search

tenable / pyTenable

Python Library for interfacing into Tenable's platform APIs
https://pytenable.readthedocs.io
MIT License
343 stars 172 forks source link

Calling `scan.details(<UUID>)` returns an error. #729

Closed perfectra1n closed 2 months ago

perfectra1n commented 11 months ago

Describe the bug Either I'm losing my mind, or calling a scan via UUID isn't working as expected.

To Reproduce

tio = TenableIO(secrets['TIO_ACCESS_KEY'], secrets['TIO_SECRET_KEY'])
print(tio.scans.details("bd721b19-31c9-4d12-8ba7-abca89aa60f0"))

Returns:

[400: GET] https://cloud.tenable.com/editor/scan/bd721b19-31c9-4d12-8ba7-abca89aa60f0 body=b'{"error":"Invalid \'id\' field: invalid type \'string\', expecting \'int\' / invalid uuid format"}'

However, in the documentation:

        Args:
            scan_id (int or uuid): The unique identifier for the scan.

I tried converting it to the Python UUID type, and submitting it:

tio = TenableIO(secrets['TIO_ACCESS_KEY'], secrets['TIO_SECRET_KEY'])
print(tio.scans.details(UUID("bd721b19-31c9-4d12-8ba7-abca89aa60f0")))

It still returned an error.

Expected behavior Be able to fetch scan details via UUID: https://developer.tenable.com/reference/scans-details

System Information (please complete the following information): pyTenable 1.4.13

SecOpsQC commented 11 months ago

lol I'm crazy or this issue is the exact opposite of : https://github.com/tenable/pyTenable/issues/726#issuecomment-1768463544

""error":"Invalid \'id\' field: invalid type \'string\', expecting \'int\' "

image

On SC we need to force it to be a string, it was an int before.

miguelvalente commented 4 months ago

Any update on this? @SteveMcGrath

SteveMcGrath commented 2 months ago

lol I'm crazy or this issue is the exact opposite of : #726 (comment)

""error":"Invalid 'id' field: invalid type 'string', expecting 'int' "

image

On SC we need to force it to be a string, it was an int before.

This is actually a very different issue thanks to some error handling that was erroneously introduced into the Tenable SecurityCenter API that required the integers to be string formatted.

As for the issue relating to the TVM scan.details method, that method routed through the editor API, which currently only accepts an integer value.

scans.details attempts to recreate the config of the scan using the editor API: https://pytenable.readthedocs.io/en/stable/api/io/scans.html#tenable.io.scans.ScansAPI.details

the API's "scan details" is actually a truncated JSON report of the last scan that was run with some config data thrown in as well. To use that API, refer to the scans.results method instead.

https://pytenable.readthedocs.io/en/stable/api/io/scans.html#tenable.io.scans.ScansAPI.results

perfectra1n commented 2 months ago

Gotchya, so what would you say is the workaround or fix? To use the scan.results() method instead of scan.details(<UUID>) @SteveMcGrath?

SteveMcGrath commented 2 months ago

yes, in the SDK/library re linked that API to "results" as its a more correct name to what it's doing. "details" is a term we reserve for the configuration of that object. The Nessus and TVM GET /scans/<ID> call currently does not conform to REST guidelines, so we try to remap it to the appropriate action name.