Exclusions¶
The following methods allow for interaction into the Tenable Vulnerability Management exclusions API endpoints.
Methods available on tio.exclusions
:
- class ExclusionsAPI(api: restfly.session.APISession)[source]¶
This will contain all methods related to exclusions
- create(name, members, start_time=None, end_time=None, timezone=None, description=None, frequency=None, interval=None, weekdays=None, day_of_month=None, enabled=True, network_id=None)[source]¶
Create a scan target exclusion.
- Parameters
name (str) – The name of the exclusion to create.
members (list) – The exclusions members. Each member should be a string with either a FQDN, IP Address, IP Range, or CIDR.
description (str, optional) – Some further detail about the exclusion.
start_time (datetime) – When the exclusion should start.
end_time (datetime) – When the exclusion should end.
timezone (str, optional) – The timezone to use for the exclusion. The default if none is specified is to use UTC. For the list of usable timezones, please refer to devportalscans-timezones
frequency (str, optional) – The frequency of the rule. The string inputted will be up-cased. Valid values are:
ONETIME
,DAILY
,WEEKLY
,MONTHLY
,YEARLY
. Default value isONETIME
.interval (int, optional) – The interval of the rule. The default interval is 1
weekdays (list, optional) – List of 2-character representations of the days of the week to repeat the frequency rule on. Valid values are: SU, MO, TU, WE, TH, FR, SA Default values:
['SU', 'MO', 'TU', 'WE', 'TH', 'FR', 'SA']
day_of_month (int, optional) – The day of the month to repeat a MONTHLY frequency rule on. The default is today.
enabled (bool, optional) – If enabled is true, the exclusion schedule is active. If enabled is false, the exclusion is “Always Active” The default value is
True
network_id (uuid, optional) – The ID of the network object associated with scanners where Tenable Vulnerability Management applies the exclusion.
- Returns
Dictionary of the newly minted exclusion.
- Return type
Examples
Creating a one-time exclusion:
>>> from datetime import datetime, timedelta >>> exclusion = tio.exclusions.create( ... 'Example One-Time Exclusion', ... ['127.0.0.1'], ... start_time=datetime.utcnow(), ... end_time=datetime.utcnow() + timedelta(hours=1))
Creating a daily exclusion:
>>> exclusion = tio.exclusions.create( ... 'Example Daily Exclusion', ... ['127.0.0.1'], ... frequency='daily', ... start_time=datetime.utcnow(), ... end_time=datetime.utcnow() + timedelta(hours=1))
Creating a weekly exclusion:
>>> exclusion = tio.exclusions.create( ... 'Example Weekly Exclusion', ... ['127.0.0.1'], ... frequency='weekly', ... weekdays=['mo', 'we', 'fr'], ... start_time=datetime.utcnow(), ... end_time=datetime.utcnow() + timedelta(hours=1))
Creating a monthly esxclusion:
>>> exclusion = tio.exclusions.create( ... 'Example Monthly Exclusion', ... ['127.0.0.1'], ... frequency='monthly', ... day_of_month=1, ... start_time=datetime.utcnow(), ... end_time=datetime.utcnow() + timedelta(hours=1))
Creating a yearly exclusion:
>>> exclusion = tio.exclusions.create( ... 'Example Yearly Exclusion', ... ['127.0.0.1'], ... frequency='yearly', ... start_time=datetime.utcnow(), ... end_time=datetime.utcnow() + timedelta(hours=1))
- delete(exclusion_id)[source]¶
Delete a scan target exclusion.
- Parameters
exclusion_id (int) – The exclusion identifier to delete
- Returns
The exclusion was successfully deleted.
- Return type
Examples
>>> tio.exclusions.delete(1)
- details(exclusion_id)[source]¶
Retrieve the details for a specific scan target exclusion.
- Parameters
exclusion_id (int) – The exclusion identifier.
- Returns
The exclusion record requested.
- Return type
Examples
>>> exclusion = tio.exclusions.details(1) >>> pprint(exclusion)
- edit(exclusion_id, name=None, members=None, start_time=None, end_time=None, timezone=None, description=None, frequency=None, interval=None, weekdays=None, day_of_month=None, enabled=None, network_id=None)[source]¶
Edit an existing scan target exclusion.
The edit function will first gather the details of the exclusion that will be edited and will overlay the changes on top. The result will then be pushed back to the API to modify the exclusion.
- Parameters
exclusion_id (int) – The id of the exclusion object in Tenable Vulnerability Management
scanner_id (int, optional) – The scanner id.
name (str, optional) – The name of the exclusion to create.
description (str, optional) – Some further detail about the exclusion.
start_time (datetime, optional) – When the exclusion should start.
end_time (datetime, optional) – When the exclusion should end.
timezone (str, optional) – The timezone to use for the exclusion. The default if none is specified is to use UTC.
frequency (str, optional) – The frequency of the rule. The string inputted will be upcased. Valid values are: ONETIME, DAILY, WEEKLY, MONTHLY, YEARLY.
interval (int, optional) – The interval of the rule.
weekdays (list, optional) – List of 2-character representations of the days of the week to repeat the frequency rule on. Valid values are: SU, MO, TU, WE, TH, FR, SA Default values:
['SU', 'MO', 'TU', 'WE', 'TH', 'FR', 'SA']
day_of_month (int, optional) – The day of the month to repeat a MONTHLY frequency rule on.
enabled (bool, optional) – enable/disable exclusion.
network_id (uuid, optional) – The ID of the network object associated with scanners where Tenable Vulnerability Management applies the exclusion.
- Returns
Dictionary of the newly minted exclusion.
- Return type
Examples
Modifying the name of an exclusion:
>>> exclusion = tio.exclusions.edit(1, name='New Name')
- exclusions_import(fobj)[source]¶
Import exclusions into Tenable Vulnerability Management.
- Parameters
fobj (FileObject) – The file object of the exclusion(s) you wish to import.
- Returns
Returned if Tenable Vulnerability Management successfully imports the exclusion file.
- Return type
Examples
>>> with open('import_example.csv') as exclusion: ... tio.exclusions.exclusions_import(exclusion)