From abf21c1e5509bcb73c374a670beced0d20891f25 Mon Sep 17 00:00:00 2001 From: Aseem Savio Date: Thu, 25 Jan 2024 17:05:32 +0530 Subject: [PATCH 1/4] compliance export phase 1 filters --- tenable/io/exports/api.py | 28 +++++++++++++++++++++++++ tenable/io/exports/schema.py | 12 +++++++++++ tests/io/exports/test_schema.py | 37 +++++++++++++++++++++++++++++++++ 3 files changed, 77 insertions(+) diff --git a/tenable/io/exports/api.py b/tenable/io/exports/api.py index d0b1389f8..5bd8633a1 100644 --- a/tenable/io/exports/api.py +++ b/tenable/io/exports/api.py @@ -339,6 +339,34 @@ def compliance(self, **kwargs) -> Union[ExportsIterator, UUID]: last_seen (int, optional): Returns findings with a last seen time newer than the specified unix timestamp. + ipv4_addresses (list[str], optional): + Returns Compliance findings found for the provided list of ipv4 addresses. + ipv6_addresses (list[str], optional): + Returns Compliance findings found for the provided list of ipv6 addresses. + plugin_name (list[str], optional): + Returns Compliance findings for the specified list of plugin names. + plugin_id (list[int], optional): + Returns Compliance findings for the specified list of plugin IDs. + asset_tags (list[str], optional): + Returns Compliance findings for the specified list of asset tags. + audit_name (str, optional): + Restricts compliance findings to those associated with the specified audit. + audit_file_name (str, optional): + Restricts compliance findings to those associated with the specified audit file name. + compliance_results (list[str], optional): + Restricts compliance findings to those associated with the specified list of compliance results, + such as PASSED, FAILED, SKIPPED, ERROR, UNKNOWN etc. + last_observed (int,optional): + Restricts compliance findings to those that were last observed on or after the specified unix timestamp. + indexed_at (int, optional): + Restricts compliance findings to those that were updated or indexed into Tenable Vulnerability Management + on or after the specified unix timestamp. + since (int, optional): + Same as indexed_at. Restricts compliance findings to those that were updated or indexed into Tenable + Vulnerability Management on or after the specified unix timestamp. + state (list[str], optional): + Restricts compliance findings to those associated with the provided list of states, such as Active, + Fixed, New and Resurfaced num_findings (int): The number of findings to return per chunk of data. If left unspecified, the default is ``5000``. diff --git a/tenable/io/exports/schema.py b/tenable/io/exports/schema.py index fd5fa01e2..d6f75eafe 100644 --- a/tenable/io/exports/schema.py +++ b/tenable/io/exports/schema.py @@ -115,6 +115,18 @@ class ComplianceExportSchema(Schema): # Temporal fields first_seen = fields.Int() last_seen = fields.Int() + ipv4_addresses = fields.List(fields.Str()) + ipv6_addresses = fields.List(fields.Str()) + plugin_name = fields.List(fields.Str()) + plugin_id = fields.List(fields.Int()) + asset_tags = fields.List(fields.Str()) + audit_name = fields.Str() + audit_file_name = fields.Str() + compliance_results = fields.List(fields.Str()) + last_observed = fields.Int() + indexed_at = fields.Int() + since = fields.Int() + state = fields.List(fields.Str()) # Other params asset = fields.List(fields.UUID()) diff --git a/tests/io/exports/test_schema.py b/tests/io/exports/test_schema.py index 385cdeaf1..7cf3b9f38 100644 --- a/tests/io/exports/test_schema.py +++ b/tests/io/exports/test_schema.py @@ -84,6 +84,33 @@ def compliance_export(): } +@pytest.fixture +def compliance_export_phase_1_schema(): + """ + Example compliance export request with phase 1 filters + """ + return { + 'first_seen': 1635798607, + 'last_seen': 1635798607, + 'asset': ['f634d639-cc33-4149-a683-5ad6b8f29d9c', + uuid.UUID('c62f8737-8623-45a3-bdcb-560daacb21f1'), + ], + 'num_findings': 1000, + 'ipv4_addresses': ['192.168.0.1'], + 'ipv6_addresses': ['2001:0db8:85a3:0000:0000:8a2e:0370:7334'], + 'plugin_name': ['Debian dla-3719 : php-seclib - security update', 'Debian dsa-5607 : chromium - security update'], + 'plugin_id': [189491, 189490], + 'asset_tags': ['tag-a', 'tag-b'], + 'audit_name': 'my-audit-name', + 'audit_file_name': 'my-audit-file-name', + 'compliance_results': ['PASSED'], + 'last_observed': 1635798607, + 'indexed_at': 1635798607, + 'since': 1635798607, + 'state': ['Active'] + } + + @pytest.fixture def vuln_export(): ''' @@ -244,3 +271,13 @@ def test_asset_export_schema_without_open_ports(asset_export_with_out_open_ports schema = AssetExportSchema() schema_dump = schema.dump(schema.load(asset_export_with_out_open_ports)) assert "include_open_ports" not in schema_dump + +def test_compliance_export_phase_1_filters(compliance_export_phase_1_schema): + """ + Test Compliance Export Phase 1 Filter Schema + """ + schema = ComplianceExportSchema() + schema_dump = schema.dump(schema.load(compliance_export_phase_1_schema)) + + # checking random element + assert schema_dump["filters"]["state"][0] == "Active" \ No newline at end of file From 74474c18b21722121162c3b049f272f3618e0452 Mon Sep 17 00:00:00 2001 From: Aseem Savio Date: Thu, 25 Jan 2024 17:05:32 +0530 Subject: [PATCH 2/4] compliance export phase 1 filters --- tenable/io/exports/api.py | 28 +++++++++++++++++++++++++ tenable/io/exports/schema.py | 12 +++++++++++ tests/io/exports/test_schema.py | 37 +++++++++++++++++++++++++++++++++ 3 files changed, 77 insertions(+) diff --git a/tenable/io/exports/api.py b/tenable/io/exports/api.py index d0b1389f8..5bd8633a1 100644 --- a/tenable/io/exports/api.py +++ b/tenable/io/exports/api.py @@ -339,6 +339,34 @@ def compliance(self, **kwargs) -> Union[ExportsIterator, UUID]: last_seen (int, optional): Returns findings with a last seen time newer than the specified unix timestamp. + ipv4_addresses (list[str], optional): + Returns Compliance findings found for the provided list of ipv4 addresses. + ipv6_addresses (list[str], optional): + Returns Compliance findings found for the provided list of ipv6 addresses. + plugin_name (list[str], optional): + Returns Compliance findings for the specified list of plugin names. + plugin_id (list[int], optional): + Returns Compliance findings for the specified list of plugin IDs. + asset_tags (list[str], optional): + Returns Compliance findings for the specified list of asset tags. + audit_name (str, optional): + Restricts compliance findings to those associated with the specified audit. + audit_file_name (str, optional): + Restricts compliance findings to those associated with the specified audit file name. + compliance_results (list[str], optional): + Restricts compliance findings to those associated with the specified list of compliance results, + such as PASSED, FAILED, SKIPPED, ERROR, UNKNOWN etc. + last_observed (int,optional): + Restricts compliance findings to those that were last observed on or after the specified unix timestamp. + indexed_at (int, optional): + Restricts compliance findings to those that were updated or indexed into Tenable Vulnerability Management + on or after the specified unix timestamp. + since (int, optional): + Same as indexed_at. Restricts compliance findings to those that were updated or indexed into Tenable + Vulnerability Management on or after the specified unix timestamp. + state (list[str], optional): + Restricts compliance findings to those associated with the provided list of states, such as Active, + Fixed, New and Resurfaced num_findings (int): The number of findings to return per chunk of data. If left unspecified, the default is ``5000``. diff --git a/tenable/io/exports/schema.py b/tenable/io/exports/schema.py index fd5fa01e2..d6f75eafe 100644 --- a/tenable/io/exports/schema.py +++ b/tenable/io/exports/schema.py @@ -115,6 +115,18 @@ class ComplianceExportSchema(Schema): # Temporal fields first_seen = fields.Int() last_seen = fields.Int() + ipv4_addresses = fields.List(fields.Str()) + ipv6_addresses = fields.List(fields.Str()) + plugin_name = fields.List(fields.Str()) + plugin_id = fields.List(fields.Int()) + asset_tags = fields.List(fields.Str()) + audit_name = fields.Str() + audit_file_name = fields.Str() + compliance_results = fields.List(fields.Str()) + last_observed = fields.Int() + indexed_at = fields.Int() + since = fields.Int() + state = fields.List(fields.Str()) # Other params asset = fields.List(fields.UUID()) diff --git a/tests/io/exports/test_schema.py b/tests/io/exports/test_schema.py index 385cdeaf1..7cf3b9f38 100644 --- a/tests/io/exports/test_schema.py +++ b/tests/io/exports/test_schema.py @@ -84,6 +84,33 @@ def compliance_export(): } +@pytest.fixture +def compliance_export_phase_1_schema(): + """ + Example compliance export request with phase 1 filters + """ + return { + 'first_seen': 1635798607, + 'last_seen': 1635798607, + 'asset': ['f634d639-cc33-4149-a683-5ad6b8f29d9c', + uuid.UUID('c62f8737-8623-45a3-bdcb-560daacb21f1'), + ], + 'num_findings': 1000, + 'ipv4_addresses': ['192.168.0.1'], + 'ipv6_addresses': ['2001:0db8:85a3:0000:0000:8a2e:0370:7334'], + 'plugin_name': ['Debian dla-3719 : php-seclib - security update', 'Debian dsa-5607 : chromium - security update'], + 'plugin_id': [189491, 189490], + 'asset_tags': ['tag-a', 'tag-b'], + 'audit_name': 'my-audit-name', + 'audit_file_name': 'my-audit-file-name', + 'compliance_results': ['PASSED'], + 'last_observed': 1635798607, + 'indexed_at': 1635798607, + 'since': 1635798607, + 'state': ['Active'] + } + + @pytest.fixture def vuln_export(): ''' @@ -244,3 +271,13 @@ def test_asset_export_schema_without_open_ports(asset_export_with_out_open_ports schema = AssetExportSchema() schema_dump = schema.dump(schema.load(asset_export_with_out_open_ports)) assert "include_open_ports" not in schema_dump + +def test_compliance_export_phase_1_filters(compliance_export_phase_1_schema): + """ + Test Compliance Export Phase 1 Filter Schema + """ + schema = ComplianceExportSchema() + schema_dump = schema.dump(schema.load(compliance_export_phase_1_schema)) + + # checking random element + assert schema_dump["filters"]["state"][0] == "Active" \ No newline at end of file From 2ef84bd52c0ca2d33783c459661a1fafe7a026d9 Mon Sep 17 00:00:00 2001 From: Aseem Savio Date: Tue, 19 Mar 2024 18:36:37 +0530 Subject: [PATCH 3/4] state filter doc changed in compliance export. --- tenable/io/exports/api.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tenable/io/exports/api.py b/tenable/io/exports/api.py index 5bd8633a1..feec061d7 100644 --- a/tenable/io/exports/api.py +++ b/tenable/io/exports/api.py @@ -365,8 +365,7 @@ def compliance(self, **kwargs) -> Union[ExportsIterator, UUID]: Same as indexed_at. Restricts compliance findings to those that were updated or indexed into Tenable Vulnerability Management on or after the specified unix timestamp. state (list[str], optional): - Restricts compliance findings to those associated with the provided list of states, such as Active, - Fixed, New and Resurfaced + Restricts compliance findings to those associated with the provided list of states, such as open, reopened and fixed. num_findings (int): The number of findings to return per chunk of data. If left unspecified, the default is ``5000``. From 2872c38d28fa7d6407bd723d51feaa88eb1ff4d7 Mon Sep 17 00:00:00 2001 From: Aseem Savio Date: Tue, 19 Mar 2024 18:52:50 +0530 Subject: [PATCH 4/4] changelog updated --- CHANGELOG.md | 10 +++++++++- tenable/version.py | 2 +- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a1e5ba261..79f8bb6a5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,13 +4,21 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.4.21] + +### Added +- Support for new Compliance Export Enhancement fields in Vulnerability Management. +- Support for `currentPassword` field in SC Users API. + +[1.4.21]: https://github.com/tenable/pyTenable/compare/1.4.20...1.4.21 + ## [1.4.20] ### Fixed - Bug that causes pyTenable to error out when `srcInterface` or `dstInterface` values in `events` object in OT is non-null. [1.4.20]: https://github.com/tenable/pyTenable/compare/1.4.19...1.4.20 -. + ## [1.4.19] diff --git a/tenable/version.py b/tenable/version.py index 4d9e8dca0..52cc388d0 100644 --- a/tenable/version.py +++ b/tenable/version.py @@ -1,2 +1,2 @@ -version = '1.4.20' +version = '1.4.21' version_info = tuple(int(d) for d in version.split("-")[0].split("."))