Exclusions

The following methods allow for interaction into the Tenable Vulnerability Management exclusions API endpoints.

Methods available on tio.exclusions:

class ExclusionsAPI(api: restfly.session.APISession)[source]

This will contain all methods related to exclusions

create(name, members, start_time=None, end_time=None, timezone=None, description=None, frequency=None, interval=None, weekdays=None, day_of_month=None, enabled=True, network_id=None)[source]

Create a scan target exclusion.

exclusions: create

Parameters
  • name (str) – The name of the exclusion to create.

  • members (list) – The exclusions members. Each member should be a string with either a FQDN, IP Address, IP Range, or CIDR.

  • description (str, optional) – Some further detail about the exclusion.

  • start_time (datetime) – When the exclusion should start.

  • end_time (datetime) – When the exclusion should end.

  • timezone (str, optional) – The timezone to use for the exclusion. The default if none is specified is to use UTC. For the list of usable timezones, please refer to devportalscans-timezones

  • frequency (str, optional) – The frequency of the rule. The string inputted will be up-cased. Valid values are: ONETIME, DAILY, WEEKLY, MONTHLY, YEARLY. Default value is ONETIME.

  • interval (int, optional) – The interval of the rule. The default interval is 1

  • weekdays (list, optional) – List of 2-character representations of the days of the week to repeat the frequency rule on. Valid values are: SU, MO, TU, WE, TH, FR, SA Default values: ['SU', 'MO', 'TU', 'WE', 'TH', 'FR', 'SA']

  • day_of_month (int, optional) – The day of the month to repeat a MONTHLY frequency rule on. The default is today.

  • enabled (bool, optional) – If enabled is true, the exclusion schedule is active. If enabled is false, the exclusion is “Always Active” The default value is True

  • network_id (uuid, optional) – The ID of the network object associated with scanners where Tenable Vulnerability Management applies the exclusion.

Returns

Dictionary of the newly minted exclusion.

Return type

dict

Examples

Creating a one-time exclusion:

>>> from datetime import datetime, timedelta
>>> exclusion = tio.exclusions.create(
...     'Example One-Time Exclusion',
...     ['127.0.0.1'],
...     start_time=datetime.utcnow(),
...     end_time=datetime.utcnow() + timedelta(hours=1))

Creating a daily exclusion:

>>> exclusion = tio.exclusions.create(
...     'Example Daily Exclusion',
...     ['127.0.0.1'],
...     frequency='daily',
...     start_time=datetime.utcnow(),
...     end_time=datetime.utcnow() + timedelta(hours=1))

Creating a weekly exclusion:

>>> exclusion = tio.exclusions.create(
...     'Example Weekly Exclusion',
...     ['127.0.0.1'],
...     frequency='weekly',
...     weekdays=['mo', 'we', 'fr'],
...     start_time=datetime.utcnow(),
...     end_time=datetime.utcnow() + timedelta(hours=1))

Creating a monthly esxclusion:

>>> exclusion = tio.exclusions.create(
...     'Example Monthly Exclusion',
...     ['127.0.0.1'],
...     frequency='monthly',
...     day_of_month=1,
...     start_time=datetime.utcnow(),
...     end_time=datetime.utcnow() + timedelta(hours=1))

Creating a yearly exclusion:

>>> exclusion = tio.exclusions.create(
...     'Example Yearly Exclusion',
...     ['127.0.0.1'],
...     frequency='yearly',
...     start_time=datetime.utcnow(),
...     end_time=datetime.utcnow() + timedelta(hours=1))
delete(exclusion_id)[source]

Delete a scan target exclusion.

exclusions: delete

Parameters

exclusion_id (int) – The exclusion identifier to delete

Returns

The exclusion was successfully deleted.

Return type

None

Examples

>>> tio.exclusions.delete(1)
details(exclusion_id)[source]

Retrieve the details for a specific scan target exclusion.

exclusions: details

Parameters

exclusion_id (int) – The exclusion identifier.

Returns

The exclusion record requested.

Return type

dict

Examples

>>> exclusion = tio.exclusions.details(1)
>>> pprint(exclusion)
edit(exclusion_id, name=None, members=None, start_time=None, end_time=None, timezone=None, description=None, frequency=None, interval=None, weekdays=None, day_of_month=None, enabled=None, network_id=None)[source]

Edit an existing scan target exclusion.

exclusions: edit

The edit function will first gather the details of the exclusion that will be edited and will overlay the changes on top. The result will then be pushed back to the API to modify the exclusion.

Parameters
  • exclusion_id (int) – The id of the exclusion object in Tenable Vulnerability Management

  • scanner_id (int, optional) – The scanner id.

  • name (str, optional) – The name of the exclusion to create.

  • description (str, optional) – Some further detail about the exclusion.

  • start_time (datetime, optional) – When the exclusion should start.

  • end_time (datetime, optional) – When the exclusion should end.

  • timezone (str, optional) – The timezone to use for the exclusion. The default if none is specified is to use UTC.

  • frequency (str, optional) – The frequency of the rule. The string inputted will be upcased. Valid values are: ONETIME, DAILY, WEEKLY, MONTHLY, YEARLY.

  • interval (int, optional) – The interval of the rule.

  • weekdays (list, optional) – List of 2-character representations of the days of the week to repeat the frequency rule on. Valid values are: SU, MO, TU, WE, TH, FR, SA Default values: ['SU', 'MO', 'TU', 'WE', 'TH', 'FR', 'SA']

  • day_of_month (int, optional) – The day of the month to repeat a MONTHLY frequency rule on.

  • enabled (bool, optional) – enable/disable exclusion.

  • network_id (uuid, optional) – The ID of the network object associated with scanners where Tenable Vulnerability Management applies the exclusion.

Returns

Dictionary of the newly minted exclusion.

Return type

dict

Examples

Modifying the name of an exclusion:

>>> exclusion = tio.exclusions.edit(1, name='New Name')
exclusions_import(fobj)[source]

Import exclusions into Tenable Vulnerability Management.

exclusions: import

Parameters

fobj (FileObject) – The file object of the exclusion(s) you wish to import.

Returns

Returned if Tenable Vulnerability Management successfully imports the exclusion file.

Return type

None

Examples

>>> with open('import_example.csv') as exclusion:
...     tio.exclusions.exclusions_import(exclusion)
list()[source]

List the currently configured scan target exclusions.

exclusions: list

Returns

List of exclusion resource records.

Return type

list

Examples

>>> for exclusion in tio.exclusions.list():
...     pprint(exclusion)