Refine Vulnerability Export Requests
Refine the vulnerabilities you export from Tenable Vulnerability Management using the parameters in the request body of the /vulns/export endpoint.
The following request body examples represent commonly used export refinements.
Note
The API uses different terms for vulnerability states than the user interface. The new and active states in the user interface map to the open state in the API. The resurfaced state in the user interface maps to the reopened state in the API. The fixed state is the same.
Request Body Example 1: Since Only
{
"num_assets": 100,
"filters": {
"severity": [
"low",
"medium",
"high",
"critical"
],
"since": 1546300800
}
}
In this example, the request message contains a since
filter specifying Jan 1, 2019, and does not contain a state
filter.
The export includes vulnerabilities that meet the following criteria:
- The
state
attribute in the vulnerability record is open or reopened AND thelast_found
attribute in the vulnerability record is 1/1/19 or later. - The
state
attribute in the vulnerability is fixed AND thelast_fixed
attribute in the vulnerability record is 1/1/19 or later.
Request Body Example 2: Since and State
{
"num_assets": 100,
"filters": {
"severity": [
"low",
"medium",
"high",
"critical"
],
"since": 1546300800,
"state": [
"open",
"reopened",
"fixed"
]
}
}
In this example, the request message includes both the since
and state
filters.
The export includes only vulnerabilities where the state
attribute in the vulnerability record is either open, reopened, or fixed, AND the since
attribute in the vulnerability record is 1/1/19 or later.
Request Body Example 3: Last_fixed and State
{
"num_assets": 100,
"filters": {
"severity": [
"low",
"medium",
"high",
"critical"
],
"last_fixed": 1546300800,
"state": [
"fixed"
]
}
}
In this example, the request message contains both the last_fixed
and state
parameters.
The export includes only vulnerabilities where the state
attribute in the vulnerability record is fixed AND the since
attribute in the vulnerability record is 1/1/19 or later.
Request Body Example 4: Tags
{
"num_assets": 100,
"filters": {
"severity": [
"low",
"medium",
"high",
"critical"
],
"tag.Location": "Headquarters"
}
}
In this example, the export includes only vulnerabilities on assets that you assigned the "Location:Headquarters" tag.
Updated about 2 months ago