Audit Files

The following methods allow for interaction into the Tenable Security Center Audit File API and the Audit File Template API. These items are typically seen under the Scans: Audit Files section of Tenable Security Center.

Methods available on sc.audit_files:

class AuditFileAPI(api: APISession)[source]
create(name, audit_file=None, tailoring_file=None, **kw)[source]

Creates a audit file.

audit file: create

Parameters:
  • name (str) – The name of the audit file.

  • audit_file (FileObject, optional) – The file-like object containing the audit file if uploading a custom audit file.

  • benchmark (str, optional) – When the type is set to either SCAP datatype, this specifies the name of the benchmark.

  • data_stream (str, optional) – When using version 1.2 of either SCAP datatype, you must specify the name of the data stream.

  • description (str, optional) – A description of for the audit file.

  • profile (str, optional) – When the type is set to either SCAP datatype, this specifies the name of the profile.

  • tailoring_file (FileObject, optional) – When the SCAP version is set to 1.2, this tailoring file can optionally be provided.

  • template (int, optional) – The audit file template it to use. If using a template, then no file is uploaded.

  • type (str, optional) – The type of audit file to upload. Generally only used when uploading SCAP content as it will default to the Tenable-created audit-file format. Supported SCAP values are scapWindows and scapLinux.

  • vars (dict, optional) – If a template is specified, then this dictionary specifies the parameters within the template to customize and what those values should be. The values are provided within the template definition.

  • version (str, optional) – When specifying a SCAP datatype, this informs Tenable Security Center what version of SCAP this audit checklist is. Supported values are 1.0, 1.1, and 1.2.

Returns:

The newly created audit file.

Return type:

dict

Examples

>>> audit = sc.audit_files.create()
delete(id)[source]

Removes a audit file.

audit file: delete

Parameters:

id (int) – The numeric identifier for the audit file to remove.

Returns:

An empty response.

Return type:

str

Examples

>>> sc.audit_files.delete(1)
details(id, fields=None)[source]

Returns the details for a specific audit file.

audit file: details

Parameters:
  • id (int) – The identifier for the audit file.

  • fields (list, optional) – A list of attributes to return.

Returns:

The audit file resource record.

Return type:

dict

Examples

>>> audit = sc.audit_files.details(1)
>>> pprint(audit)
edit(id, audit_file=None, tailoring_file=None, **kw)[source]

Edits a audit file.

audit file: edit

Parameters:
  • audit_file (FileObject, optional) – The file-like object containing the audit file if uploading a custom audit file.

  • benchmark (str, optional) – When the type is set to either SCAP datatype, this specifies the name of the benchmark.

  • data_stream (str, optional) – When using version 1.2 of either SCAP datatype, you must specify the name of the data stream.

  • description (str, optional) – A description of for the audit file.

  • name (str, optional) – The name of the audit file.

  • profile (str, optional) – When the type is set to either SCAP datatype, this specifies the name of the profile.

  • tailoring_file (FileObject, optional) – When the SCAP version is set to 1.2, this tailoring file can optionally be provided.

  • template (int, optional) – The audit file template it to use. If using a template, then no file is uploaded.

  • type (str, optional) – The type of audit file to upload. Generally only used when uploading SCAP content as it will default to the Tenable-created audit-file format. Supported SCAP values are scapWindows and scapLinux.

  • vars (dict, optional) – If a template is specified, then this dictionary specifies the parameters within the template to customize and what those values should be. The values are provided within the template definition.

  • version (str, optional) – When specifying a SCAP datatype, this informs Tenable Security Center what version of SCAP this audit checklist is. Supported values are 1.0, 1.1, and 1.2.

Returns:

The newly updated audit file.

Return type:

dict

Examples

>>> audit = sc.audit_files.edit()
export_audit(id, fobj=None)[source]

Exports an Audit File.

audit file: export

Parameters:
  • id (int) – The audit file numeric identifier.

  • fobj (FileObject, optional) – The file-like object to write the resulting file into. If no file-like object is provided, a BytesIO objects with the downloaded file will be returned. Be aware that the default option of using a BytesIO object means that the file will be stored in memory, and it’s generally recommended to pass an actual file-object to write to instead.

Returns:

The file-like object with the resulting zipped report.

Return type:

FileObject

Examples

>>> with open('example.zip', 'wb') as fobj:
...     sc.audit_files.export_audit(1, fobj)
list(fields=None)[source]

Retrieves the list of audit file definitions.

audit file: list

Parameters:

fields (list, optional) – A list of attributes to return for each audit file.

Returns:

A list of audit file resources.

Return type:

list

Examples

>>> for audit in sc.audit_files.list():
...     pprint(audit)
template_categories()[source]

Returns the audit file template categories

audit template: categories

Returns:

List of audit file category listing dicts.

Return type:

list

Examples

>>> for cat in sc.audit_files.template_categorties():
...     pprint(cat)
template_details(id, fields=None)[source]

Returns the details for the specified audit file template id.

audit template: details

Parameters:
  • id (int) – The numeric identifier for the audit file template.

  • fields (list, optional) – A list of attributes to return.

Returns:

The audit file template record.

Return type:

dict

Examples

>>> tmpl = sc.audit_files.template_details(1)
template_list(category=None, search=None, fields=None)[source]

Returns the list of audit file templates.

audit templates: list

Parameters:
  • category (int, optional) – Restrict the results to only the specified category id.

  • fields (list, optional) – A list of attributes to return.

  • search (str, optional) – Restrict the response to only audit file names that match the search string specified.

Returns:

List of audit file records.

Return type:

list

Examples

>>> for tmpl in sc.audit_files.template_list():
...     pprint(tmpl)