Security Center Plus API terminates before all data is returned

[ewing-bpl]

Describe the bug

We were pulling some data from the Security Center Plus API using pyTenable version 1.5.0. We got the following error:

API Recordkeeping error. api_total=127255, api_count=10000.052631578947, page_size=10001, iter_total=1

The data pull would stop at that point.

Here's a debug line that shows you what API call we were using:

2024-07-30 15:04:15,859 DEBUG Request: {"method": "POST", "url": "https://redacted.net:443/rest/analysis", "params": {}, "body": {"type": "vuln", "sourceType": "cumulative", "query": {"tool": "vulndetails", "type": "vuln", "filters": [{"filterName": "lastSeen", "operator": "=", "value": "0:180"}, {"filterName": "iavmID", "operator": "=", "value": "A-,B-"}, {"filterName": "xref", "operator": "!=", "value": "IAVA|-S,IAVB|-S"}, {"filterName": "wasVuln", "operator": "=", "value": "excludeWas"}], "startOffset": 10000, "endOffset": 20000}}}

self._limit is set to 10000, so it's odd that the API was returning 10001 records. It also seems strange that the returnedRecords field is not an integer.

Here's part of the JSON data returned from the API call:

{'type': 'regular',
 'response': {'totalRecords': '127255',
              'returnedRecords': 10000.052631578947,
              'startOffset': '0',
              'endOffset': '10000',

We are running:

Security Center Plus Version: 6.3.0 Server Build ID: 20240212225233

System Information (please complete the following information):

• OS: Alpine Linux 3.19.0, MacOS 13.6.7
• Architecture 64bit
• Memory 32Gb

[SteveMcGrath]

This is definitely interesting... Have you filed an issue with Tenable support as well?

[ewing-bpl]

This is definitely interesting... Have you filed an issue with Tenable support as well?

Not yet, but we plan to do so today.

[SteveMcGrath]

when you do so, can you please also email me the ticket info as well smcgrath at tenable.com.