Recast Risks¶
The following methods allow for interaction into the Tenable Security Center Recast Risk API.
Methods available on sc.recast_risks
:
- class RecastRiskAPI(api: APISession)[source]¶
- apply(risk_id, repo)[source]¶
Applies the recast risk rule for either all repositories, or the repository specified.
- Parameters:
- Returns:
Empty string response from the API.
- Return type:
Examples
>>> sc.recast_risks.apply(1)
- create(plugin_id, repos, severity_id, **kwargs)[source]¶
Creates a new recast risk rule. Either ips, uuids, or asset_list must be specified.
- Parameters:
plugin_id (int) – The plugin to apply the recast risk rule to.
repos (list) – The list of repositories to apply this recast risk rule to.
severity_id (int) – The new severity that vulns matching this rule should be recast to. Valid values are:
0
: Info,1
: Low,2
: Medium,3
: High, and4
: Critical.asset_list (int, optional) – The asset list id to apply the recast risk rule to. Please note that
asset_list
,ips
, anduuids
are mutually exclusive.comments (str, optional) – The comment associated to the recast risk rule.
ips (list, optional) – A list of IPs to apply the recast risk rule to. Please note that
asset_list
,ips
, anduuids
are mutually exclusive.port (int, optional) – The port to restrict this recast risk rule to. The default is unrestricted.
protocol (int, optional) – The protocol to restrict the recast risk rule to. The default is unrestricted.
uuids (list, optional) – The agent uuids to apply the recast risk rule to. Please note that
asset_list
,ips
, anduuids
are mutually exclusive.host_uuids (list[str], optional) – The hostUUIDs to apply the accept risk rule to. Please note that
asset_list
,ips
,uuids
, andhost_uuids
are mutually exclusive.
- Returns:
The newly created recast risk rule definition.
- Return type:
Examples
Create a rule to recast 97737 on 2 IPs to informational.
>>> rule = sc.recast_risks.create(97737, [1], 0 ... ips=['192.168.0.101', '192.168.0.102'])
- delete(risk_id)[source]¶
Removes the recast risk rule from Tenable Security Center
- Parameters:
risk_id (int) – The identifier for the recast risk rule.
- Returns:
Empty string response from the API.
- Return type:
Examples
>>> sc.recast_risks.delete(1)
- details(risk_id, fields=None)[source]¶
Retrieves the details of an recast risk rule.
- Parameters:
- Returns:
The recast risk rule details.
- Return type:
Examples
>>> rule = sc.recast_risks.details(1) >>> pprint(rule)
- list(repo_ids=None, plugin_id=None, port=None, org_ids=None, fields=None)[source]¶
Retrieves the list of recasted risk rules.
- Parameters:
fields (list, optional) – A list of attributes to return for each recast risk rule.
plugin_id (int, optional) – Plugin id to filter the response on.
port (int, optional) – Port number to filter the response on.
org_ids (list, optional) – List of organization ids to filter on.
repo_ids (list, optional) – List of repository ids to filter the response on.
- Returns:
A list of recast risk rules.
- Return type:
Examples
>>> for rule in sc.recast_risks.list(): ... pprint(rule)