tenable

package
v0.0.0-...-3dc4f16 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 5, 2018 License: Apache-2.0 Imports: 17 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Asset

type Asset struct {
	ID       string    `json:"id"`
	HasAgent bool      `json:"has_agent"`
	LastSeen time.Time `json:"last_seen"`
	Sources  []struct {
		Name      string    `json:"name"`
		FirstSeen time.Time `json:"first_seen"`
		LastSeen  time.Time `json:"last_seen"`
	} `json:"sources"`
	// NOTE these types are just observed... the API docs don't specify a type
	Ipv4            []string `json:"ipv4"`
	Ipv6            []string `json:"ipv6"`
	Fqdn            []string `json:"fqdn"`
	NetbiosName     []string `json:"netbios_name"`
	OperatingSystem []string `json:"operating_system"`
	AgentName       []string `json:"agent_name"`
	MacAddress      []string `json:"mac_address"`
}

type AssetInfo

type AssetInfo struct {
	Info struct {
		TimeEnd         time.Time `json:"time_end"`
		TimeStart       time.Time `json:"time_start"`
		ID              string    `json:"id"`
		UUID            string    `json:"uuid"`
		OperatingSystem []string  `json:"operating_system"`
		Fqdn            []string  `json:"fqdn"`
		Counts          struct {
			Vulnerabilities struct {
				Total      int `json:"total"`
				Severities []struct {
					Count int    `json:"count"`
					Level int    `json:"level"`
					Name  string `json:"name"`
				} `json:"severities"`
			} `json:"vulnerabilities"`
			Audits struct {
				Total    int `json:"total"`
				Statuses []struct {
					Count int    `json:"count"`
					Level int    `json:"level"`
					Name  string `json:"name"`
				} `json:"statuses"`
			} `json:"audits"`
		} `json:"counts"`
		HasAgent                  bool      `json:"has_agent"`
		CreatedAt                 time.Time `json:"created_at"`
		UpdatedAt                 time.Time `json:"updated_at"`
		FirstSeen                 time.Time `json:"first_seen"`
		LastSeen                  time.Time `json:"last_seen"`
		LastAuthenticatedScanDate time.Time `json:"last_authenticated_scan_date"`
		LastLicensedScanDate      time.Time `json:"last_licensed_scan_date"`
		Sources                   []struct {
			Name      string    `json:"name"`
			FirstSeen time.Time `json:"first_seen"`
			LastSeen  time.Time `json:"last_seen"`
		} `json:"sources"`
		Tags                    []string `json:"tags"`
		Ipv4                    []string `json:"ipv4"`
		Ipv6                    []string `json:"ipv6"`
		MacAddress              []string `json:"mac_address"`
		NetbiosName             []string `json:"netbios_name"`
		SystemType              []string `json:"system_type"`
		TenableUUID             []string `json:"tenable_uuid"`
		Hostname                []string `json:"hostname"`
		AgentName               []string `json:"agent_name"`
		BiosUUID                []string `json:"bios_uuid"`
		AwsEc2InstanceID        []string `json:"aws_ec2_instance_id"`
		AwsEc2InstanceAmiID     []string `json:"aws_ec2_instance_ami_id"`
		AwsOwnerID              []string `json:"aws_owner_id"`
		AwsAvailabilityZone     []string `json:"aws_availability_zone"`
		AwsRegion               []string `json:"aws_region"`
		AwsVpcID                []string `json:"aws_vpc_id"`
		AwsEc2InstanceGroupName []string `json:"aws_ec2_instance_group_name"`
		AwsEc2InstanceStateName []string `json:"aws_ec2_instance_state_name"`
		AwsEc2InstanceType      []string `json:"aws_ec2_instance_type"`
		AwsSubnetID             []string `json:"aws_subnet_id"`
		AwsEc2ProductCode       []string `json:"aws_ec2_product_code"`
		AwsEc2Name              []string `json:"aws_ec2_name"`
		AzureVMID               []string `json:"azure_vm_id"`
		AzureResourceID         []string `json:"azure_resource_id"`
		SSHFingerprint          []string `json:"ssh_fingerprint"`
		McafeeEpoGUID           []string `json:"mcafee_epo_guid"`
		McafeeEpoAgentGUID      []string `json:"mcafee_epo_agent_guid"`
		QualysAssetID           []string `json:"qualys_asset_id"`
		QualysHostID            []string `json:"qualys_host_id"`
		ServicenowSysid         []string `json:"servicenow_sysid"`
	} `json:"info"`
}

type AssetVulnerabilities

type AssetVulnerabilities struct {
	AssetId                 string
	Vulnerabilities         []Vulnerability `json:"vulnerabilities"`
	TotalVulnerabilityCount int             `json:"total_vulnerability_count"`
	TotalAssetCount         int             `json:"total_asset_count"`
}

this is a list of vulnerabilities for a specific asset

type AssetVulnerabilityInfo

type AssetVulnerabilityInfo VulnerabilityInfo

this is a list of vulnerabilities for a specific plugin on a specific asset

type AssetVulnerabilityInfoList

type AssetVulnerabilityInfoList struct {
	AssetId         string
	Asset           *AssetInfo // this ideally shouldn't have to be here
	Vulnerabilities []*AssetVulnerabilityInfo
}

Custom, higher level data structure

func (*AssetVulnerabilityInfoList) ToCsvHeader

func (a *AssetVulnerabilityInfoList) ToCsvHeader() []string

so TODO XXX FIXME this stuff should be like, a template file of some kind bad place for this would be nice to

func (*AssetVulnerabilityInfoList) ToCsvRecords

func (a *AssetVulnerabilityInfoList) ToCsvRecords() [][]string

bad place for this, need to make this more generic, somehow, and more customizable...

type Assets

type Assets struct {
	Assets []Asset `json:"assets"`
	Total  int     `json:"total"`
}

type AssetsVulnerabilities

type AssetsVulnerabilities struct {
	Assets          []Asset `json:"assets"`
	TotalAssetCount int     `json:"total_asset_count"`
}

this is a list of assets that have known vulnerabilities

type AwsTargets

type AwsTargets struct {
	Targets []struct {
		ContainerUUID string `json:"container_uuid"`
		ScannerUUID   string `json:"scanner_uuid"`
		InstanceID    string `json:"instance_id"`
		PrivateIP     string `json:"private_ip"`
		PublicIP      string `json:"public_ip,omitempty"`
		State         string `json:"state"`
		Zone          string `json:"zone"`
		Type          string `json:"type"`
		Name          string `json:"name,omitempty"`
	} `json:"targets"`
}

type Client

type Client struct {

	// turn this on if you want to dump request/response
	Debug bool

	// all the service objects defined in lowercaseservicename.go
	Editor      *EditorService
	Folders     *FoldersService
	Server      *ServerService
	Scans       *ScansService
	Scanners    *ScannersService
	Workbenches *WorkbenchesService

	// Query parameters struct
	QueryOpts *QueryOpts
	// contains filtered or unexported fields
}

func NewClient

func NewClient(accessKey string, secretKey string) *Client

func (*Client) Delete

func (t *Client) Delete(ctx context.Context, u string, opts *QueryOpts, body io.Reader, dest interface{}) (*Response, error)

func (*Client) Do

func (t *Client) Do(ctx context.Context, req *http.Request, dest interface{}) (*Response, error)

func (*Client) Get

func (t *Client) Get(ctx context.Context, u string, opts *QueryOpts, dest interface{}) (*Response, error)

func (*Client) ImpersonateAs

func (t *Client) ImpersonateAs(username string)

func (*Client) NewRequest

func (t *Client) NewRequest(method string, relativeUrl string, body io.Reader) (*http.Request, error)

func (*Client) PlainGet

func (t *Client) PlainGet(ctx context.Context, u string) (*http.Response, error)

odd authenticated duck that can be used for arbitrary gets, e.g., for export file downloads... yeah, it's a hack this can get refactored into Get, or really into *Do*

func (*Client) Post

func (t *Client) Post(ctx context.Context, u string, opts *QueryOpts, body io.Reader, dest interface{}) (*Response, error)

func (*Client) SetBaseUrl

func (t *Client) SetBaseUrl(baseUrl string)

func (*Client) SetHttpClient

func (t *Client) SetHttpClient(client *http.Client)

type EditorService

type EditorService service

func (*EditorService) List

func (s *EditorService) List(ctx context.Context, templateType string) (*Templates, *Response, error)

List templates (API supports "scan" and "policy" template types)

type Filter

type Filter struct {
	Control struct {
		ReadableRegex string `json:"readable_regex"`
		Regex         string `json:"regex"`
		Type          string `json:"type"`
	} `json:"control"`
	GroupName    string   `json:"group_name"`
	Name         string   `json:"name"`
	Operators    []string `json:"operators"`
	ReadableName string   `json:"readable_name"`
}

what's this

type FilterOpts

type FilterOpts struct {
	// the filter name; get from the filters endpoint or the Tenable API docs
	Filter  string `json:"filter"`
	Quality string `json:"quality"`
	Value   string `json:"value"`
}

For use in query strings

type Filters

type Filters struct {
	Opts []FilterOpts
}

func (*Filters) ToQueryString

func (f *Filters) ToQueryString() string

TODO test

type Folder

type Folder struct {
	Custom      int    `json:"custom"`
	DefaultTag  int    `json:"default_tag"`
	ID          int    `json:"id"`
	Name        string `json:"name"`
	Type        string `json:"type"`
	UnreadCount int    `json:"unread_count"`
}

type FoldersList

type FoldersList struct {
	Folders []Folder `json:"folders"`
}

type FoldersService

type FoldersService service

func (*FoldersService) List

type History

type History struct {
	AltTargetsUsed       bool   `json:"alt_targets_used"`
	CreationDate         int    `json:"creation_date"`
	HistoryID            int    `json:"history_id"`
	LastModificationDate int    `json:"last_modification_date"`
	OwnerID              int    `json:"owner_id"`
	Scheduler            int    `json:"scheduler"`
	Status               string `json:"status"`
	Type                 string `json:"type"`
	UUID                 string `json:"uuid"`
}

type Host

type Host struct {
	AssetID             int    `json:"asset_id"`
	Critical            int    `json:"critical"`
	High                int    `json:"high"`
	HostID              int    `json:"host_id"`
	HostIndex           int    `json:"host_index"`
	Hostname            string `json:"hostname"`
	Info                int    `json:"info"`
	Low                 int    `json:"low"`
	Medium              int    `json:"medium"`
	Numchecksconsidered int    `json:"numchecksconsidered"`
	Progress            string `json:"progress"`
	Scanprogresscurrent int    `json:"scanprogresscurrent"`
	Scanprogresstotal   int    `json:"scanprogresstotal"`
	Score               int    `json:"score"`
	Severity            int    `json:"severity"`
	Severitycount       struct {
		Item []struct {
			Count         int `json:"count"`
			Severitylevel int `json:"severitylevel"`
		} `json:"item"`
	} `json:"severitycount"`
	Totalchecksconsidered int `json:"totalchecksconsidered"`
}

type Note

type Note struct {
	Title    string `json:"title"`
	Message  string `json:"message"`
	Severity int    `json:"severity"`
}

type NumericBool

type NumericBool bool

NumericBool type because Tenable sometimes returns 1 for what should be boolean

func (NumericBool) MarshalJSON

func (n NumericBool) MarshalJSON() ([]byte, error)

func (NumericBool) UnmarshalJSON

func (n NumericBool) UnmarshalJSON(b []byte) error

type QueryOpts

type QueryOpts struct {
	// your normal key=value,key=value params
	Params string // TODO map

}

type Remediation

type Remediation struct {
	Value       string `json:"value"`
	Remediation string `json:"remediation"`
	Hosts       int    `json:"hosts"`
	Vulns       int    `json:"vulns"`
}

type Response

type Response struct {
	RawResponse *http.Response
	RawBody     []byte
}

TODO this doesn't add any utility, and takes up more space just use http.Response and nopcloser to get raw body reuse or just don't even pass the response around; there's really no need

func (*Response) BodyJson

func (r *Response) BodyJson() string

TODO error handling

type Scan

type Scan struct {
	Control              bool        `json:"control"`
	CreationDate         int         `json:"creation_date"`
	Enabled              bool        `json:"enabled"`
	ID                   int         `json:"id"`
	LastModificationDate int         `json:"last_modification_date"`
	Legacy               bool        `json:"legacy"`
	Name                 string      `json:"name"`
	Owner                string      `json:"owner"`
	Permissions          int         `json:"permissions"`
	Read                 NumericBool `json:"read"`
	Rrules               string      `json:"rrules"`
	ScheduleUUID         string      `json:"schedule_uuid"`
	Shared               bool        `json:"shared"`
	Starttime            string      `json:"starttime"`
	Status               string      `json:"status"`
	Timezone             string      `json:"timezone"`
	Type                 string      `json:"type"`
	UserPermissions      int         `json:"user_permissions"`
	UUID                 string      `json:"uuid"`
}

type ScanDetail

type ScanDetail struct {
	Comphosts  []Host          `json:"comphosts"`
	Compliance []Vulnerability `json:"compliance"`
	Filters    []Filter        `json:"filters"`
	History    []History       `json:"history"`
	Hosts      []Host          `json:"hosts"`
	Info       struct {
		Acls []struct {
			DisplayName interface{} `json:"display_name"`
			ID          interface{} `json:"id"`
			Name        interface{} `json:"name"`
			Owner       interface{} `json:"owner"`
			Permissions int         `json:"permissions"`
			Type        string      `json:"type"`
		} `json:"acls"`
		AltTargetsUsed  bool        `json:"alt_targets_used"`
		Control         bool        `json:"control"`
		EditAllowed     bool        `json:"edit_allowed"`
		FolderID        int         `json:"folder_id"`
		Hasaudittrail   bool        `json:"hasaudittrail"`
		Haskb           bool        `json:"haskb"`
		Hostcount       int         `json:"hostcount"`
		Name            string      `json:"name"`
		NoTarget        bool        `json:"no_target"`
		ObjectID        int         `json:"object_id"`
		Owner           string      `json:"owner"`
		Pci_can_upload  bool        `json:"pci-can-upload"`
		Policy          string      `json:"policy"`
		ScanEnd         int         `json:"scan_end"`
		ScanStart       int         `json:"scan_start"`
		ScanType        string      `json:"scan_type"`
		ScannerEnd      interface{} `json:"scanner_end"`
		ScannerName     string      `json:"scanner_name"`
		ScannerStart    interface{} `json:"scanner_start"`
		ScheduleUUID    string      `json:"schedule_uuid"`
		Shared          interface{} `json:"shared"`
		Status          string      `json:"status"`
		Targets         string      `json:"targets"`
		Timestamp       int         `json:"timestamp"`
		UserPermissions int         `json:"user_permissions"`
		UUID            string      `json:"uuid"`
	} `json:"info"`
	Notes        []Note `json:"notes"`
	Remediations struct {
		NumCves           int           `json:"num_cves"`
		NumHosts          int           `json:"num_hosts"`
		NumImpactedHosts  int           `json:"num_impacted_hosts"`
		NumRemediatedCves int           `json:"num_remediated_cves"`
		Remediations      []Remediation `json:"remediations"`
	} `json:"remediations"`
	Vulnerabilities []Vulnerability `json:"vulnerabilities"`
}

type ScanExportOptions

type ScanExportOptions struct {
	ScanId int
	Format string
}

type Scanner

type Scanner struct {
	CreationDate         int    `json:"creation_date"`
	Distro               string `json:"distro,omitempty"`
	EngineVersion        string `json:"engine_version,omitempty"`
	Group                bool   `json:"group"`
	ID                   int    `json:"id"`
	Key                  string `json:"key"`
	LastConnect          int    `json:"last_connect"`
	LastModificationDate int    `json:"last_modification_date"`
	Linked               int    `json:"linked"`
	LoadedPluginSet      string `json:"loaded_plugin_set,omitempty"`
	Name                 string `json:"name"`
	EnvironmentName      string `json:"environment_name"`
	NumHosts             int    `json:"num_hosts,omitempty"`
	NumScans             int    `json:"num_scans"`
	NumSessions          int    `json:"num_sessions,omitempty"`
	NumTCPSessions       int    `json:"num_tcp_sessions,omitempty"`
	Owner                string `json:"owner"`
	OwnerID              int    `json:"owner_id"`
	OwnerName            string `json:"owner_name"`
	OwnerUUID            string `json:"owner_uuid"`
	Platform             string `json:"platform,omitempty"`
	Pool                 bool   `json:"pool"`
	ScanCount            int    `json:"scan_count"`
	Shared               int    `json:"shared"`
	Source               string `json:"source"`
	Status               string `json:"status"`
	Timestamp            int    `json:"timestamp"`
	Type                 string `json:"type"`
	UIBuild              string `json:"ui_build,omitempty"`
	UIVersion            string `json:"ui_version,omitempty"`
	UserPermissions      int    `json:"user_permissions"`
	UUID                 string `json:"uuid"`
	AwsUpdateInterval    int    `json:"aws_update_interval,omitempty"`
	License              struct {
		ActivationCode string `json:"activation_code"`
		Users          int    `json:"users"`
		Evaluation     bool   `json:"evaluation"`
		ExpirationDate int    `json:"expiration_date"`
		Agents         int    `json:"agents"`
		Ips            int    `json:"ips"`
		Apps           struct {
			Pci struct {
				Mode string `json:"mode"`
			} `json:"pci"`
			Consec struct {
				Mode           string `json:"mode"`
				ExpirationDate int    `json:"expiration_date"`
			} `json:"consec"`
			Was struct {
				Mode           string `json:"mode"`
				ExpirationDate int    `json:"expiration_date"`
			} `json:"was"`
		} `json:"apps"`
		Scanners     int `json:"scanners"`
		ScannersUsed int `json:"scanners_used"`
		AgentsUsed   int `json:"agents_used"`
	} `json:"license,omitempty"`
}

represents an instance of a scanner

type Scanners

type Scanners struct {
	Scanners []Scanner `json:"scanners"`
}

type ScannersService

type ScannersService service

func (*ScannersService) GetAwsTargets

func (s *ScannersService) GetAwsTargets(ctx context.Context, scannerId int) (*AwsTargets, *Response, error)

List targets for a given AWS scanner

func (*ScannersService) List

List scanner instances

type Scans

type Scans struct {
	Folders   []Folder `json:"folders"`
	Scans     []Scan   `json:"scans"`
	Timestamp int      `json:"timestamp"`
}

type ScansCreateConfig

type ScansCreateConfig struct {
	// editor template uuid (see api docs for /scans/create, /editor/list)
	// 'template' refers to the scan types, like "Basic Network Scan", "Advanced Network Scan", etc
	TemplateUUID string `yaml:"template_uuid,omitempty" json:"uuid,omitempty"` // required
	Settings     struct {
		Name        string        `yaml:"name,omitempty" json:"name,omitempty"` // required
		Description string        `yaml:"description,omitempty" json:"description,omitempty"`
		PolicyId    int           `yaml:"policy_id,omitempty" json:"policy_id,omitempty"`
		FolderId    int           `yaml:"folder_id,omitempty" json:"folder_id,omitempty"`
		ScannerId   int           `yaml:"scanner_id,omitempty" json:"scanner_id,omitempty"` // *not* required
		Enabled     bool          `yaml:"enabled,omitempty" json:"enabled,omitempty"`       // required
		Launch      string        `yaml:"launch,omitempty" json:"launch,omitempty"`
		Starttime   string        `yaml:"starttime,omitempty" json:"starttime,omitempty"`
		RRules      string        `yaml:"rrules,omitempty" json:"rrules,omitempty"`
		Timezone    string        `yaml:"timezone,omitempty" json:"timezone,omitempty"`
		TextTargets []string      `yaml:"text_targets,omitempty" json:"text_targets,omitempty"` // required
		FileTargets string        `yaml:"file_targets,omitempty" json:"file_targets,omitempty"`
		Emails      string        `yaml:"emails,omitempty" json:"emails,omitempty"`
		ACLs        []interface{} `yaml:"acls,omitempty" json:"acls,omitempty"` // docs don't specify type
	} `yaml:"settings,omitempty" json:"settings,omitempty"`
}

lots of yaml tags on this one because a user likely needs yaml if making scans from the cli. if you're doing just a few targets, or very simple scan setup, I actually recommend using the web UI for this partcular task

func ReadScanConfig

func ReadScanConfig(configFile string) (*ScansCreateConfig, error)

GROSS should not be here. Also see: random YAML tags in the config strut

type ScansExportRequest

type ScansExportRequest struct {
	File      int    `json:"file"`
	TempToken string `json:"temp_token"`
}

type ScansExportStatus

type ScansExportStatus struct {
	Status string `json:"status"`
}

type ScansLaunch

type ScansLaunch struct {
	ScanUUID string `json:"scan_uuid"`
}

response when a scan is launched

type ScansService

type ScansService service

func (*ScansService) Create

func (s *ScansService) Create(ctx context.Context, config *ScansCreateConfig) error

XXX named return values here. would be best to use that everywhere, or nowhere ;(

func (*ScansService) Detail

func (s *ScansService) Detail(ctx context.Context, scanId int) (*ScanDetail, *Response, error)

func (*ScansService) ExportRequest

func (s *ScansService) ExportRequest(ctx context.Context, scanId int, format string) (*ScansExportRequest, *Response, error)

func (*ScansService) ExportStatus

func (s *ScansService) ExportStatus(ctx context.Context, scanId int, fileId int) (*ScansExportStatus, *Response, error)

I don't know why the types or responses of the export endpoints are different between workbenches and scans. Ask Tenable

func (*ScansService) Launch

func (s *ScansService) Launch(ctx context.Context, scanId int, targets []string) (*ScansLaunch, *Response, error)

func (*ScansService) List

func (s *ScansService) List(ctx context.Context) (*Scans, *Response, error)

func (*ScansService) Pause

func (s *ScansService) Pause(ctx context.Context, scanId int, targets []string) error

func (*ScansService) Resume

func (s *ScansService) Resume(ctx context.Context, scanId int, targets []string) error

func (*ScansService) Stop

func (s *ScansService) Stop(ctx context.Context, scanId int, targets []string) error

type ServerProperties

type ServerProperties struct {
	Analytics struct {
		Enabled bool   `json:"enabled"`
		Key     string `json:"key"`
		SiteID  string `json:"site_id"`
	} `json:"analytics"`
	Capabilities struct {
		MultiScanner      bool   `json:"multi_scanner"`
		MultiUser         string `json:"multi_user"`
		ReportEmailConfig bool   `json:"report_email_config"`
		TwoFactor         struct {
			SMTP   bool `json:"smtp"`
			Twilio bool `json:"twilio"`
		} `json:"two_factor"`
	} `json:"capabilities"`
	ContainerDbVersion string `json:"container_db_version"`
	Enterprise         bool   `json:"enterprise"`
	Evaluation         struct {
		LimitEnabled bool `json:"limitEnabled"`
		Scans        int  `json:"scans"`
		Targets      int  `json:"targets"`
	} `json:"evaluation"`
	Expiration     int    `json:"expiration"`
	ExpirationTime int    `json:"expiration_time"`
	ForceUIReload  bool   `json:"force_ui_reload"`
	IdleTimeout    string `json:"idle_timeout"`
	License        struct {
		ActivationCode string `json:"activation_code"`
		Agents         int    `json:"agents"`
		AgentsUsed     int    `json:"agents_used"`
		Apps           struct {
			Consec struct {
				ExpirationDate int    `json:"expiration_date"`
				Mode           string `json:"mode"`
			} `json:"consec"`
			Pci struct {
				Mode string `json:"mode"`
			} `json:"pci"`
			Was struct {
				ExpirationDate int    `json:"expiration_date"`
				Mode           string `json:"mode"`
			} `json:"was"`
		} `json:"apps"`
		Evaluation     bool `json:"evaluation"`
		ExpirationDate int  `json:"expiration_date"`
		Ips            int  `json:"ips"`
		Scanners       int  `json:"scanners"`
		ScannersUsed   int  `json:"scanners_used"`
		Users          int  `json:"users"`
	} `json:"license"`
	LimitEnabled    bool          `json:"limitEnabled"`
	LoadedPluginSet string        `json:"loaded_plugin_set"`
	LoginBanner     interface{}   `json:"login_banner"`
	Msp             bool          `json:"msp"`
	NessusType      string        `json:"nessus_type"`
	NessusUIBuild   string        `json:"nessus_ui_build"`
	NessusUIVersion string        `json:"nessus_ui_version"`
	Notifications   []interface{} `json:"notifications"`
	PluginSet       string        `json:"plugin_set"`
	ScannerBoottime int           `json:"scanner_boottime"`
	ServerBuild     string        `json:"server_build"`
	ServerUUID      string        `json:"server_uuid"`
	ServerVersion   string        `json:"server_version"`
	Update          struct {
		Href       interface{} `json:"href"`
		NewVersion int         `json:"new_version"`
		Restart    int         `json:"restart"`
	} `json:"update"`
}

type ServerService

type ServerService service

func (*ServerService) Properties

func (s *ServerService) Properties(ctx context.Context) (*ServerProperties, *Response, error)

func (*ServerService) Status

func (s *ServerService) Status(ctx context.Context) (*ServerStatus, *Response, error)

type ServerStatus

type ServerStatus struct {
	Code   int    `json:"code"`
	Status string `json:"status"`
}

type Template

type Template struct {
	Unsupported      bool        `json:"unsupported"`
	CloudOnly        bool        `json:"cloud_only"`
	Desc             string      `json:"desc"`
	Order            interface{} `json:"order"`
	SubscriptionOnly bool        `json:"subscription_only"`
	IsWas            interface{} `json:"is_was"`
	Title            string      `json:"title"`
	IsAgent          interface{} `json:"is_agent"`
	UUID             string      `json:"uuid"`
	ManagerOnly      bool        `json:"manager_only"`
	Name             string      `json:"name"`
}

type Templates

type Templates struct {
	Templates []Template `json:"templates"`
}

type Vulnerabilities

type Vulnerabilities struct {
	Vulnerabilities         []Vulnerability `json:"vulnerabilities"`
	TotalVulnerabilityCount int             `json:"total_vulnerability_count"`
	TotalAssetCount         int             `json:"total_asset_count"`
}

type VulnerabilitiesFilters

type VulnerabilitiesFilters struct {
	Filters []Filter `json:"filters"`
}

type Vulnerability

type Vulnerability struct {
	Count              int    `json:"count"`
	PluginFamily       string `json:"plugin_family"`
	PluginId           int    `json:"plugin_id"`
	PluginName         string `json:"plugin_name"`
	VulnerabilityState string `json:"vulnerability_state"`
	AcceptedCount      int    `json:"accepted_count"`
	RecastedCount      int    `json:"recasted_count"`
	CountsBySeverity   []struct {
		Count int `json:"count"`
		Value int `json:"value"`
	} `json:"counts_by_severity"`
	Severity int `json:"severity"`
}

type VulnerabilityInfo

type VulnerabilityInfo struct {
	PluginId string
	// TODO rename
	Info struct {
		Count       int    `json:"count"`
		Description string `json:"description"`
		Synopsis    string `json:"synopsis"`
		Solution    string `json:"solution"`
		Discovery   struct {
			SeenFirst time.Time `json:"seen_first"`
			SeenLast  time.Time `json:"seen_last"`
		} `json:"discovery"`
		Severity      int `json:"severity"`
		PluginDetails struct {
			Family           string    `json:"family"`
			ModificationDate time.Time `json:"modification_date"`
			Name             string    `json:"name"`
			PublicationDate  time.Time `json:"publication_date"`
			Type             string    `json:"type"`
			Version          string    `json:"version"`
			Severity         int       `json:"severity"`
		} `json:"plugin_details"`
		ReferenceInformation []struct {
			Name string `json:"name"`
			URL  string `json:"url,omitempty"`
			// the API is very inconsistent with the return type here
			Values []interface{} `json:"values"`
		} `json:"reference_information"`
		// NOTE api defines these 'interface' fields as just 'object'
		RiskInformation struct {
			RiskFactor          string      `json:"risk_factor"`
			CvssVector          string      `json:"cvss_vector"`
			CvssBaseScore       string      `json:"cvss_base_score"`
			CvssTemporalVector  interface{} `json:"cvss_temporal_vector"`
			CvssTemporalScore   interface{} `json:"cvss_temporal_score"`
			Cvss3Vector         string      `json:"cvss3_vector"`
			Cvss3BaseScore      string      `json:"cvss3_base_score"`
			Cvss3TemporalVector interface{} `json:"cvss3_temporal_vector"`
			Cvss3TemporalScore  interface{} `json:"cvss3_temporal_score"`
			StigSeverity        string      `json:"stig_severity"`
		} `json:"risk_information"`
		SeeAlso []string `json:"see_also"`
		// this name is overloaded
		VulnerabilityInformation struct {
			VulnerabilityPublicationDate time.Time     `json:"vulnerability_publication_date"`
			ExploitedByMalware           interface{}   `json:"exploited_by_malware"`
			PatchPublicationDate         time.Time     `json:"patch_publication_date"`
			ExploitAvailable             interface{}   `json:"exploit_available"`
			ExploitabilityEase           interface{}   `json:"exploitability_ease"`
			AssetInventory               interface{}   `json:"asset_inventory"`
			DefaultAccount               interface{}   `json:"default_account"`
			ExploitedByNessus            interface{}   `json:"exploited_by_nessus"`
			InTheNews                    interface{}   `json:"in_the_news"`
			Malware                      interface{}   `json:"malware"`
			UnsupportedByVendor          interface{}   `json:"unsupported_by_vendor"`
			Cpe                          []string      `json:"cpe"`
			ExploitFrameworks            []interface{} `json:"exploit_frameworks"`
		} `json:"vulnerability_information"`
	} `json:"info"`
}

this is a list of vulnerabilities for a specific plugin (maybe rename to PluginVulnerabilityInfo? I'm keeping the naming consistent with the Tenable docs, which tends to use this kind of ambiguous naming)

type VulnerabilityOutput

type VulnerabilityOutput struct {
	PluginOutput string `json:"plugin_output"`
	States       []struct {
		Name    string `json:"name"`
		Results []struct {
			ApplicationProtocol string `json:"application_protocol"`
			Port                int    `json:"port"`
			TransportProtocol   string `json:"transport_protocol"`
			// not the same as the usual Asset, so no refactor here
			Assets []struct {
				Hostname string `json:"hostname"`
				ID       string `json:"id"`
				UUID     string `json:"uuid"`
			} `json:"assets"`
			Severity int `json:"severity"`
		} `json:"results"`
	} `json:"states"`
}

type VulnerabilityOutputs

type VulnerabilityOutputs struct {
	Outputs []VulnerabilityOutput `json:"outputs"`
}

type WbExportRequest

type WbExportRequest struct {
	File int `json:"file"`
}

type WbExportStatus

type WbExportStatus struct {
	ProgressTotal string `json:"progress_total"`
	Progress      string `json:"progress"`
	Status        string `json:"status"`
}

type WorkbenchExportRequestOpts

type WorkbenchExportRequestOpts struct {
	// REQUIRED
	// valid values are nessus, html, pdf, csv
	Format string `url:"format"`
	// only valid value is vulnerabilities
	Report string `url:"report"`
	// date given as unix epoch time
	// semicolon-separated list, valid values are vuln_by_plugin, vuln_by_asset, vuln_hosts_summary, exec_summary, diff
	// only vuln_by_asset is supported for nessus format
	Chapter string `url:"chapter"`

	// NOT REQUIRED
	StartDate int `url:"start_date,omitempty"`
	// number of days
	DateRange int    `url:"date_range,omitempty"`
	Filters   string `url:"filters,omitempty"` // TODO
	// valid values are and, or
	FilterSearchType string `url:"filter_search_type,omitempty"`
	MinimumVulnInfo  bool   `url:"minimum_vuln_info,omitempty"`
	PluginId         int    `url:"plugin_id,omitempty"`
	AssetId          string `url:"asset_id,omitempty"`
}

unused

type WorkbenchesService

type WorkbenchesService service

func (*WorkbenchesService) AssetDelete

func (s *WorkbenchesService) AssetDelete(ctx context.Context, assetUUID string) (*Response, error)

Delete an asset from the workbench This DELETE request in Tenable doesn't have a response body or request

func (*WorkbenchesService) AssetVulnerabilities

func (s *WorkbenchesService) AssetVulnerabilities(ctx context.Context, assetId string) (*AssetVulnerabilities, *Response, error)

List up to the first 5000 vulnerabilities recorded for a single asset . NB this is not `AssetsVulnerabilities` (multiple assets)

func (*WorkbenchesService) AssetVulnerabilityInfo

func (s *WorkbenchesService) AssetVulnerabilityInfo(ctx context.Context, assetId string, pluginId string) (*AssetVulnerabilityInfo, *Response, error)

Get the details for a vulnerability recorded on a given asset

func (*WorkbenchesService) AssetVulnerabilityInfoList

func (s *WorkbenchesService) AssetVulnerabilityInfoList(ctx context.Context, assetId string) (*AssetVulnerabilityInfoList, error)

AssetVulnerabilityInfo for every plugin that detected a vulnerability on the asset

func (*WorkbenchesService) AssetVulnerabilityOutputs

func (s *WorkbenchesService) AssetVulnerabilityOutputs(ctx context.Context, assetId string, pluginId string) (*VulnerabilityOutputs, *Response, error)

Get the vulnerability outputs for a single plugin for a single asset

func (*WorkbenchesService) Assets

func (s *WorkbenchesService) Assets(ctx context.Context) (*Assets, *Response, error)

List up to 5000 assets

func (*WorkbenchesService) AssetsInfo

func (s *WorkbenchesService) AssetsInfo(ctx context.Context, assetId string) (*AssetInfo, *Response, error)

Get general information about an asset

func (*WorkbenchesService) AssetsVulnerabilities

func (s *WorkbenchesService) AssetsVulnerabilities(ctx context.Context) (*AssetsVulnerabilities, *Response, error)

List up to 5000 assets with vulnerabilities. NB this is not `AssetVulnerabilities` (one asset)

func (*WorkbenchesService) ExportDownload

func (s *WorkbenchesService) ExportDownload(ctx context.Context) (*WbExportRequest, *Response, error)

Downloads the file, which you likely don't want to do through Go

func (*WorkbenchesService) ExportRequest

func (s *WorkbenchesService) ExportRequest(ctx context.Context) (*WbExportRequest, *Response, error)

FIXME the export struct names will collide with scan exports, BUT they might be the same structure, and thus be common

func (*WorkbenchesService) ExportStatus

func (s *WorkbenchesService) ExportStatus(ctx context.Context, fileId int) (*WbExportStatus, *Response, error)

Query the status for a particular pending export file. When it's ready, the .status field will be "ready" TODO I don't like that it's passed as an int

func (*WorkbenchesService) Vulnerabilities

func (s *WorkbenchesService) Vulnerabilities(ctx context.Context) (*Vulnerabilities, *Response, error)

List up to the first 5000 vulnerabilities recorded. Use the export-request API if you need more than that

func (*WorkbenchesService) VulnerabilitiesFilters

func (s *WorkbenchesService) VulnerabilitiesFilters(ctx context.Context) (*VulnerabilitiesFilters, *Response, error)

Get the available filters for the vulnerabilities workbench

func (*WorkbenchesService) VulnerabilitiesInfo

func (s *WorkbenchesService) VulnerabilitiesInfo(ctx context.Context, pluginId string) (*VulnerabilityInfo, *Response, error)

Get the vulnerability details for a plugin

func (*WorkbenchesService) VulnerabilityOutputs

func (s *WorkbenchesService) VulnerabilityOutputs(ctx context.Context, pluginId string) (*VulnerabilityOutputs, *Response, error)

Get the vulnerability outputs for a given plugin TODO wat mean

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL