Export scan

Exports the a scan in the specified format. Use the Check scan export status endpoint to see the status of the requested export. On receiving a ready status, download the export file using the Download scan export endpoint.

If you request a scan export in the nessus file format, but do not specify filters for the export, Tenable Vulnerability Management truncates the plugins output data in the export file at 5 MB or 5,000,000 characters, and appends TRUNCATED (bracketed by three asterisks) at the end of the output in the export file. You can obtain the full plugins output by exporting a scan in any file format other than nessus or db.

Additionally, scan exports in the db format do not contain the full scan data set, and they are sourced from the scan task prior to the scan being indexed/processed. Scan db exports only contain the data for the hosts specified in the export request with the asset_id body parameter. Agent scan db exports contain only one host (the agent), and you can't export triggered agent scans.

Note: Vulnerability findings with a first_observed date within the last 14 days are marked in the exported results as being in the New state. Vulnerability findings with a first_observed date older than 14 days are marked in the exported results as being in the Active state.

Requires the Scan Operator [24] user role and the Can View [16] scan permission. Alternatively, requires the VM.VM_SCAN.VM_SCAN.EXPORT custom role privilege. See Roles and Permissions.

Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…
Path Params
string
required

The identifier for the scan you want to export. This identifier can be either the scans.schedule_uuid or the scans.id attribute in the response message from the List scans endpoint. Tenable recommends that you use scans.schedule_uuid.

Query Params
int32

The unique identifier of the historical data that you want Tenable Vulnerability Management to export. This identifier corresponds to the history.id attribute of the response message from the Get scan history endpoint.

Note: This parameter is required if the scan export request is for the db format.

Body Params
string
enum
required

The file format to use (nessus, html, pdf, csv, or db).

You can export scans in html or pdf format for up to 60 days and in db format for up to 60 days. For scans that are older than 60 days, only the Nessus and CSV formats are supported.

Unlike other export formats, the nessus file format includes individual open port findings. This ensures you can still view open port findings in Tenable Security Center if your organization integrates Tenable Vulnerability Management with Tenable Security Center.

Note: For db format, the history_id query parameter and the asset_id and password body parameters are required.

Allowed:
password

The password used to encrypt the database. This parameter is only required when exporting as db and is not applicable to any other format.

string

The chapters to include in the export.

This parameter accepts a semi-colon delimited string comprised of some combination of the following options: vuln_hosts_summary, vuln_by_host, compliance_exec, remediations, vuln_by_plugin, compliance.

Note: This parameter is required if the file format is pdf or html. It's not applicable to the nessus, csv, or db formats.

string

The name of the filter to apply to the exported scan report.

You can find available filters by using the List vulnerability filters endpoint. If you specify the name of the filter, you must specify the operator as the filter.0.quality parameter and the value as the filter.0.value parameter. To use multiple filters, increment the <INDEX> portion of filter.<INDEX>.filter, for example, filter.1.filter.

For more information about using this parameter, see Scan Export Filters.

Note: Filters are not supported when exporting scan results that are older than 60 days.

string

The operator of the filter to apply to the exported scan report.

You can find the operators for the filter using the List vulnerability filters endpoint. To use multiple filters, increment the <INDEX> portion of filter.<INDEX>.quality, for example, filter.1.quality.

For more information about using this parameter, see Scan Export Filters.

string

The value of the filter to apply to the exported scan report.

You can find valid values for the filter in the control attribute of the objects returned by the List vulnerability filters endpoint. To use multiple filters, increment the <INDEX> portion of filter.<INDEX>.value, for example, filter.1.value.

For more information about using this parameter, see Scan Export Filters.

string
enum

For multiple filters, specifies whether to use the AND or the OR logical operator. The default is AND. For more information about using this parameter, see Scan Export Filters.

Allowed:
string

The ID of the scanned asset.

Note: This parameter is required for scan export requests in db format.

Headers
string
enum
Defaults to application/json

Generated from available response content types

Allowed:
Responses

400

Returned under the following conditions:

  • Your request message is missing a required parameter.
  • The format parameter in your request specified an unsupported export format for scan results that are older than 60 days. Only nessus and csv formats are supported for scan results that are older than 60 days.
  • Your request included filter query parameters for scan results that are older than 60 days.

403

Returned if you do not have permission to export scans. For more information, see Roles and Permissions.

404

Returned if the specified scan was not be found.

Language
Credentials
Header
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json
text/html