Exclusions¶
The following methods allow for interaction into the Tenable Vulnerability Management exclusions API endpoints.
Methods available on tio.exclusions:
- class ExclusionsAPI(api: APISession)[source]¶
This will contain all methods related to exclusions
- create(name, members, start_time=None, end_time=None, timezone=None, description=None, frequency=None, interval=None, weekdays=None, day_of_month=None, enabled=True, network_id=None)[source]¶
Create a scan target exclusion.
- Parameters:
name (str) – The name of the exclusion to create.
members (list) – The exclusions members. Each member should be a string with either a FQDN, IP Address, IP Range, or CIDR.
description (str, optional) – Some further detail about the exclusion.
start_time (datetime) – When the exclusion should start.
end_time (datetime) – When the exclusion should end.
timezone (str, optional) – The timezone to use for the exclusion. The default if none is specified is to use UTC. For the list of usable timezones, please refer to scans: timezones
frequency (str, optional) – The frequency of the rule. The string inputted will be up-cased. Valid values are:
ONETIME,DAILY,WEEKLY,MONTHLY,YEARLY. Default value isONETIME.interval (int, optional) – The interval of the rule. The default interval is 1
weekdays (list, optional) – List of 2-character representations of the days of the week to repeat the frequency rule on. Valid values are: SU, MO, TU, WE, TH, FR, SA Default values:
['SU', 'MO', 'TU', 'WE', 'TH', 'FR', 'SA']day_of_month (int, optional) – The day of the month to repeat a MONTHLY frequency rule on. The default is today.
enabled (bool, optional) – If enabled is true, the exclusion schedule is active. If enabled is false, the exclusion is “Always Active”. The default value is
Truenetwork_id (uuid, optional) – The ID of the network object associated with scanners where Tenable Vulnerability Management applies the exclusion.
- Returns:
Dictionary of the newly minted exclusion.
- Return type:
Examples
Creating a one-time exclusion:
>>> from datetime import datetime, timedelta >>> exclusion = tio.exclusions.create( ... 'Example One-Time Exclusion', ... ['127.0.0.1'], ... start_time=datetime.utcnow(), ... end_time=datetime.utcnow() + timedelta(hours=1))
Creating a daily exclusion:
>>> exclusion = tio.exclusions.create( ... 'Example Daily Exclusion', ... ['127.0.0.1'], ... frequency='daily', ... start_time=datetime.utcnow(), ... end_time=datetime.utcnow() + timedelta(hours=1))
Creating a weekly exclusion:
>>> exclusion = tio.exclusions.create( ... 'Example Weekly Exclusion', ... ['127.0.0.1'], ... frequency='weekly', ... weekdays=['mo', 'we', 'fr'], ... start_time=datetime.utcnow(), ... end_time=datetime.utcnow() + timedelta(hours=1))
Creating a monthly esxclusion:
>>> exclusion = tio.exclusions.create( ... 'Example Monthly Exclusion', ... ['127.0.0.1'], ... frequency='monthly', ... day_of_month=1, ... start_time=datetime.utcnow(), ... end_time=datetime.utcnow() + timedelta(hours=1))
Creating a yearly exclusion:
>>> exclusion = tio.exclusions.create( ... 'Example Yearly Exclusion', ... ['127.0.0.1'], ... frequency='yearly', ... start_time=datetime.utcnow(), ... end_time=datetime.utcnow() + timedelta(hours=1))
- delete(exclusion_id)[source]¶
Delete a scan target exclusion.
- Parameters:
exclusion_id (int) – The exclusion identifier to delete
- Returns:
The exclusion was successfully deleted.
- Return type:
Examples
>>> tio.exclusions.delete(1)
- details(exclusion_id)[source]¶
Retrieve the details for a specific scan target exclusion.
- Parameters:
exclusion_id (int) – The exclusion identifier.
- Returns:
The exclusion record requested.
- Return type:
Examples
>>> exclusion = tio.exclusions.details(1) >>> pprint(exclusion)
- edit(exclusion_id, name=None, members=None, start_time=None, end_time=None, timezone=None, description=None, frequency=None, interval=None, weekdays=None, day_of_month=None, enabled=None, network_id=None)[source]¶
Edit an existing scan target exclusion.
The edit function will first gather the details of the exclusion that will be edited and will overlay the changes on top. The result will then be pushed back to the API to modify the exclusion.
- Parameters:
exclusion_id (int) – The id of the exclusion object in Tenable Vulnerability Management
scanner_id (int, optional) – The scanner id.
name (str, optional) – The name of the exclusion to create.
description (str, optional) – Some further detail about the exclusion.
start_time (datetime, optional) – When the exclusion should start.
end_time (datetime, optional) – When the exclusion should end.
timezone (str, optional) – The timezone to use for the exclusion. The default if none is specified is to use UTC.
frequency (str, optional) – The frequency of the rule. The string inputted will be upcased. Valid values are: ONETIME, DAILY, WEEKLY, MONTHLY, YEARLY.
interval (int, optional) – The interval of the rule.
weekdays (list, optional) – List of 2-character representations of the days of the week to repeat the frequency rule on. Valid values are: SU, MO, TU, WE, TH, FR, SA Default values:
['SU', 'MO', 'TU', 'WE', 'TH', 'FR', 'SA']day_of_month (int, optional) – The day of the month to repeat a MONTHLY frequency rule on.
enabled (bool, optional) – enable/disable exclusion.
network_id (uuid, optional) – The ID of the network object associated with scanners where Tenable Vulnerability Management applies the exclusion.
- Returns:
Dictionary of the newly minted exclusion.
- Return type:
Examples
Modifying the name of an exclusion:
>>> exclusion = tio.exclusions.edit(1, name='New Name')
- exclusions_import(fobj)[source]¶
Import exclusions into Tenable Vulnerability Management.
- Parameters:
fobj (FileObject) – The file object of the exclusion(s) you wish to import.
- Returns:
Returned if Tenable Vulnerability Management successfully imports the exclusion file.
- Return type:
Examples
>>> with open('import_example.csv') as exclusion: ... tio.exclusions.exclusions_import(exclusion)