Vulnerability Management: New Report Endpoints

Documentation is now available for new report endpoints. The new endpoints enable customers to programmatically generate reports of vulnerabilities affecting their assets. The reports are generated in PDF format. You can use the following templates when generating a report:

Host Findings Executive Summary Report—An executive summary report that provides operations teams a snapshot of risk based on vulnerable assets.
Host Findings Vulnerability Details by Plugin—A report that provides a summary of the plugins that detected vulnerabilities on affected assets. Plugins are sorted by severity and the assets are sorted by the Asset Criticality Rating (ACR).
Host Findings Vulnerability Details by Asset—A summary of the most vulnerable assets.

📘
Note
Tenable Vulnerability Management limits the number of findings that can be included in a single report to 10,000. If you have more than 10,000 findings, Tenable recommends that you narrow the findings included in the report with a filter or generate multiple reports. For more information about supported filters, see Report Export Filters.

The new report endpoints are described in the following table:

Endpoint	Name	Description
POST /reports/export	Create report	Creates a report in PDF format based on the specified template and filters.
GET /reports/export/{report_uuid}/status	Get report status	Returns the status of the specified report export request.
GET /reports/export/{report_uuid}/download	Download report	Downloads the specified PDF report.

Additionally, a new filter endpoint is available that enables users to retrieve the list of supported filters when creating a report:

Endpoint	Name	Description
GET /filters/reports/export	List report filters	Returns the filters, supported operators, data types, and allowed values for the POST /reports/export endpoint. For more information about the supported filters, see Report Export Filters.

For more information about supported filters, see Report Export Filters.

Deprecated Workbench Endpoints

The new report endpoints are intended to replace the deprecated workbench endpoints. A mapping of deprecated endpoints to new endpoints is provided in the following table:

Deprecated Endpoint	Replacement Endpoint
GET /workbenches/export	POST /reports/export
GET /workbenches/export/{file_id}/status	GET /reports/export/{report_uuid}/status
GET workbenches/export/{file_id}/download	GET /reports/export/{report_uuid}/download

Example: Host Findings Executive Summary Report with Filters

To generate a host findings executive summary report containing critical and high severity vulnerabilities found after December 6, 2023, you could use the following cURL request:

curl --request POST \
     --url https://cloud.tenable.com/reports/export \
     --header 'X-ApiKeys: accessKey=<YOURKEY>;secretKey=<YOURKEY>' \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '
{
  "name": "My Summary Report",
  "template_name": "host_vulns_summary",
  "filters": [
    {
      "property": "first_found",
      "operator": "gte",
      "value": 1701824400000
    },
    {
      "property": "severity",
      "operator": "eq",
      "value": [
        "CRITICAL",
        "HIGH"
      ]
    }
  ]
}
'

Example: Host Findings Vulnerability Details by Plugin Report with Filters

To generate a host findings vulnerability details by plugin report for specific plugin IDs and where the source was a Nessus scan, you could use the following cURL request:

curl --request POST \
     --url https://cloud.tenable.com/reports/export \
     --header 'X-ApiKeys: accessKey=<YOURKEY>;secretKey=<YOURKEY>' \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '
{
  "name": "My Plugin Report",
  "template_name": "host_vulns_by_plugins",
  "filters": [
    {
      "property": "plugin_id",
      "operator": "eq",
      "value": [
        73491,
        73412,
        113075
      ]
    },
    {
      "property": "source",
      "operator": "eq",
      "value": [
        "NESSUS_SCAN"
      ]
    }
  ]
}
'

Example: Host Findings Vulnerability Details by Asset Report with Filters

To generate a host findings vulnerability details by asset report for assets with specific asset tags, you could use the following cURL request:

curl --request POST \
     --url https://cloud.tenable.com/reports/export \
     --header 'X-ApiKeys: accessKey=<YOURKEY>;secretKey=<YOURKEY>' \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '
{
  "name": "My Asset Report",
  "template_name": "host_vulns_by_assets",
  "filters": [
    {
      "property": "asset_tags",
      "operator": "eq",
      "value": [
        {
          "key": "OfficeLocation",
          "value": [
            "Dallas"
          ]
        },
        {
          "key": "DeviceType",
          "value": [
            "Laptop"
          ]
        }
      ]
    }
  ]
}
'

📘Note

Deprecated Workbench Endpoints

Example: Host Findings Executive Summary Report with Filters

Example: Host Findings Vulnerability Details by Plugin Report with Filters

Example: Host Findings Vulnerability Details by Asset Report with Filters

📘
Note