Skip to main content

Export Vulnerabilities

Exports vulnerabilities that match the request criteria. Requires ADMINISTRATOR [64] user permissions.

External Documentation

To learn more, visit the Tenable documentation.

Basic Parameters

ParameterDescription
Asset CountSpecifies the number of assets used to chunk the vulnerabilities. The vulnerabilities export is split up by number of asset IDs in a chunk. The exported data of a chunk is the sum of all the vulnerabilities for each asset in that chunk. The range for number of assets in a chunk is a minimum of 50 (the default size) to a maximum of 5,000. If you specify a value outside this range, the system uses the upper or lower-bound value.
Filter By CIDR RangeRestricts search for vulnerabilities to assets assigned an IP address within the specified CIDR range. For example, 0.0.0.0/0 restricts the search to 0.0.0.1 and 255.255.255.254.
Filter By Network IDThe ID of the network object associated with scanners that detected the vulnerabilities you want to export. The default network ID is 00000000-0000-0000-0000-000000000000. To determine the ID of a custom network, use the GET /networks endpoint. For more information about network objects, see Manage Networks.
SeverityThe severity of the vulnerabilities to include in the export. Defaults to all severity levels. The severity of a vulnerability is defined using the Common Vulnerability Scoring System (CVSS) base score. Supported array values are:
  • info—The vulnerability has a CVSS score of 0.
  • low—The vulnerability has a CVSS score between 0.1 and 3.9.
  • medium—The vulnerability has a CVSS score between 4.0 and 6.9.
  • high—The vulnerability has a CVSS score between 7.0 and 9.9.
  • critical—The vulnerability has a CVSS score of 10.0.

Advanced Parameters

ParameterDescription
First FoundReturns vulnerabilities that were first found between the specified date (in Unix time) and now.
Include UnlicensedSpecifies whether or not to include unlicensed assets. The default is false when no parameter is specified.
Index AtReturns vulnerabilities that were indexed into Tenable.io at the specified date and time (in Unix time).
Plugin TypeThe plugin type for which you want to filter the vulnerabilities returned in the vulnerability export. For example, remote, local, combined, etc. If your request omits this parameter, the export includes all vulnerabilities regardless of plugin type.

Example Output

{
    "value": {
        "export_uuid": "bf765455-53aa-4e70-9ef3-87cfca1d2be0"
    }
}

Workflow Library Example

Export Vulnerabilities with Tenable and Send Results Via Email

Workflow LibraryPreview this Workflow on desktop