Queries

The following methods allow for interaction into the Tenable Security Center Query API. These items are typically seen under the Workflow -> Query section of Tenable Security Center.

Methods available on sc.queries:

class QueryAPI(api: APISession)[source]
create(name, tool, data_type, *filters, **kw)[source]

Creates a query.

query: create

Parameters:
  • name (str) – The name of the new query

  • tool (str) – The tool to use to query the data.

  • data_type (str) – The type of data to query.

  • *filters (tuple, optional) – The filters to use for the query. Refer to the documentation within the :ref:’tenable.sc.analysis’ for more information on how to construct these.

  • browse_cols (list, optional) – What columns are set to be browsable for the analysis view.

  • browse_sort_col (str, optional) – The browsable column in which to sort on.

  • browse_sort_dir (str, optional) – The direction in which to sort. Valid values are asc and desc.

  • description (str, optional) – The description for the query.

  • limit (int, optional) – The limit to the number of records to return. If nothing is specified, the API defaults to 100 records.

  • offset (int, optional) – The number of records to skip before returning results. If nothing is specified, then the default is 0.

  • owner_id (int, optional) – The identifier stating the owner of the query. If left unspecified, then the default is the current user.

  • sort_direction (str, optional) – The direction in which to sort. Valid values are asc and desc.

  • sort_field (str, optional) – The field in which to sort the results.

  • tags (str, optional) – Tags definition for the query.

Returns:

The newly created query.

Return type:

dict

Examples

>>> query = sc.queries.create('New Query', 'vulndetails', 'vuln',
...     ('pluginID', '=', '19506'))
delete(id)[source]

Removes a query.

query: delete

Parameters:

id (int) – The numeric identifier for the query to remove.

Returns:

An empty response.

Return type:

str

Examples

>>> sc.queries.delete(1)
details(id, fields=None)[source]

Returns the details for a specific query.

query: details

Parameters:
  • id (int) – The identifier for the query.

  • fields (list, optional) – A list of attributes to return.

Returns:

The query resource record.

Return type:

dict

Examples

>>> query = sc.queries.details(1)
>>> pprint(query)
edit(id, *filters, **kw)[source]

Edits a query.

query: edit

Parameters:
  • *filters (tuple, optional) – The filters to use for the query. Refer to the documentation within the :ref:’tenable.sc.analysis’ for more information on how to construct these.

  • browse_cols (str, optional) – What columns are set to be browsable for the analysis view.

  • browse_sort_col (list, optional) – The browsable column in which to sort on.

  • browse_sort_dir (str, optional) – The direction in which to sort. Valid values are asc and desc.

  • description (str, optional) – The description for the query.

  • limit (int, optional) – The limit to the number of records to return. If nothing is specified, the API defaults to 100 records.

  • name (str, optional) – The name of the new query

  • offset (int, optional) – The number of records to skip before returning results. If nothing is specified, then the default is 0.

  • owner_id (int, optional) – The identifier stating the owner of the query. If left unspecified, then the default is the current user.

  • sort_direction (str, optional) – The direction in which to sort. Valid values are asc and desc.

  • sort_field (str, optional) – The field in which to sort the results.

  • tags (str, optional) – Tags definition for the query.

  • tool (str, optional) – The tool to use to query the data.

  • type (str, optional) – The type of data to query.

Returns:

The newly updated query.

Return type:

:obj:` dict`

Examples

>>> query = sc.queries.edit()
list(fields=None)[source]

Retrieves the list of query definitions.

query: list

Parameters:

fields (list, optional) – A list of attributes to return for each query.

Returns:

A list of query resources.

Return type:

list

Examples

>>> for query in sc.queries.list():
...     pprint(query)
share(id, *groups)[source]

Shares the specified query to another user group.

query: share

Parameters:
  • id (int) – The numeric id for the query.

  • *groups (int) – The numeric id of the group(s) to share to.

Returns:

The updated query resource.

Return type:

dict

Examples

>>> sc.queries.share(1, group_1, group_2)
tags()[source]

Retrieves the list of unique tags associated to queries.

query: tags

Returns:

List of tags

Return type:

list

Examples

>>> tags = sc.queries.tags()