Class: TenableRuby::Client

Inherits:
Object
  • Object
show all
Defined in:
lib/tenable-ruby.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(params = {}) {|@connection| ... } ⇒ Client

initialize object: try to connect to tenable.io Usage:

TenableRuby::Client.new (:credentials => {username: 'user', password: 'password'})
or
TenableRuby::Client.new (:credentials => {access_key: 'XXX', secret_key: 'XXX'})

Yields:

  • (@connection) 


56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
# File 'lib/tenable-ruby.rb', line 56

def initialize(params = {})
  # defaults
  @tenable_url = params.fetch(:url, 'https://cloud.tenable.com')
  @credentials = params.fetch(:credentials)
  @ssl_verify = params.fetch(:ssl_verify, false)
  @ssl_use = params.fetch(:ssl_use, true)
  @autologin = params.fetch(:autologin, true)
  @defsleep = params.fetch(:defsleep, 1)
  @httpretry = params.fetch(:httpretry, 1)
  @httpsleep = params.fetch(:httpsleep, 1)

  init_quick_defaults

  uri = URI.parse(@tenable_url)
  @connection = Net::HTTP.new(uri.host, uri.port)
  @connection.use_ssl = @ssl_use

  if @ssl_verify
    @connection.verify_mode = OpenSSL::SSL::VERIFY_PEER
  else
    @connection.verify_mode = OpenSSL::SSL::VERIFY_NONE
  end

  yield @connection if block_given?
  authenticate if @autologin
end

Instance Attribute Details

#autologinObject

Returns the value of attribute autologin.



29
30
31
 
# File 'lib/tenable-ruby.rb', line 29

def autologin
  @autologin
end

#defsleepObject

Returns the value of attribute defsleep.



29
30
31
 
# File 'lib/tenable-ruby.rb', line 29

def defsleep
  @defsleep
end

#headerObject (readonly)

Returns the value of attribute header.



30
31
32
 
# File 'lib/tenable-ruby.rb', line 30

def header
  @header
end

#httpretryObject

Returns the value of attribute httpretry.



29
30
31
 
# File 'lib/tenable-ruby.rb', line 29

def httpretry
  @httpretry
end

#httpsleepObject

Returns the value of attribute httpsleep.



29
30
31
 
# File 'lib/tenable-ruby.rb', line 29

def httpsleep
  @httpsleep
end

#quick_defaultsObject

Returns the value of attribute quick_defaults.



28
29
30
 
# File 'lib/tenable-ruby.rb', line 28

def quick_defaults
  @quick_defaults
end

#ssl_useObject

Returns the value of attribute ssl_use.



29
30
31
 
# File 'lib/tenable-ruby.rb', line 29

def ssl_use
  @ssl_use
end

#ssl_verifyObject

Returns the value of attribute ssl_verify.



29
30
31
 
# File 'lib/tenable-ruby.rb', line 29

def ssl_verify
  @ssl_verify
end

Instance Method Details

Creates a bulk operation task to unlink agents

Reference developer.tenable.com/reference#bulk-unlink-agents



322
323
324
325
326
327
328
329
330
331
 
# File 'lib/tenable-ruby.rb', line 322

def agent_bulk_unlink(scanner_id, agent_ids)
  http_post(
    :uri => "/scanners/#{scanner_id}/agents/_bulk/unlink",
    :fields => header,
    :body => {
      :items => agent_ids
    }.to_json,
    :ctype => 'application/json',
  )
end

#agent_group_add_agent(scanner_id, group_id, agent_id) ⇒ Object

Adds an agent to the agent group

Reference developer.tenable.com/reference#agent-groups-add-agent



295
296
297
298
299
300
301
302
303
304
305
306
307
308
 
# File 'lib/tenable-ruby.rb', line 295

def agent_group_add_agent(scanner_id, group_id, agent_id)
  payload = {
    :scanner_id => scanner_id,
    :group_id => group_id,
    :agent_id => agent_id,
  }.to_json
  options = {
    :uri => "/scanners/#{scanner_id}/agent-groups/#{group_id}/agents/#{agent_id}",
    :body => payload,
    :fields => header,
    :ctype => 'application/json',
  }
  http_put(options)
end

#agent_group_create(scanner_id, name) ⇒ Object

Creates an agent group on the scanner

Reference developer.tenable.com/reference#agent-groups-create



269
270
271
272
273
274
275
276
277
278
279
280
281
 
# File 'lib/tenable-ruby.rb', line 269

def agent_group_create(scanner_id, name)
  payload = {
    :scanner_id => scanner_id,
    :name => name,
  }.to_json
  options = {
    :uri => "/scanners/#{scanner_id}/agent-groups",
    :body => payload,
    :fields => header,
    :ctype => 'application/json',
  }
  http_post(options)
end

#agent_group_delete(scanner_id, group_id) ⇒ Object

Deletes an agent group on the scanner

Reference developer.tenable.com/reference#agent-groups-delete



287
288
289
 
# File 'lib/tenable-ruby.rb', line 287

def agent_group_delete(scanner_id, group_id)
  http_delete(:uri => "/scanners/#{scanner_id}/agent-groups/#{group_id}", :fields => header)
end

#agent_group_list(scanner_id) ⇒ Object

Returns a list of agent groups for the specified scanner

Reference developer.tenable.com/reference#agent-groups-list



260
261
262
263
 
# File 'lib/tenable-ruby.rb', line 260

def agent_group_list(scanner_id)
  url = "/scanners/#{scanner_id}/agent-groups"
  http_get(:uri => url, :fields => header)
end

#agent_list(params = nil) ⇒ Object

Returns a list of agents for the specified scanner

Reference developer.tenable.com/reference#agents-list



247
248
249
250
251
252
253
254
 
# File 'lib/tenable-ruby.rb', line 247

def agent_list(params=nil)
  url = "/scanners/scanner_list/agents"
  unless params.nil?
    params = params.to_a.map { |x| "#{x[0]}=#{x[1]}" }.join("&")
    url = "#{url}?#{params}"
  end
  http_get(:uri => url, :fields => header)
end

#agent_unlink(scanner_id, agent_id) ⇒ Object

Unlinks an agent

Reference developer.tenable.com/reference#agents-delete



314
315
316
 
# File 'lib/tenable-ruby.rb', line 314

def agent_unlink(scanner_id, agent_id)
  http_delete(:uri => "/scanners/#{scanner_id}/agents/#{agent_id}", :fields => header)
end

#asset_info(asset_uuid) ⇒ Object

Returns details of the specified asset.

Reference: developer.tenable.com/reference#assets-asset-info



337
338
339
 
# File 'lib/tenable-ruby.rb', line 337

def asset_info(asset_uuid)
  http_get(:uri => "/assets/#{asset_uuid}", :fields => header)
end

#authenticateObject

Tries to authenticate to the tenable.io REST JSON interface using username/password or API keys



84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
 
# File 'lib/tenable-ruby.rb', line 84

def authenticate
  if @credentials[:username] and @credentials[:password]
    payload = {
      :username => @credentials[:username],
      :password => @credentials[:password],
      :json => 1,
      :authenticationmethod => true
    }
    response = http_post(:uri => "/session", :data => payload)
    if response['token']
      @token = "token=#{response['token']}"
      @header = {'X-Cookie' => @token}
    else
      raise TenableRuby::Error::AuthenticationError, "Authentication failed. Could not authenticate using
      username/password."
    end
  elsif @credentials[:access_key] and @credentials[:secret_key]
    @header = {'X-ApiKeys' => "accessKey=#{@credentials[:access_key]}; secretKey=#{@credentials[:secret_key]}"}
  else
    raise TenableRuby::Error::AuthenticationError, "Authentication credentials were not provided. You must " \
    "provide either a username and password or an API access key and secret key (these can be generated at " \
    "https://cloud.tenable.com/app.html#/settings/my-account/api-keys."
  end
end

#create_target_group(name, members, acls: nil) ⇒ Object

Creates a new target group for the current user.

Reference: developer.tenable.com/reference#target-groups-create



729
730
731
732
 
# File 'lib/tenable-ruby.rb', line 729

def create_target_group(name, members, acls: nil)
  http_post(:uri => "/target-groups", :fields => header,
    :data => {:name => name, :members => members, :acls => acls})
end

#delete_target_group(group_id) ⇒ Object

Deletes a target group.

Reference: developer.tenable.com/reference#target-groups-delete



763
764
765
 
# File 'lib/tenable-ruby.rb', line 763

def delete_target_group(group_id)
  http_delete(:uri => "/target-groups/#{group_id}", :fields => header)
end

#editor_templates(type, uuid) ⇒ Object

Returns details for the given template

Reference: developer.tenable.com/reference#editor-template-details



223
224
225
 
# File 'lib/tenable-ruby.rb', line 223

def editor_templates (type, uuid)
  http_get(:uri => "/editor/#{type}/templates/#{uuid}", :fields => header)
end

#get_server_propertiesObject

Returns the server version and other properties

Reference: developer.tenable.com/reference#server-properties



113
114
115
 
# File 'lib/tenable-ruby.rb', line 113

def get_server_properties
  http_get(:uri => "/server/properties", :fields => header)
end

#get_target_group(group_id) ⇒ Object

Returns details for the specified target group.

Reference: developer.tenable.com/reference#target-groups-details



746
747
748
 
# File 'lib/tenable-ruby.rb', line 746

def get_target_group(group_id)
  http_get(:uri => "/target-groups/#{group_id}", :fields => header)
end

#host_details(scan_id, host_id, history_id: nil) ⇒ Object

Returns details for the given host

Reference: developer.tenable.com/reference#scans-host-details



436
437
438
439
440
441
442
 
# File 'lib/tenable-ruby.rb', line 436

def host_details(scan_id, host_id, history_id: nil)
  uri = "/scans/#{scan_id}/hosts/#{host_id}"
  unless history_id.nil?
    uri += "?history_id=#{history_id}"
  end
  http_get(:uri => uri, :fields => header)
end

#image_inventory(image_id) ⇒ Object

Returns an inventory of an image by ID.

Reference: developer.tenable.com/reference#container-security-containers-image-inventory



649
650
651
 
# File 'lib/tenable-ruby.rb', line 649

def image_inventory(image_id)
  http_get(:uri => "/container-security/api/v1/container/#{policy_id}/status", :fields => header)
end

#image_status(image_id) ⇒ Object

Returns the status of a job by specifying an image ID to determine if the job is still queued, in progress, or has completed.

Reference: developer.tenable.com/reference#container-security-jobs-job-status-by-image-id



665
666
667
 
# File 'lib/tenable-ruby.rb', line 665

def image_status(image_id)
  http_get(:uri => "/container-security/api/v1/jobs/image_status?image_id=#{image_id}", :fields => header)
end

#image_status_digest(image_digest) ⇒ Object

Returns the status of a job by specifying an image digest to determine if the job is still queued, in progress, or has completed.

Reference: developer.tenable.com/reference#container-security-jobs-job-status-by-image-digest



673
674
675
 
# File 'lib/tenable-ruby.rb', line 673

def image_status_digest(image_digest)
  http_get(:uri => "/container-security/api/v1/jobs/image_status_digest?image_digest=#{image_digest}", :fields => header)
end

#init_quick_defaultsObject

initialize quick scan defaults: these will be used when not specifying defaults

Usage:

n.init_quick_defaults()



41
42
43
44
45
46
47
 
# File 'lib/tenable-ruby.rb', line 41

def init_quick_defaults
  @quick_defaults = Hash.new
  @quick_defaults['enabled'] = false
  @quick_defaults['launch'] = 'ONETIME'
  @quick_defaults['launch_now'] = true
  @quick_defaults['description'] = 'Created with tenable-ruby https//gitlab.com/intruder/tenable-ruby'
end

#job_status(job_id) ⇒ Object

Returns the status of a job that you specify by ID to determine if the job is still queued, in progress, or has completed.

Reference: developer.tenable.com/reference#container-security-jobs-job-status



657
658
659
 
# File 'lib/tenable-ruby.rb', line 657

def job_status(job_id)
  http_get(:uri => "/container-security/api/v1/jobs/status?job_id=#{job_id}", :fields => header)
end

#list_containersObject

Returns a list of all containers.

Reference: developer.tenable.com/reference#container-security-containers-list-containers



641
642
643
 
# File 'lib/tenable-ruby.rb', line 641

def list_containers()
  http_get(:uri => "/container-security/api/v1/container/list", :fields => header)
end

#list_familiesObject

Returns the list of plugin families

Reference: developer.tenable.com/reference#plugins-families



199
200
201
 
# File 'lib/tenable-ruby.rb', line 199

def list_families
  http_get(:uri => "/plugins/families", :fields => header)
end

#list_foldersObject

Returns the current user’s scan folders

Reference: # developer.tenable.com/reference#folders-list



183
184
185
 
# File 'lib/tenable-ruby.rb', line 183

def list_folders
  http_get(:uri => "/folders", :fields => header)
end

#list_jobsObject

Returns a list of active Container Security jobs

Reference: developer.tenable.com/reference#container-security-jobs-list-jobs



681
682
683
 
# File 'lib/tenable-ruby.rb', line 681

def list_jobs()
  http_get(:uri => "/container-security/api/v1/jobs/list", :fields => header)
end

#list_plugins(family_id) ⇒ Object

Returns the list of plugins in a family

Reference: developer.tenable.com/reference#plugins-family-details



207
208
209
 
# File 'lib/tenable-ruby.rb', line 207

def list_plugins(family_id)
  http_get(:uri => "/plugins/families/#{family_id}", :fields => header)
end

#list_policiesObject

Returns the policy list

Reference: developer.tenable.com/reference#policies-list



167
168
169
 
# File 'lib/tenable-ruby.rb', line 167

def list_policies
  http_get(:uri => "/policies", :fields => header)
end

#list_scannersObject

Returns the scanner list

Reference: developer.tenable.com/reference#scanners-list



191
192
193
 
# File 'lib/tenable-ruby.rb', line 191

def list_scanners
  http_get(:uri => "/scanners", :fields => header)
end

#list_target_groupsObject

Returns the current target groups.

Reference: developer.tenable.com/reference#target-groups-list



738
739
740
 
# File 'lib/tenable-ruby.rb', line 738

def list_target_groups
  http_get(:uri => "/target-groups", :fields => header)
end

#list_templates(type) ⇒ Object

Returns the template list

Reference: developer.tenable.com/reference#editor-list-templates



215
216
217
 
# File 'lib/tenable-ruby.rb', line 215

def list_templates(type)
  http_get(:uri => "/editor/#{type}/templates", :fields => header)
end

#list_usersObject

Returns the user list

Reference: developer.tenable.com/reference#users-list



175
176
177
 
# File 'lib/tenable-ruby.rb', line 175

def list_users
  http_get(:uri => "/users", :fields => header)
end

#plugin_details(plugin_id) ⇒ Object

Returns details for a given plugin

Reference: developer.tenable.com/reference#plugins-plugin-details



231
232
233
 
# File 'lib/tenable-ruby.rb', line 231

def plugin_details(plugin_id)
  http_get(:uri => "/plugins/plugin/#{plugin_id}", :fields => header)
end

#policy_compliance_by_id(image_id) ⇒ Object

Checks the compliance of an image that you specify by ID against your policies.

Reference: developer.tenable.com/reference#container-security-policy-policy-compliance-by-id



689
690
691
 
# File 'lib/tenable-ruby.rb', line 689

def policy_compliance_by_id(image_id)
  http_get(:uri => "/container-security/api/v1/policycompliance?image_id=#{image_id}", :fields => header)
end

#policy_compliance_by_name(image) ⇒ Object

Checks the compliance of an image that you specify by name against your policies.

Reference: developer.tenable.com/reference#container-security-policy-policy-compliance-by-name



697
698
699
 
# File 'lib/tenable-ruby.rb', line 697

def policy_compliance_by_name(image)
  http_get(:uri => "/container-security/api/v1/compliancebyname?image=#{image}", :fields => header)
end

#policy_configure(policy_id, template_id, plugins, settings) ⇒ Object

Changes the parameters of a policy

Reference: developer.tenable.com/reference#policies-configure



506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
 
# File 'lib/tenable-ruby.rb', line 506

def policy_configure(policy_id, template_id, plugins, settings)
  options = {
    :uri => "/policies/#{policy_id}",
    :fields => header,
    :ctype => 'application/json',
    :body => {
      :uuid => template_id,
      :audits => {},
      :credentials => {delete: []},
      :plugins => plugins,
      :settings => settings
    }.to_json
  }
  http_put(options)
end

#policy_copy(policy_id) ⇒ Object

Copy a policy

Reference: developer.tenable.com/reference#policies-copy



493
494
495
496
497
498
499
500
 
# File 'lib/tenable-ruby.rb', line 493

def policy_copy(policy_id)
  options = {
    :uri => "/policies/#{policy_id}/copy",
    :fields => header,
    :ctype => 'application/json'
  }
  http_post(options)
end

#policy_create(template_id, plugins, settings) ⇒ Object

Creates a policy

Reference: developer.tenable.com/reference#policies-create



473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
 
# File 'lib/tenable-ruby.rb', line 473

def policy_create(template_id, plugins, settings)
  options = {
    :uri => "/policies/",
    :fields => header,
    :ctype => 'application/json',
    :body => {
      :uuid => template_id,
      :audits => {},
      :credentials => {delete: []},
      :plugins => plugins,
      :settings => settings
    }.to_json
  }
  http_post(options)
end

#policy_delete(policy_id) ⇒ Object

Delete a policy

Reference: developer.tenable.com/reference#policies-delete



526
527
528
529
 
# File 'lib/tenable-ruby.rb', line 526

def policy_delete(policy_id)
  response = http_delete(:uri => "/policies/#{policy_id}", :fields => header)
  response.code
end

#policy_details(policy_id) ⇒ Object

Returns details for the given policy

Reference: developer.tenable.com/reference#policies-details



465
466
467
 
# File 'lib/tenable-ruby.rb', line 465

def policy_details(policy_id)
  http_get(:uri => "/policies/#{policy_id}", :fields => header)
end

#report_by_container_id(container_id) ⇒ Object

Returns a report in JSON format for a container that you specify by ID. Note: If you do not have the container_id, you can call the list-containers endpoint.

Reference: developer.tenable.com/reference#container-security-reports-report-by-container-id



705
706
707
 
# File 'lib/tenable-ruby.rb', line 705

def report_by_container_id(container_id)
  http_get(:uri => "/container-security/api/v1/reports/show?container_id=#{container_id}", :fields => header)
end

#report_by_image_digest(image_digest) ⇒ Object

Returns a report in JSON format for an image digest.

Reference: developer.tenable.com/reference#container-security-reports-report-by-image-digest



721
722
723
 
# File 'lib/tenable-ruby.rb', line 721

def report_by_image_digest(image_digest)
  http_get(:uri => "/container-security/api/v1/reports/by_image_digest?image_digest=#{image_digest}", :fields => header)
end

#report_by_image_id(image_id) ⇒ Object

Returns a report in JSON format for an image that you specify by ID. Note: If you do not have the image_id, you can call the list-images endpoint.

Reference: developer.tenable.com/reference#container-security-reports-report-by-image-id



713
714
715
 
# File 'lib/tenable-ruby.rb', line 713

def report_by_image_id(image_id)
  http_get(:uri => "/container-security/api/v1/reports/by_image?image_id=#{image_id}", :fields => header)
end

#report_download(scan_id, file_id) ⇒ Object

Download an exported scan

Reference: developer.tenable.com/reference#scans-export-download



457
458
459
 
# File 'lib/tenable-ruby.rb', line 457

def report_download(scan_id, file_id)
  http_get(:uri => "/scans/#{scan_id}/export/#{file_id}/download", :raw_content => true, :fields => header)
end

#report_download_file(scan_id, format, output_file_name) ⇒ Object

use download scan API call to save a report as file



630
631
632
633
634
635
 
# File 'lib/tenable-ruby.rb', line 630

def report_download_file(scan_id, format, output_file_name)
  report_content = report_download_quick(scan_id, format)
  File.open(output_file_name, 'w') do |f|
    f.write(report_content)
  end
end

#report_download_quick(scan_id, format) ⇒ Object

use download scan API call to download a report in raw format



617
618
619
620
621
622
623
624
625
626
627
 
# File 'lib/tenable-ruby.rb', line 617

def report_download_quick(scan_id, format)
  export_details = scan_export(scan_id, format)
  # ready, loading
  while (export_status = scan_export_status(scan_id, export_details['file'])['status']) != "ready" do
    if export_status.nil? or export_status == '' or export_status == "error"
      raise TenableRuby::Error::TenableError, "Tenable.io returned an error while exporting the scan"
    end
    sleep @defsleep
  end
  report_download(scan_id, export_details['file'])
end

#scan_create(uuid, settings) ⇒ Object

Creates a scan

Reference: developer.tenable.com/reference#scans-create



345
346
347
348
349
350
351
352
 
# File 'lib/tenable-ruby.rb', line 345

def scan_create(uuid, settings)
  payload = {
    :uuid => uuid,
    :settings => settings,
    :json => 1
  }.to_json
  http_post(:uri => "/scans", :body => payload, :fields => header, :ctype => 'application/json')
end

#scan_delete(scan_id) ⇒ Object

Deletes a scan. NOTE: Scans in running, paused or stopping states can not be deleted.

Reference: developer.tenable.com/reference#scans-delete



428
429
430
 
# File 'lib/tenable-ruby.rb', line 428

def scan_delete(scan_id)
  http_delete(:uri => "/scans/#{scan_id}", :fields => header)
end

#scan_details(scan_id) ⇒ Object

Returns details for the given scan

Reference: developer.tenable.com/reference#scans-details



374
375
376
 
# File 'lib/tenable-ruby.rb', line 374

def scan_details(scan_id)
  http_get(:uri => "/scans/#{scan_id}", :fields => header)
end

#scan_export(scan_id, format) ⇒ Object

Export the given scan. Once requested, the file can be downloaded using the export download method upon receiving a “ready” status from the export status method.

Reference: developer.tenable.com/reference#scans-export-request



407
408
409
410
411
412
 
# File 'lib/tenable-ruby.rb', line 407

def scan_export(scan_id, format)
  payload = {
    :format => format
  }.to_json
  http_post(:uri => "/scans/#{scan_id}/export", :body => payload, :ctype => 'application/json', :fields => header)
end

#scan_export_status(scan_id, file_id) ⇒ Object

Check the file status of an exported scan. When an export has been requested, it is necessary to poll this endpoint until a “ready” status is returned, at which point the file is complete and can be downloaded using the export download endpoint.

Reference: developer.tenable.com/reference#scans-export-status



420
421
422
 
# File 'lib/tenable-ruby.rb', line 420

def scan_export_status(scan_id, file_id)
  http_get(:uri => "/scans/#{scan_id}/export/#{file_id}/status", :fields => header)
end

#scan_finished?(scan_id) ⇒ Boolean

Parse the scan status command to determine if a scan has finished

Returns:

  • (Boolean) 


607
608
609
610
611
612
613
614
 
# File 'lib/tenable-ruby.rb', line 607

def scan_finished?(scan_id)
  status = scan_status(scan_id)
  if status == 'completed' or status == 'canceled' or status == 'imported'
    true
  else
    false
  end
end

#scan_launch(scan_id) ⇒ Object

Launches a scan

Reference: developer.tenable.com/reference#scans-launch



358
359
360
 
# File 'lib/tenable-ruby.rb', line 358

def scan_launch(scan_id)
  http_post(:uri => "/scans/#{scan_id}/launch", :fields => header)
end

#scan_listObject

Get List of Scans

Reference: developer.tenable.com/reference#scans-list



366
367
368
 
# File 'lib/tenable-ruby.rb', line 366

def scan_list
  http_get(:uri => "/scans", :fields => header)
end

#scan_pause(scan_id) ⇒ Object

Pauses a scan

Reference: developer.tenable.com/reference#scans-pause



382
383
384
 
# File 'lib/tenable-ruby.rb', line 382

def scan_pause(scan_id)
  http_post(:uri => "/scans/#{scan_id}/pause", :fields => header)
end

#scan_quick_policy(policyname, name, opts = {}, scan_folder = nil, scanner_id = nil) ⇒ Object

Performs scan with scan policy provided (uuid of policy or policy name). Name is your scan name and opts is your scan configuration hash (scan_folder is optional - folder where to save the scan (if that folder exists)) (scanner_id is optional - ID of the scanner/cloud scanner you want to run this scan on)

returns: JSON parsed object with scan info



556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
 
# File 'lib/tenable-ruby.rb', line 556

def scan_quick_policy(policyname, name, opts = {}, scan_folder = nil, scanner_id = nil)
  policies = list_policies['policies']
  if policies.nil?
    raise TenableRuby::Error::TenableError, "Tenable API request 'list_policies' responded with 'nil'"
  end
  selected_policies = policies.select do |pol|
    pol['id'] == policyname or pol['name'] == policyname
  end
  if selected_policies.size == 0
    raise TenableRuby::Error::TenableError, "Policy #{policyname} does not exist in this Tenable account"
  end
  policy = selected_policies.first
  template_uuid = policy['template_uuid']
  settings = Hash.new
  settings.merge!(@quick_defaults)
  settings.merge!(opts)
  settings['name'] = name
  settings['policy_id'] = policy['id']
  if scan_folder.is_a?(Integer)
    settings['folder_id'] = scan_folder
  elsif scan_folder.is_a?(String)
    folders = list_folders['folders']
    if folders.nil?
      raise TenableRuby::Error::TenableError, "Tenable API request 'list_folders' responded with 'nil'"
    end
    selected_folder = folders.find { |f| f['name'] == scan_folder }
    if selected_folder
      settings['folder_id'] = selected_folder['id']
    else
      raise TenableRuby::Error::TenableError, "Could not find folder with name #{scan_folder}"
    end
  end
  unless scanner_id.nil?
    settings['scanner_id'] = scanner_id
  end
  scan_create(template_uuid, settings)
end

#scan_quick_template(templatename, name, targets) ⇒ Object

Performs scan with templatename provided (name, title or uuid of scan). Name is your scan name and targets are targets for scan

returns: JSON parsed object with scan info



535
536
537
538
539
540
541
542
543
544
545
546
547
548
 
# File 'lib/tenable-ruby.rb', line 535

def scan_quick_template(templatename, name, targets)
  templates = list_templates('scan')['templates'].select do |temp|
    temp['uuid'] == templatename or temp['name'] == templatename or temp['title'] == templatename
  end
  if templates.nil?
    return nil
  end
  template_uuid = templates.first['uuid']
  settings = editor_templates('scan', template_uuid)
  settings.merge!(@quick_defaults)
  settings['name'] = name
  settings['text_targets'] = targets
  scan_create(template_uuid, settings)
end

#scan_resume(scan_id) ⇒ Object

Resumes a scan

Reference: developer.tenable.com/reference#scans-resume



390
391
392
 
# File 'lib/tenable-ruby.rb', line 390

def scan_resume(scan_id)
  http_post(:uri => "/scans/#{scan_id}/resume", :fields => header)
end

#scan_status(scan_id) ⇒ Object

Returns the latest status for a scan.

Reference: developer.tenable.com/reference#scans-get-latest-status



597
598
599
600
601
602
603
604
 
# File 'lib/tenable-ruby.rb', line 597

def scan_status(scan_id)
  response = http_get(:uri => "/scans/#{scan_id}/latest-status", :fields => header)
  if response.is_a?(Hash) and response.has_key?('status')
    response['status']
  else
    raise TenableRuby::Error::TenableError, "Tenable.io did not return a valid status response"
  end
end

#scan_stop(scan_id) ⇒ Object

Stops a scan

Reference: developer.tenable.com/reference#scans-stop



398
399
400
 
# File 'lib/tenable-ruby.rb', line 398

def scan_stop(scan_id)
  http_post(:uri => "/scans/#{scan_id}/stop", :fields => header)
end

#scans_plugin_output(scan_id, host_id, plugin_id) ⇒ Object

Returns the output for a specified plugin.

Reference: developer.tenable.com/reference#scans-plugin-output



448
449
450
451
 
# File 'lib/tenable-ruby.rb', line 448

def scans_plugin_output(scan_id, host_id, plugin_id)
  uri = "/scans/#{scan_id}/hosts/#{host_id}/plugins/#{plugin_id}"
  http_get(:uri => uri, :fields => header)
end

#server_statusObject

Returns the server status

Reference: developer.tenable.com/reference#server-status



239
240
241
 
# File 'lib/tenable-ruby.rb', line 239

def server_status
  http_get(:uri => "/server/status", :fields => header)
end

#update_target_group(group_id, name, members, acls: nil) ⇒ Object

Updates a target group.

Reference: developer.tenable.com/reference#target-groups-edit



754
755
756
757
 
# File 'lib/tenable-ruby.rb', line 754

def update_target_group(group_id, name, members, acls: nil)
  http_put(:uri => "/target-groups/#{group_id}", :fields => header,
    :data => {:name => name, :members => members, :acls => acls})
end

#user_add(username, password, permissions, type) ⇒ Object

Creates a new user

Reference: developer.tenable.com/reference#users-create



121
122
123
124
125
126
127
128
129
130
 
# File 'lib/tenable-ruby.rb', line 121

def user_add(username, password, permissions, type)
  payload = {
    :username => username,
    :password => password,
    :permissions => permissions,
    :type => type,
    :json => 1
  }
  http_post(:uri => "/users", :fields => header, :data => payload)
end

#user_chpasswd(user_id, password) ⇒ Object

Changes the password for the given user

Reference: developer.tenable.com/reference#users-password



145
146
147
148
149
150
151
152
 
# File 'lib/tenable-ruby.rb', line 145

def user_chpasswd(user_id, password)
  payload = {
    :password => password,
    :json => 1
  }
  response = http_put(:uri => "/users/#{user_id}/chpasswd", :data => payload, :fields => header)
  response.code
end

#user_delete(user_id) ⇒ Object

Deletes a user

Reference: developer.tenable.com/reference#users-delete



136
137
138
139
 
# File 'lib/tenable-ruby.rb', line 136

def user_delete(user_id)
  response = http_delete(:uri => "/users/#{user_id}", :fields => header)
  response.code
end

#user_logoutObject

Logs the current user out and destroys the session

Reference: developer.tenable.com/reference#session-destroy



158
159
160
161
 
# File 'lib/tenable-ruby.rb', line 158

def user_logout
  response = http_delete(:uri => "/session", :fields => header)
  response.code
end