Audit Files¶
The following methods allow for interaction into the Tenable Security Center Audit File API and the Audit File Template API. These items are typically seen under the Scans: Audit Files section of Tenable Security Center.
Methods available on sc.audit_files
:
- class AuditFileAPI(api: restfly.session.APISession)[source]¶
- create(name, audit_file=None, tailoring_file=None, **kw)[source]¶
Creates a audit file.
- Parameters
name (str) – The name of the audit file.
audit_file (FileObject, optional) – The file-like object containing the audit file if uploading a custom audit file.
benchmark (str, optional) – When the type is set to either SCAP datatype, this specifies the name of the benchmark.
data_stream (str, optional) – When using version 1.2 of either SCAP datatype, you must specify the name of the data stream.
description (str, optional) – A description of for the audit file.
profile (str, optional) – When the type is set to either SCAP datatype, this specifies the name of the profile.
tailoring_file (FileObject, optional) – When the SCAP version is set to 1.2, this tailoring file can optionally be provided.
template (int, optional) – The audit file template it to use. If using a template, then no file is uploaded.
type (str, optional) – The type of audit file to upload. Generally only used when uploading SCAP content as it will default to the Tenable-created audit-file format. Supported SCAP values are
scapWindows
andscapLinux
.vars (dict, optional) – If a template is specified, then this dictionary specifies the parameters within the template to customize and what those values should be. The values are provided within the template definition.
version (str, optional) – When specifying a SCAP datatype, this informs Tenable Security Center what version of SCAP this audit checklist is. Supported values are
1.0
,1.1
, and1.2
.
- Returns
The newly created audit file.
- Return type
Examples
>>> audit = sc.audit_files.create()
- delete(id)[source]¶
Removes a audit file.
- Parameters
id (int) – The numeric identifier for the audit file to remove.
- Returns
An empty response.
- Return type
Examples
>>> sc.audit_files.delete(1)
- details(id, fields=None)[source]¶
Returns the details for a specific audit file.
- Parameters
- Returns
The audit file resource record.
- Return type
Examples
>>> audit = sc.audit_files.details(1) >>> pprint(audit)
- edit(id, audit_file=None, tailoring_file=None, **kw)[source]¶
Edits a audit file.
- Parameters
audit_file (FileObject, optional) – The file-like object containing the audit file if uploading a custom audit file.
benchmark (str, optional) – When the type is set to either SCAP datatype, this specifies the name of the benchmark.
data_stream (str, optional) – When using version 1.2 of either SCAP datatype, you must specify the name of the data stream.
description (str, optional) – A description of for the audit file.
name (str, optional) – The name of the audit file.
profile (str, optional) – When the type is set to either SCAP datatype, this specifies the name of the profile.
tailoring_file (FileObject, optional) – When the SCAP version is set to 1.2, this tailoring file can optionally be provided.
template (int, optional) – The audit file template it to use. If using a template, then no file is uploaded.
type (str, optional) – The type of audit file to upload. Generally only used when uploading SCAP content as it will default to the Tenable-created audit-file format. Supported SCAP values are
scapWindows
andscapLinux
.vars (dict, optional) – If a template is specified, then this dictionary specifies the parameters within the template to customize and what those values should be. The values are provided within the template definition.
version (str, optional) – When specifying a SCAP datatype, this informs Tenable Security Center what version of SCAP this audit checklist is. Supported values are
1.0
,1.1
, and1.2
.
- Returns
The newly updated audit file.
- Return type
Examples
>>> audit = sc.audit_files.edit()
- export_audit(id, fobj=None)[source]¶
Exports an Audit File.
- Parameters
id (int) – The audit file numeric identifier.
fobj (FileObject, optional) – The file-like object to write the resulting file into. If no file-like object is provided, a BytesIO objects with the downloaded file will be returned. Be aware that the default option of using a BytesIO object means that the file will be stored in memory, and it’s generally recommended to pass an actual file-object to write to instead.
- Returns
The file-like object with the resulting zipped report.
- Return type
FileObject
Examples
>>> with open('example.zip', 'wb') as fobj: ... sc.audit_files.export_audit(1, fobj)
- list(fields=None)[source]¶
Retrieves the list of audit file definitions.
- Parameters
fields (list, optional) – A list of attributes to return for each audit file.
- Returns
A list of audit file resources.
- Return type
Examples
>>> for audit in sc.audit_files.list(): ... pprint(audit)
- template_categories()[source]¶
Returns the audit file template categories
- Returns
List of audit file category listing dicts.
- Return type
Examples
>>> for cat in sc.audit_files.template_categorties(): ... pprint(cat)
- template_details(id, fields=None)[source]¶
Returns the details for the specified audit file template id.
- Parameters
- Returns
The audit file template record.
- Return type
Examples
>>> tmpl = sc.audit_files.template_details(1)