Update a Scan

Required User Role: SCAN OPERATOR [24]
Required Scan Permissions: CAN CONFIGURE [64]

You can use the PUT /scans/{scan_id} endpoint to update a scan configuration.

In most cases, the request body for this endpoint is identical in format to the request body for creating a scan. However, there are exceptions where the parameters vary, as described in the following sections.

🛈

Note

If you omit the settings.scanner_id parameter from the update request, Tenable.io assigns the US Cloud Scanner by default. You must include the settings.scanner_id parameter if you don't want to change the scanner for the scan configuration.

Credentials Parameters

The credentials parameters in an update scan request vary based on the action you want Tenable.io to perform. You can:

  • Add both scan-specific and managed credentials to an existing scan. For more information, see Add Credentials to a Scan.
  • Remove both scan-specific and managed credentials from an existing scan. For more information, see Remove Credentials from a Scan.
  • Edit existing scan-specific credentials, as follows:
    1. Use the GET /editor/scan/{scan_id} endpoint to view configuration details for the scan.
    2. Find the object for the credential type. For example, search on "Windows" to locate the Windows credentials.
    3. In the object for that credential type, find the instances array.
    4. In the instances array, note the id value for the object representing the credential you want to edit. For scan-specific credentials, the ID is an integer that uniquely identifies the credential instance (for example, 264).
    5. Use the id value as a parameter in the credentials[].edit object in a PUT /scans/{scan_id} endpoint request. The object format is as follows:
{
  "credentials": {
    "edit": {
      "{id}": {
          "{credential_setting_1}": "{value_1}",
          "{credential_setting_2}": "{value_2}",
          "{credential_setting_3}": "{value_3}"
      }
    }
  }
}

🛈

Note

The credentials[].edit parameter is not supported for use with managed credentials. For more information about editing managed credentials, see Edit a Managed Credential.

Example Assessment Scan: Edit Scan-Specific Windows Credentials

This example request body edits scan-specific Windows credentials for a Malware scan. This example also uses a target group, instead of listing individual targets.

{
  "uuid": "d4838ca1-3a51-4177-9c24-67b6fc0e4ef5a918400c42a035f7",
  "settings": {
    "name": "northern-region-assets",
    "target_groups": [2, 8, 12]
  },
  "credentials": {
    "edit": {
      "1459": {
          "domain": "",
          "username": "[email protected]",
          "auth_method": "Password",
          "password": "aJ^deq34Rc"
      }
    }
  }
}

Did this page help you?