Vulnerability Management: New Report Endpoints
Documentation is now available for new report endpoints. The new endpoints enable customers to programmatically generate reports of vulnerabilities affecting their assets. The reports are generated in PDF format. You can use the following templates when generating a report:
- Host Findings Executive Summary Report—An executive summary report that provides operations teams a snapshot of risk based on vulnerable assets.
- Host Findings Vulnerability Details by Plugin—A report that provides a summary of the plugins that detected vulnerabilities on affected assets. Plugins are sorted by severity and the assets are sorted by the Asset Criticality Rating (ACR).
- Host Findings Vulnerability Details by Asset—A summary of the most vulnerable assets.
Note
Tenable Vulnerability Management limits the number of findings that can be included in a single report to 10,000. If you have more than 10,000 findings, Tenable recommends that you narrow the findings included in the report with a filter or generate multiple reports. For more information about supported filters, see Report Export Filters.
The new report endpoints are described in the following table:
Endpoint | Name | Description |
---|---|---|
POST /reports/export | Create report | Creates a report in PDF format based on the specified template and filters. |
GET /reports/export/{report_uuid}/status | Get report status | Returns the status of the specified report export request. |
GET /reports/export/{report_uuid}/download | Download report | Downloads the specified PDF report. |
Additionally, a new filter endpoint is available that enables users to retrieve the list of supported filters when creating a report:
Endpoint | Name | Description |
---|---|---|
GET /filters/reports/export | List report filters | Returns the filters, supported operators, data types, and allowed values for the POST /reports/export endpoint. For more information about the supported filters, see Report Export Filters. |
For more information about supported filters, see Report Export Filters.
Deprecated Workbench Endpoints
The new report endpoints are intended to replace the deprecated workbench endpoints. A mapping of deprecated endpoints to new endpoints is provided in the following table:
Example: Host Findings Executive Summary Report with Filters
To generate a host findings executive summary report containing critical and high severity vulnerabilities found after December 6, 2023, you could use the following cURL request:
curl --request POST \
--url https://cloud.tenable.com/reports/export \
--header 'X-ApiKeys: accessKey=<YOURKEY>;secretKey=<YOURKEY>' \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '
{
"name": "My Summary Report",
"template_name": "host_vulns_summary",
"filters": [
{
"property": "first_found",
"operator": "gte",
"value": 1701824400000
},
{
"property": "severity",
"operator": "eq",
"value": [
"CRITICAL",
"HIGH"
]
}
]
}
'
Example: Host Findings Vulnerability Details by Plugin Report with Filters
To generate a host findings vulnerability details by plugin report for specific plugin IDs and where the source was a Nessus scan, you could use the following cURL request:
curl --request POST \
--url https://cloud.tenable.com/reports/export \
--header 'X-ApiKeys: accessKey=<YOURKEY>;secretKey=<YOURKEY>' \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '
{
"name": "My Plugin Report",
"template_name": "host_vulns_by_plugins",
"filters": [
{
"property": "plugin_id",
"operator": "eq",
"value": [
73491,
73412,
113075
]
},
{
"property": "source",
"operator": "eq",
"value": [
"NESSUS_SCAN"
]
}
]
}
'
Example: Host Findings Vulnerability Details by Asset Report with Filters
To generate a host findings vulnerability details by asset report for assets with specific asset tags, you could use the following cURL request:
curl --request POST \
--url https://cloud.tenable.com/reports/export \
--header 'X-ApiKeys: accessKey=<YOURKEY>;secretKey=<YOURKEY>' \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '
{
"name": "My Asset Report",
"template_name": "host_vulns_by_assets",
"filters": [
{
"property": "asset_tags",
"operator": "eq",
"value": [
{
"key": "OfficeLocation",
"value": [
"Dallas"
]
},
{
"key": "DeviceType",
"value": [
"Laptop"
]
}
]
}
]
}
'