Refine Vulnerability Export Requests

Refine the vulnerabilities you export from Tenable.io using the parameters in the request body of the /vulns/export endpoint.

The request body examples below represent commonly used export refinements.

Request Body Example 1: Since Only

{
  "num_assets": 100,
  "filters": {
    "severity": [
      "low",
      "medium",
      "high",
      "critical"
      ],
    "since": 1546300800
  }
}

In this example, the request message contains a since filter specifying Jan 1, 2019, and does not contain a state filter.

The export includes vulnerabilities that meet the following criteria:

  • The state attribute in the vulnerability record is open or reopened AND the last_found attribute in the vulnerability record is 1/1/19 or later.
  • The state attribute in the vulnerability is fixed AND the last_fixed attribute in the vulnerability record is 1/1/19 or later.

Request Body Example 2: Since and State

{
  "num_assets": 100,
  "filters": {
    "severity": [
      "low",
      "medium",
      "high",
      "critical"
      ],
    "since": 1546300800,
    "state": [
      "open",
      "reopened",
      "fixed"
    ]
  }
}

In this example, the request message includes both the since and state filters.

The export includes only vulnerabilities where the state attribute in the vulnerability record is either open, reopened, or fixed, AND the since attribute in the vulnerability record is 1/1/19 or later.

Request Body Example 3: Last_fixed and State

{
  "num_assets": 100,
  "filters": {
    "severity": [
      "low",
      "medium",
      "high",
      "critical"
      ],
    "last_fixed": 1546300800,
    "state": [
      "fixed"
    ]
  }
}

In this example, the request message contains both the last_fixed and state parameters.

The export includes only vulnerabilities where the state attribute in the vulnerability record is fixed AND the since attribute in the vulnerability record is 1/1/19 or later.

Request Body Example 4: Tags

{
  "num_assets": 100,
  "filters": {
    "severity": [
      "low",
      "medium",
      "high",
      "critical"
      ],
    "tag.Location": "Headquarters"
  }
}

In this example, the export includes only vulnerabilities on assets that you assigned the "Location:Headquarters" tag.


Did this page help you?