Common Themes¶
Tenable Security Center CRUD within pyTenable¶
pyTenable allows for the ability to leverage both the naturalized inputs as well as passing the raw parameters within the same structure. In some cases this doesn’t seem immediately obvious, however allows for the ability to pass parameters that either haven’t yet been, or in some cases, may never be interpreted by the library.
For example, in the alerts API, you could pass the snake_cased
always_exec_on_trigger
or you could pass what the API endpoint itself
expects, which is executeOnEveryTrigger
. The snake-cased version expects a
boolean value, which will be converted into the string value that camelCased
variant expects. You’ll see this behavior a lot throughout the library, and is
intended to allow you to sidestep most things should you need to. For example,
in the alerts API again, you may not want to pass a trigger as
trigger=('sumip', '>=', '100')
and instead pass as the parameters that are
to be written into the JSON request:
triggerName='sumip', triggerOperator='>=', triggerValue='100'
. Both of
these methods will produce the same JSON request, and the the option is yours
to use the right way for the job.
Along these same lines, its possible to see how the JSON documents are being
constructed by simply looking at the _constructor
methods for each
APIEndpoint class. If pyTenable is getting in your way, you can almost always
sidestep it and pass the exact dictionary you wish to pass on to the API.
Schedule Dictionaries¶
A dictionary detailing the repeating schedule within Tenable Security Center. This
dictionary consists of 1 or 3 parameters, depending on the type of schedule.
In all of the definitions except ical
, a single parameter of type
is
passed with lone of the following values: ical
, never
, rollover
, and
template
. If no document is specified, then the default of never
is
assumed. For repeating scans, you’ll have to use the type of ical
and also
specify the start
and repeatRule
parameters as well. The start
parameter is an
iCal DateTime Form #3
formatted string specifying the date and time in which to start the repeating
event. The repeatRule
parameter is an
iCal Recurrence Rule
formatted string.
Example Never Declaration:
{'type': 'never'}
Example daily event starting at 9am Eastern
{
'type': 'ical',
'start': 'TZID=America/New_York:20190214T090000',
'repeatRule': 'FREQ=DAILY;INTERVAL=1'
}
Example weekly event every Saturday at 8:30pm Eastern
{
'type': 'ical',
'start': 'TZID=America/New_York:20190214T203000',
'repeatRule': 'FREQ=WEEKLY;BYDAY=SA;INTERVAL=1'
}
There are detailed instructions in the RFC documentation on how to construct these recurrence rules. Further there are some packages out there to aid in converting more human-readable text into recurrence rules, such as the recurrent package for example.