search

tenable / pyTenable

Python Library for interfacing into Tenable's platform APIs
https://pytenable.readthedocs.io
MIT License
354 stars 173 forks source link

It is taking too long to show the vulnerability data based on specified filter value. #609

Closed CyberTeam4321 closed 2 years ago

CyberTeam4321 commented 2 years ago

Describe the bug If I include the source to show vulnerability such as Cumulative or Mitigated and filter the result based on Severity such as Critical, high, medium and low except Informational, the result is talking a long time to process. It is still pending around 7 hours..

To Reproduce Steps to reproduce the behavior: sc = TenableSC('IPADDRESS') sc.login(access_key='redacted', secret_key='redacted') for vulns in sc.analysis.vulns(source='cumulative'): if (vulns['severity']['id']) != '0': print(vulns)

Expected behavior A clear and concise description of what you expected to happen.

Screenshots If applicable, add screenshots to help explain your problem.

System Information (please complete the following information):

SteveMcGrath commented 2 years ago

Firstly, you should do as much of your filtering server-side, and not on the client.

with TenableSC(url='https://IPADDRESS', access_key='AKEY', secret_key='SKEY') as sc:
    for vuln in sc.analysis.vulns(('severity', '=', '1,2,3,4')):
        print(vuln)

That should run faster right off the bat. If you need more speed, try increasing the page limit so more items get returned per page:

with TenableSC(url='https://IPADDRESS', access_key='AKEY', secret_key='SKEY') as sc:
    for vuln in sc.analysis.vulns(('severity', '=', '1,2,3,4'), limit=1000):
        print(vuln)

If things are still quite slow, take a look at the Tenable.sc instance and see if it's performing correctly. If it's being overtaxed then it may have problems serving the data within a reasonable timeframe.