Report Export Filters
The POST /reports/export endpoint accepts a set of filters to apply to the reports you want to generate. Filters can be used to narrow the vulnerabilities or assets included in the report.
You can use the GET /filters/reports/export endpoint to retrieve the list of valid filters, their supported comparison operators, data types, and allowed values. Alternatively, you can refer to the following tables and examples:
Supported Filters
Filters that can be used in the property
field of the report export endpoint are listed in the following table along with their data type and supported comparison operators:
Filters | Operators | Data Type |
---|---|---|
asset_id | eq, neq | array of strings |
asset_name | eq, neq, wc | array of strings |
asset_tags | eq, neq | array of objects |
cidr_range | eq, neq | array of strings |
first_found | gte | int64 |
indexed_at | gte | int64 |
last_fixed | gte | int64 |
last_found | gte | int64 |
plugin_id | eq, neq | array of integers |
severity | eq, neq | array of strings |
severity_modification_type | eq, neq | array of strings |
source | eq, neq | array of strings |
state | eq, neq | array of strings |
vpr_score | eq, neq, gt, gte, lt, lte |
|
Filter Values
Some filers require a specific set of supported values. These filters and their supported values are listed in the following table:
Filters | Supported Values |
---|---|
asset_tags | Asset tags are defined as an object with key and value properties where key corresponds to the tag category and value corresponds to the tag value. See the example. |
first_found | Dates must be specified in Unix 13-digit time format (milliseconds). |
indexed_at | Dates must be specified in Unix 13-digit time format (milliseconds). |
last_fixed | Dates must be specified in Unix 13-digit time format (milliseconds). |
last_found | Dates must be specified in Unix 13-digit time format (milliseconds). |
severity |
|
severity_modification_type |
|
source |
|
state |
|
Examples
Refer to the following examples for various use cases of the report export filters.
Host Findings Executive Summary Report with Filters
To generate a host findings executive summary report containing critical and high severity vulnerabilities found after December 6, 2023, you could use the following cURL request:
curl --request POST \
--url https://cloud.tenable.com/reports/export \
--header 'X-ApiKeys: accessKey=<YOURKEY>;secretKey=<YOURKEY>' \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '
{
"name": "My Summary Report",
"template_name": "host_vulns_summary",
"filters": [
{
"property": "first_found",
"operator": "gte",
"value": 1701824400000
},
{
"property": "severity",
"operator": "eq",
"value": [
"CRITICAL",
"HIGH"
]
}
]
}
'
Host Findings Vulnerability Details by Plugin Report with Filters
To generate a host findings vulnerability details by plugin report for specific plugin IDs and where the source was a Nessus scan, you could use the following cURL request:
curl --request POST \
--url https://cloud.tenable.com/reports/export \
--header 'X-ApiKeys: accessKey=<YOURKEY>;secretKey=<YOURKEY>' \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '
{
"name": "My Plugin Report",
"template_name": "host_vulns_by_plugins",
"filters": [
{
"property": "plugin_id",
"operator": "eq",
"value": [
73491,
73412,
113075
]
},
{
"property": "source",
"operator": "eq",
"value": [
"NESSUS_SCAN"
]
}
]
}
'
Host Findings Vulnerability Details by Asset Report with Filters
To generate a host findings vulnerability details by asset report for assets with specific asset tags, you could use the following cURL request:
curl --request POST \
--url https://cloud.tenable.com/reports/export \
--header 'X-ApiKeys: accessKey=<YOURKEY>;secretKey=<YOURKEY>' \
--header 'accept: application/json' \
--header 'content-type: application/json' \
--data '
{
"name": "My Asset Report",
"template_name": "host_vulns_by_assets",
"filters": [
{
"property": "asset_tags",
"operator": "eq",
"value": [
{
"key": "OfficeLocation",
"value": [
"Dallas"
]
},
{
"key": "DeviceType",
"value": [
"Laptop"
]
}
]
}
]
}
'
Updated 5 days ago