pyTenable icon indicating copy to clipboard operation
pyTenable copied to clipboard
verified publisher icon tenable

'age' parameter in workbenches.vulns() conflicts functionally with Tenable API 'age' parameter

Open Draphtx opened this issue 3 years ago • 2 comments

Is your feature request related to a problem? Please describe. In the Tenable API Workbenches/List Vulnerabilities documentation, the age parameter is described as Lists only those vulnerabilities older than a certain number of days. In pyTenable, the age parameter on the workbenches.vulns() call is described as The maximum age of the data to be returned. This is borne out in practice; both do what they say in the docs, but those are almost completely-opposite functions: one shows data older than x days, while the other shows data within/newer than x days.

pyTenable's workbenches.vulns(age=x) results can be replicated in the Tenable API using the date_range parameter - i.e. if you use a date_range of 14 days you get the same results as workbenches.vulns(age=14) - so this is almost certainly misnamed on the pyTenable side. If nothing else it is very confusing to have it work so differently than the API's age parameter.

Describe the solution you'd like For things like polling for out-of-sla vulnerabilities, the results from date_range calls are insufficient because we are interested specifically in vulnerabilities that are older than x days, not newer/within x days. Tenable's API gives us that functionality, but not pyTenable.

It would be great if the age parameter in pyTenable was 1:1 functionally with the age parameter in the Tenable API.

Describe alternatives you've considered If I am misunderstanding why this was done or if there is another way to replicate the functionality of the age parameter in the Tenable API that I am just missing, I would happily use it if I could find it.

Draphtx avatar May 12 '22 15:05 Draphtx

Please do not use the workbench APIs. They are very limited in what they return. Use the exports APIs or the v3 search APIs instead.

SteveMcGrath avatar Aug 09 '22 15:08 SteveMcGrath

are their plans to deprecate the workbench APIs? Where is some information about the preferred options? I am currently relying on the vuln_by_plugin and would like to keep the output the same as what I retrieve today.

WilliamMiteff avatar Sep 08 '22 14:09 WilliamMiteff

Here's the export vulns function. Hope this helps.

aseemsavio avatar Nov 03 '22 10:11 aseemsavio

Hi @WilliamMiteff ,

There is a 'Note' in the workbench developer docs which states to use exports for large or frequent exports, Here, hope this answers your question.

Thanks, pyTenable Team

inayathulla avatar Nov 08 '22 07:11 inayathulla