Queries¶
The following methods allow for interaction into the Tenable Security Center Query API. These items are typically seen under the Workflow -> Query section of Tenable Security Center.
Methods available on sc.queries
:
- class QueryAPI(api: APISession)[source]¶
- create(name, tool, data_type, *filters, **kw)[source]¶
Creates a query.
- Parameters:
name (str) – The name of the new query
tool (str) – The tool to use to query the data.
data_type (str) – The type of data to query.
*filters (tuple, optional) – The filters to use for the query. Refer to the documentation within the :ref:’tenable.sc.analysis’ for more information on how to construct these.
browse_cols (list, optional) – What columns are set to be browsable for the analysis view.
browse_sort_col (str, optional) – The browsable column in which to sort on.
browse_sort_dir (str, optional) – The direction in which to sort. Valid values are
asc
anddesc
.description (str, optional) – The description for the query.
limit (int, optional) – The limit to the number of records to return. If nothing is specified, the API defaults to 100 records.
offset (int, optional) – The number of records to skip before returning results. If nothing is specified, then the default is 0.
owner_id (int, optional) – The identifier stating the owner of the query. If left unspecified, then the default is the current user.
sort_direction (str, optional) – The direction in which to sort. Valid values are
asc
anddesc
.sort_field (str, optional) – The field in which to sort the results.
tags (str, optional) – Tags definition for the query.
- Returns:
The newly created query.
- Return type:
Examples
>>> query = sc.queries.create('New Query', 'vulndetails', 'vuln', ... ('pluginID', '=', '19506'))
- delete(id)[source]¶
Removes a query.
- Parameters:
id (int) – The numeric identifier for the query to remove.
- Returns:
An empty response.
- Return type:
Examples
>>> sc.queries.delete(1)
- details(id, fields=None)[source]¶
Returns the details for a specific query.
- Parameters:
- Returns:
The query resource record.
- Return type:
Examples
>>> query = sc.queries.details(1) >>> pprint(query)
- edit(id, *filters, **kw)[source]¶
Edits a query.
- Parameters:
*filters (tuple, optional) – The filters to use for the query. Refer to the documentation within the :ref:’tenable.sc.analysis’ for more information on how to construct these.
browse_cols (str, optional) – What columns are set to be browsable for the analysis view.
browse_sort_col (list, optional) – The browsable column in which to sort on.
browse_sort_dir (str, optional) – The direction in which to sort. Valid values are
asc
anddesc
.description (str, optional) – The description for the query.
limit (int, optional) – The limit to the number of records to return. If nothing is specified, the API defaults to 100 records.
name (str, optional) – The name of the new query
offset (int, optional) – The number of records to skip before returning results. If nothing is specified, then the default is 0.
owner_id (int, optional) – The identifier stating the owner of the query. If left unspecified, then the default is the current user.
sort_direction (str, optional) – The direction in which to sort. Valid values are
asc
anddesc
.sort_field (str, optional) – The field in which to sort the results.
tags (str, optional) – Tags definition for the query.
tool (str, optional) – The tool to use to query the data.
type (str, optional) – The type of data to query.
- Returns:
The newly updated query.
- Return type:
:obj:` dict`
Examples
>>> query = sc.queries.edit()
- list(fields=None)[source]¶
Retrieves the list of query definitions.
- Parameters:
fields (list, optional) – A list of attributes to return for each query.
- Returns:
A list of query resources.
- Return type:
Examples
>>> for query in sc.queries.list(): ... pprint(query)
- share(id, *groups)[source]¶
Shares the specified query to another user group.
- Parameters:
- Returns:
The updated query resource.
- Return type:
Examples
>>> sc.queries.share(1, group_1, group_2)