The asset export APIs provide the ability to retrieve all assets and related metadata from Tenable.io for integration into third-party systems. With these APIs, you can perform a large initial synchronization of Tenable.io with a third-party system. You can then retrieve differentials to update on a regular basis. For example, you can use the asset export APIs to retrieve all known assets, then use the data to create and regularly update your configuration management database (CMDB).
To retrieve asset data using the Tenable.io API, Tenable recommends the following approach:
- Review the guidelines and limitations for asset exports.
- Generate the export file, based on the guidelines and limitations.
- Query for the export generation status and chunk identification information.
- Download completed export chunks.
- (Optional) Retrieve agent data related to the assets.
Agent data is only relevant if the has_agent parameter is set to
truefor assets in the export chunk.
You can also:
|First Export||The first time you generate an export file, you can export all current data by omitting all filter parameters, or you can export a subset of the data using filter parameters to limit by date or other attributes.|
|Ongoing Exports||Every time you export after the first time, Tenable recommends that you specify parameters for a differential export, with the filter parameters set to the time you last exported data from Tenable.io. For example, you can use the |
|Chunk Size||Tenable.io exports asset data in data chunks. Configure the |
|Additional Refinements||See Refine Asset Export Requests.|
|Chunk Order||Tenable.io processes export chunks in parallel, so chunk IDs may not be arranged sequentially in the completed output.|
|Synchronize Asset Exports||To synchronize multiple exports of asset data, use the |
To synchronize asset export data with vulnerability export data, match the
|Deleted or Terminated Assets||As assets are deleted or terminated in Tenable.io, you can identify those assets and related vulnerabilities using the |
Tenable recommends that you periodically run two asset export queries—(1) a query where
|Chunks Expiration||You can download completed export chunks for 24 hours after completion. At that point, the chunks expire, and you must re-submit the export request.|
|Concurrency Limiting||There are maximum limits for concurrent asset export requests per container. For more information, see Concurrency Limits.|
|Duplicate Requests||Tenable.io prevents duplicate requests. If the export request status is |
|Duplicate Export Filters||If you submit an asset export request with filters that are identical to a previously submitted asset export request then the old export is canceled and a new export is submitted.|
Updated about 1 year ago