Policies¶
The following methods allow for interaction into the Tenable Security Center Scan Policies API. These items are typically seen under the Scan Policies section of Tenable Security Center.
Methods available on sc.policies
:
- class ScanPolicyAPI(api: restfly.session.APISession)[source]¶
- copy(id, name=None)[source]¶
Clones the specified scan policy
- Parameters
- Returns
The scan policy resource record for the newly created policy.
- Return type
Examples
>>> policy = sc.policies.copy(10001) >>> pprint(policy)
- create(**kw)[source]¶
Creates a new scan policy
- Parameters
name (str) – The Name of the new scan policy
audit_files (list, optional) – A list of audit files (by integer id) to be used for the scan policy.
description (str, optional) – An optional description for the policy
preferences (dict, optional) – A dictionary of settings that override the defaults within a policy template.
profile_name (str, optional) – The profile of the scan. Default is an empty string.
owner_id (int, optional) – Define who shall own the policy by that user’s integer identifier
tags (str, optional) – An optional tag identifier for the policy
template_id (int, optional) – The identifier of the policy template to use. If none is specified, the default id for the “Advanced Policy” will be used.
xccdf (bool, optional) – Should XCCDF results be generated? The default is False.
- Returns
The created scan policy resource.
- Return type
Examples
An example advanced policy with all of the default preferences.
>>> sc.policies.create( ... name='Example Advanced Policy')
An example policy where we want to modify
- delete(id)[source]¶
Removes a configured scan policy.
- Parameters
id (int) – The unique identifier for the policy to remove.
- Returns
The empty response from the API.
- Return type
Examples
>>> sc.policies.delete(10001)
- details(id, fields=None)[source]¶
Retrieves the details for a specified policy.
- Parameters
- Returns
Details about the scan policy template
- Return type
Examples
>>> policy = sc.policies.details(2) >>> pprint(policy)
- edit(id, **kw)[source]¶
Edits an existing scan policy
- Parameters
id (int) – The unique identifier to the scan policy to edit
audit_files (list, optional) – A list of audit files (by integer id) to be used for the scan policy.
description (str, optional) – An optional description for the policy
name (str, optional) – The Name of the new scan policy
preferences (dict, optional) – A dictionary of settings that override the defaults within a policy template.
profile_name (str, optional) – The profile of the scan. Default is an empty string.
remove_prefs (list, optional) – A list of preferences to remove from the policy.
owner_id (int, optional) – Define who shall own the policy by that user’s integer identifier
tags (str, optional) – An optional tag identifier for the policy
template_id (int, optional) – The identifier of the policy template to use. If none is specified, the default id for the “Advanced Policy” will be used.
xccdf (bool, optional) – Should XCCDF results be generated? The default is False.
- Returns
The updated scan policy resource.
- Return type
Examples
An example advanced policy with all of the default preferences.
>>> sc.policies.edit(10001, ... name='Updated Example Advanced Policy')
To remove a preference, you would perform the following:
>>> sc.policies.edit(10001, ... remove_prefs=['scan_malware'])
- export_policy(id, fobj=None)[source]¶
Export the specified scan policy
- Parameters
id (int) – The unique identifier for the scan policy to export.
fobj (FileObject, optional) – The file-like object to write the resulting file into. If no file-like object is provided, a BytesIO objects with the downloaded file will be returned. Be aware that the default option of using a BytesIO object means that the file will be stored in memory, and it’s generally recommended to pass an actual file-object to write to instead.
- Returns
The file-like object with the resulting export.
- Return type
FileObject
Examples
>>> with open('example_policy.xml', 'wb') as fobj: ... sc.policies.export_policy(1001, fobj)
- import_policy(name, fobj, description=None, tags=None)[source]¶
Imports a scan policy into Tenable Security Center
- Parameters
- Returns
An empty response from the API.
- Return type
Examples
>>> with open('example_policy.xml', 'rb') as fobj: ... sc.policies.import_policy('Example Policy', fobj)
- list(fields=None)[source]¶
Retrieved the list of Scan policies configured.
- Parameters
fields (list, optional) – The list of fields that are desired to be returned. For details on what fields are available, please refer to the details on the request within the policy list API doc.
- Returns
usable & manageable scan policies.
- Return type
Examples
>>> policies = sc.policies.list() >>> for policy in policies['manageable']: ... pprint(policy)
- share(id, *groups)[source]¶
Shares the policy with other user groups.
- Parameters
- Returns
The updated scan policy resource.
- Return type
Examples
Share the scan policy with groups 1, 2, and 3:
>>> sc.policies.share(10001, 1, 2, 3)
- tags()[source]¶
Returns the list of unique tags associated to scan policies.
- Returns
The list of unique tags
- Return type
Examples
>>> tags = sc.policies.tags() >>> pprint(tags)
- template_details(id, fields=None, remove_editor=True)[source]¶
Retrieves the details for a specified policy template.
- Parameters
id (int) – The unique identifier for the policy template
fields (list, optional) – The list of fields that are desired to be returned. For details on what fields are available, please refer to the details on the request within the policy template details API doc.
remove_editor (bol, optional) – Should the response have the raw editor string removed? The default is yes.
- Returns
Details about the scan policy template
- Return type
Examples
>>> template = sc.policies.template_details(2) >>> pprint(template)
- template_list(fields=None)[source]¶
Retrieved the list of scan policy templates.
- Parameters
fields (list, optional) – The list of fields that are desired to be returned. For details on what fields are available, please refer to the details on the request within the policy template list API doc.
- Returns
List of available policy templates
- Return type
Examples
>>> templates = sc.policies.template_list() >>> for policy in templates: ... pprint(policy)