Policies¶
The following methods allow for interaction into the Tenable Security Center Scan Policies API. These items are typically seen under the Scan Policies section of Tenable Security Center.
Methods available on sc.policies
:
- class ScanPolicyAPI(api: APISession)[source]¶
- copy(id, name=None)[source]¶
Clones the specified scan policy
- Parameters:
- Returns:
The scan policy resource record for the newly created policy.
- Return type:
Examples
>>> policy = sc.policies.copy(10001) >>> pprint(policy)
- create(**kw)[source]¶
Creates a new scan policy
- Parameters:
name (str) – The Name of the new scan policy
audit_files (list, optional) – A list of audit files (by integer id) to be used for the scan policy.
description (str, optional) – An optional description for the policy
preferences (dict, optional) – A dictionary of settings that override the defaults within a policy template.
profile_name (str, optional) – The profile of the scan. Default is an empty string.
owner_id (int, optional) – Define who shall own the policy by that user’s integer identifier
tags (str, optional) – An optional tag identifier for the policy
template_id (int, optional) – The identifier of the policy template to use. If none is specified, the default id for the “Advanced Policy” will be used.
xccdf (bool, optional) – Should XCCDF results be generated? The default is False.
- Returns:
The created scan policy resource.
- Return type:
Examples
An example advanced policy with all of the default preferences.
>>> sc.policies.create( ... name='Example Advanced Policy')
An example policy where we want to modify
- delete(id)[source]¶
Removes a configured scan policy.
- Parameters:
id (int) – The unique identifier for the policy to remove.
- Returns:
The empty response from the API.
- Return type:
Examples
>>> sc.policies.delete(10001)
- details(id, fields=None)[source]¶
Retrieves the details for a specified policy.
- Parameters:
- Returns:
Details about the scan policy template
- Return type:
Examples
>>> policy = sc.policies.details(2) >>> pprint(policy)
- edit(id, **kw)[source]¶
Edits an existing scan policy
- Parameters:
id (int) – The unique identifier to the scan policy to edit
audit_files (list, optional) – A list of audit files (by integer id) to be used for the scan policy.
description (str, optional) – An optional description for the policy
name (str, optional) – The Name of the new scan policy
preferences (dict, optional) – A dictionary of settings that override the defaults within a policy template.
profile_name (str, optional) – The profile of the scan. Default is an empty string.
remove_prefs (list, optional) – A list of preferences to remove from the policy.
owner_id (int, optional) – Define who shall own the policy by that user’s integer identifier
tags (str, optional) – An optional tag identifier for the policy
template_id (int, optional) – The identifier of the policy template to use. If none is specified, the default id for the “Advanced Policy” will be used.
xccdf (bool, optional) – Should XCCDF results be generated? The default is False.
- Returns:
The updated scan policy resource.
- Return type:
Examples
An example advanced policy with all of the default preferences.
>>> sc.policies.edit(10001, ... name='Updated Example Advanced Policy')
To remove a preference, you would perform the following:
>>> sc.policies.edit(10001, ... remove_prefs=['scan_malware'])
- export_policy(id, fobj=None)[source]¶
Export the specified scan policy
- Parameters:
id (int) – The unique identifier for the scan policy to export.
fobj (FileObject, optional) – The file-like object to write the resulting file into. If no file-like object is provided, a BytesIO objects with the downloaded file will be returned. Be aware that the default option of using a BytesIO object means that the file will be stored in memory, and it’s generally recommended to pass an actual file-object to write to instead.
- Returns:
The file-like object with the resulting export.
- Return type:
FileObject
Examples
>>> with open('example_policy.xml', 'wb') as fobj: ... sc.policies.export_policy(1001, fobj)
- import_policy(name, fobj, description=None, tags=None)[source]¶
Imports a scan policy into Tenable Security Center
- Parameters:
- Returns:
An empty response from the API.
- Return type:
Examples
>>> with open('example_policy.xml', 'rb') as fobj: ... sc.policies.import_policy('Example Policy', fobj)
- list(fields=None)[source]¶
Retrieved the list of Scan policies configured.
- Parameters:
fields (list, optional) – The list of fields that are desired to be returned. For details on what fields are available, please refer to the details on the request within the policy list API doc.
- Returns:
usable & manageable scan policies.
- Return type:
Examples
>>> policies = sc.policies.list() >>> for policy in policies['manageable']: ... pprint(policy)
- share(id, *groups)[source]¶
Shares the policy with other user groups.
- Parameters:
- Returns:
The updated scan policy resource.
- Return type:
Examples
Share the scan policy with groups 1, 2, and 3:
>>> sc.policies.share(10001, 1, 2, 3)
- tags()[source]¶
Returns the list of unique tags associated to scan policies.
- Returns:
The list of unique tags
- Return type:
Examples
>>> tags = sc.policies.tags() >>> pprint(tags)
- template_details(id, fields=None, remove_editor=True)[source]¶
Retrieves the details for a specified policy template.
- Parameters:
id (int) – The unique identifier for the policy template
fields (list, optional) – The list of fields that are desired to be returned. For details on what fields are available, please refer to the details on the request within the policy template details API doc.
remove_editor (bol, optional) – Should the response have the raw editor string removed? The default is yes.
- Returns:
Details about the scan policy template
- Return type:
Examples
>>> template = sc.policies.template_details(2) >>> pprint(template)
- template_list(fields=None)[source]¶
Retrieved the list of scan policy templates.
- Parameters:
fields (list, optional) – The list of fields that are desired to be returned. For details on what fields are available, please refer to the details on the request within the policy template list API doc.
- Returns:
List of available policy templates
- Return type:
Examples
>>> templates = sc.policies.template_list() >>> for policy in templates: ... pprint(policy)