license enterprise pause boolean output field scanners license enterprise pause scanners license expiration date number date value scanners license evaluation boolean output field scanners license evaluation scanners license apps object output field scanners license apps scanners license apps pci object output field scanners license apps pci scanners license apps pci mode string output field scanners license apps pci mode scanners license apps vm object output field scanners license apps vm scanners license apps vm assets number output field scanners license apps vm assets output example {"scanners" \[{"creation date" 123,"group"\ true,"id" 123,"key" "string","last connect" 123,"last modification date" 123,"license" {},"linked" 123,"name" "example name","network name" "example name","num scans" 123,"owner" "string","owner id" 123,"owner name" "example name","owner uuid" "string"}]} list tag values retrieve a list of tag values from tenable vulnerability management for categorization and analysis endpoint url tags/values method get input argument name type required description parameters f string optional a filter condition in the field\ operator \ value format, for example, f=value\ match \ rhel filters should match field\ op \ value format parameters ft string optional if multiple f parameters are present, specifies whether tenable vulnerability management applies and or or to conditions supported values are and and or if you omit this parameter when using multiple f parameters, tenable vulnerability management applies and by default parameters wf string optional a comma separated list of fields to include in the wildcard search provides the same functionality as a match condition in the f in parameter for example, f=value\ match \ chi returns the same results as wf=value\&w=chi wildcard fields include category name, value, description use the w parameter to specify the search value parameters w string optional a single search value for the wildcard fields specified in the wf parameter parameters limit number optional the number of records to retrieve if this parameter is omitted parameters offset number optional the starting record to retrieve if this parameter is omitted parameters sort string optional the field you want to use to sort the results by along with the sort order the field is specified first, followed by a colon, and the order is specified second (asc or desc) for example, value \ desc would sort results by the value field in descending order if you specify multiple fields, the fields must be separated by commas for example, value \ desc ,updated at \ asc would first sort results by the value field in descending order and then by the updated at field in ascending order input example {"parameters" {"f" "value\ match\ test","ft" "tag","wf" "f=category name\ match\ chi","w" "category name","limit" 5000,"offset" 0,"sort" "category name\ desc"}} output parameter type description status code number http status code of the response reason string response reason phrase values array value for the parameter values uuid string unique identifier values created at string value for the parameter values created by string value for the parameter values updated at string value for the parameter values updated by string value for the parameter values category uuid string unique identifier values value string value for the parameter values description string value for the parameter values type string type of the resource values category name string name of the resource values category description string value for the parameter values access control object value for the parameter values access control version number value for the parameter values access control current user permissions array value for the parameter pagination object output field pagination pagination offset number output field pagination offset pagination limit number output field pagination limit pagination total number output field pagination total pagination sort array output field pagination sort pagination sort name string name of the resource pagination sort order string output field pagination sort order output example {"status code" 200,"response headers" {"date" "mon, 03 feb 2025 07 00 39 gmt","content type" "application/pdf","content length" "44830","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","content disposition" "attachment; filename =utf 8''my+summary+report pdf","vary" "origin","strict transport security" "max age=63072000; includesubdomains","x frame options" "deny","x xss protection" "1; mode=block","x download options" " list templates retrieve tenable provided scan templates by specifying the template type requires 'type' as a path parameter endpoint url editor/{{type}}/templates method get input argument name type required description path parameters type string required the type of templates to retrieve (scan, policy, or remediation) input example {"path parameters" {"type" "scan"}} output parameter type description status code number http status code of the response reason string response reason phrase templates array output field templates templates unsupported boolean output field templates unsupported templates cloud only boolean output field templates cloud only templates desc string output field templates desc templates order number output field templates order templates subscription only boolean output field templates subscription only templates is was object output field templates is was templates title string output field templates title templates is agent object output field templates is agent templates uuid string unique identifier templates icon string output field templates icon templates manager only boolean output field templates manager only templates name string name of the resource output example {"status code" 200,"response headers" {"date" "wed, 24 jan 2024 11 23 56 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","cache control" "no store","pragma" "no cache","expires" "0","x frame options" "deny","x content type options" "nosniff","x xss protection" "1; mode=block","vary" "origin,accept encoding","content encoding" "gzip","x r list vulnerabilities retrieve a comprehensive list of vulnerabilities recorded by tenable vulnerability management endpoint url workbenches/vulnerabilities method get input argument name type required description parameters date range number optional the number of days of data prior to and including today that should be returned see readme for details parameters filter 0 filter string optional the name of the filter to apply to the exported scan report see readme for details parameters filter 0 quality string optional the operator of the filter to apply to the exported scan report see readme for details parameters filter 0 value string optional the value of the filter to apply to the exported scan report the value is case sensitive when used with the match (contains) or nmatch (does not contain) operators see readme for details parameters filter search type string optional for multiple filters, specifies whether to use the and or the or logical operator see readme for details input example {"parameters" {"date range" 7,"filter 0 filter" "plugin name","filter 0 quality" "match","filter 0 value" "rhel","filter search type" "and"}} output parameter type description status code number http status code of the response reason string response reason phrase vulnerabilities array output field vulnerabilities vulnerabilities count number count value vulnerabilities plugin family string output field vulnerabilities plugin family vulnerabilities plugin id number unique identifier vulnerabilities plugin name string name of the resource vulnerabilities vulnerability state string output field vulnerabilities vulnerability state vulnerabilities severity number output field vulnerabilities severity vulnerabilities accepted count number count value vulnerabilities recasted count number count value vulnerabilities counts by severity array output field vulnerabilities counts by severity vulnerabilities counts by severity count number count value vulnerabilities counts by severity value number value for the parameter vulnerabilities cvss base score number score value vulnerabilities cvss3 base score number score value vulnerabilities vpr score number score value total vulnerability count number count value total asset count number count value output example {"status code" 200,"response headers" {"date" "thu, 30 jan 2025 07 38 11 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","vary" "origin,accept encoding","strict transport security" "max age=63072000; includesubdomains","x frame options" "deny","x xss protection" "1; mode=block","x download options" "noopen","x content type options" "nosn list workbench assets retrieve a comprehensive list of assets from tenable vulnerability management for analysis and reporting endpoint url workbenches/assets method get input argument name type required description parameters date range number optional the number of days of data prior to and including today that should be returned see readme for details parameters filter 0 filter string optional the name of the filter to apply to the exported scan report see readme for details parameters filter 0 quality string optional the operator of the filter to apply to the exported scan report see readme for details parameters filter 0 value string optional the value of the filter to apply to the exported scan report the value is case sensitive when used with the match (contains) or nmatch (does not contain) operators see readme for details parameters filter search type string optional for multiple filters, specifies whether to use the and or the or logical operator see readme for details parameters all fields string optional a value specifying whether you want the returned data to include all fields (full) or only the default fields (default) see readme for details input example {"parameters" {"date range" 7,"filter 0 filter" "plugin name","filter 0 quality" "match","filter 0 value" "rhel","filter search type" "and","all fields" "full"}} output parameter type description status code number http status code of the response reason string response reason phrase assets array output field assets assets id string unique identifier assets has agent boolean output field assets has agent assets last seen string output field assets last seen assets last scan target string output field assets last scan target assets sources array output field assets sources assets sources name string name of the resource assets sources first seen string output field assets sources first seen assets sources last seen string output field assets sources last seen assets ipv4 array output field assets ipv4 assets ipv6 string output field assets ipv6 assets fqdn array output field assets fqdn assets netbios name string name of the resource assets operating system array output field assets operating system assets agent name string name of the resource assets aws ec2 name string name of the resource assets mac address string output field assets mac address assets bigfix asset id string unique identifier assets acr score number score value assets acr drivers array output field assets acr drivers assets acr drivers driver name string name of the resource assets acr drivers driver value array value for the parameter assets exposure score number score value output example {"status code" 200,"response headers" {"date" "mon, 10 feb 2025 06 14 18 gmt","content type" "application/json; charset=utf 8","transfer encoding" "chunked","connection" "keep alive","set cookie" "nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx clou ","x request uuid" "21421b6e91003b5601030f73ac735572","cache control" "no store","vary" "accept encoding,origin","accept ranges" "bytes","strict transport security" "max age=63072000; includesubdomains","x frame options" response headers header description example accept ranges http response header accept ranges bytes access control allow headers http response header access control allow headers accept, content type, authorization, x request uuid, x client id, x session uuid, x container uuid, x user uuid access control allow methods http response header access control allow methods get, post, delete, put access control allow origin http response header access control allow origin cache control directives for caching mechanisms no cache cf cache status http response header cf cache status dynamic cf ray http response header cf ray 84a7e83b3d008558 bom connection http response header connection keep alive content disposition http response header content disposition attachment; filename =utf 8''my+summary+report pdf content encoding http response header content encoding gzip content length the length of the response body in bytes 0 content security policy report only http response header content security policy report only script src 'none'; connect src 'none'; report uri https //csp reporting cloudflare com/cdn cgi/script monitor/report?m=b b6sod7ygzyalufbsuvlk1mmyliaffjzdi7bhtb0es 1706009231 1 aaczddnhnwb 73 h 4uij09q4rxvysgreuct 7nhbb6smkp7 iggws94 k6dgqk4hrvabe2k47mzdhc9dtj ywohai bjcp5egvlnzzzrqvshcmtcar6sk o9jf d6azu nbd2hye9yamkt46closa05bgn kd3auxds2scyn p0 ; report to cf csp endpoint content type the media type of the resource application/octet stream date the date and time at which the message was originated mon, 03 feb 2025 06 58 36 gmt expect ct http response header expect ct enforce, max age=86400 expires the date/time after which the response is considered stale 0 nel http response header nel {"success fraction" 0 01,"report to" "cf nel","max age" 604800 } pragma http response header pragma no cache referrer policy http response header referrer policy strict origin when cross origin report to http response header report to {"endpoints" \[{"url" " https //a nel cloudflare com/report/v3?s=jsctif6273ef4loz%2bxhjv1ey1pbxx%2f%2fzikev2inexg3qiifdasmkd%2bymymqj7k6sfmev3qheb0pwmr5qhpjdd%2f1zumdrgfk74sdlqlzmrhs3hk09eeak8ye7v19gjawxnxxh"}],"group" "cf nel","max age " 604800 } server information about the software used by the origin server cloudflare server timing http response header server timing cf q config;dur=6 0000002122251e 06 set cookie http response header set cookie nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure, nginx cloud site id=us 2a; path=/; httponly; samesite=strict; secure strict transport security http response header strict transport security max age=63072000; includesubdomains transfer encoding http response header transfer encoding chunked vary http response header vary origin x content type options http response header x content type options nosniff x download options http response header x download options noopen x frame options http response header x frame options deny x gateway site id http response header x gateway site id service nginx router ap south 1 prod dc984846c f56v8 x request uuid http response header x request uuid 4da52e6663753608e7cfc84ad97c3af9 x xss protection http response header x xss protection 1; mode=block