Audit Files¶
The following methods allow for interaction into the Tenable Security Center Audit File API and the Audit File Template API. These items are typically seen under the Scans: Audit Files section of Tenable Security Center.
Methods available on sc.audit_files
:
- class AuditFileAPI(api: APISession)[source]¶
- create(name, audit_file=None, tailoring_file=None, **kw)[source]¶
Creates a audit file.
- Parameters:
name (str) – The name of the audit file.
audit_file (FileObject, optional) – The file-like object containing the audit file if uploading a custom audit file.
benchmark (str, optional) – When the type is set to either SCAP datatype, this specifies the name of the benchmark.
data_stream (str, optional) – When using version 1.2 of either SCAP datatype, you must specify the name of the data stream.
description (str, optional) – A description of for the audit file.
profile (str, optional) – When the type is set to either SCAP datatype, this specifies the name of the profile.
tailoring_file (FileObject, optional) – When the SCAP version is set to 1.2, this tailoring file can optionally be provided.
template (int, optional) – The audit file template it to use. If using a template, then no file is uploaded.
type (str, optional) – The type of audit file to upload. Generally only used when uploading SCAP content as it will default to the Tenable-created audit-file format. Supported SCAP values are
scapWindows
andscapLinux
.vars (dict, optional) – If a template is specified, then this dictionary specifies the parameters within the template to customize and what those values should be. The values are provided within the template definition.
version (str, optional) – When specifying a SCAP datatype, this informs Tenable Security Center what version of SCAP this audit checklist is. Supported values are
1.0
,1.1
, and1.2
.
- Returns:
The newly created audit file.
- Return type:
Examples
>>> audit = sc.audit_files.create()
- delete(id)[source]¶
Removes a audit file.
- Parameters:
id (int) – The numeric identifier for the audit file to remove.
- Returns:
An empty response.
- Return type:
Examples
>>> sc.audit_files.delete(1)
- details(id, fields=None)[source]¶
Returns the details for a specific audit file.
- Parameters:
- Returns:
The audit file resource record.
- Return type:
Examples
>>> audit = sc.audit_files.details(1) >>> pprint(audit)
- edit(id, audit_file=None, tailoring_file=None, **kw)[source]¶
Edits a audit file.
- Parameters:
audit_file (FileObject, optional) – The file-like object containing the audit file if uploading a custom audit file.
benchmark (str, optional) – When the type is set to either SCAP datatype, this specifies the name of the benchmark.
data_stream (str, optional) – When using version 1.2 of either SCAP datatype, you must specify the name of the data stream.
description (str, optional) – A description of for the audit file.
name (str, optional) – The name of the audit file.
profile (str, optional) – When the type is set to either SCAP datatype, this specifies the name of the profile.
tailoring_file (FileObject, optional) – When the SCAP version is set to 1.2, this tailoring file can optionally be provided.
template (int, optional) – The audit file template it to use. If using a template, then no file is uploaded.
type (str, optional) – The type of audit file to upload. Generally only used when uploading SCAP content as it will default to the Tenable-created audit-file format. Supported SCAP values are
scapWindows
andscapLinux
.vars (dict, optional) – If a template is specified, then this dictionary specifies the parameters within the template to customize and what those values should be. The values are provided within the template definition.
version (str, optional) – When specifying a SCAP datatype, this informs Tenable Security Center what version of SCAP this audit checklist is. Supported values are
1.0
,1.1
, and1.2
.
- Returns:
The newly updated audit file.
- Return type:
Examples
>>> audit = sc.audit_files.edit()
- export_audit(id, fobj=None)[source]¶
Exports an Audit File.
- Parameters:
id (int) – The audit file numeric identifier.
fobj (FileObject, optional) – The file-like object to write the resulting file into. If no file-like object is provided, a BytesIO objects with the downloaded file will be returned. Be aware that the default option of using a BytesIO object means that the file will be stored in memory, and it’s generally recommended to pass an actual file-object to write to instead.
- Returns:
The file-like object with the resulting zipped report.
- Return type:
FileObject
Examples
>>> with open('example.zip', 'wb') as fobj: ... sc.audit_files.export_audit(1, fobj)
- list(fields=None)[source]¶
Retrieves the list of audit file definitions.
- Parameters:
fields (list, optional) – A list of attributes to return for each audit file.
- Returns:
A list of audit file resources.
- Return type:
Examples
>>> for audit in sc.audit_files.list(): ... pprint(audit)
- template_categories()[source]¶
Returns the audit file template categories
- Returns:
List of audit file category listing dicts.
- Return type:
Examples
>>> for cat in sc.audit_files.template_categorties(): ... pprint(cat)
- template_details(id, fields=None)[source]¶
Returns the details for the specified audit file template id.
- Parameters:
- Returns:
The audit file template record.
- Return type:
Examples
>>> tmpl = sc.audit_files.template_details(1)