Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SecurityCenter scans.create(max_time: int) issue on value #760

Open
ve2tmq opened this issue Feb 14, 2024 · 4 comments
Open

SecurityCenter scans.create(max_time: int) issue on value #760

ve2tmq opened this issue Feb 14, 2024 · 4 comments
Labels
documentation Documentation issues Tenable.sc Tenable.sc Package upstream-api The issue is related to the calling API or API Docs

Comments

@ve2tmq
Copy link

ve2tmq commented Feb 14, 2024
edited

Max_time in API use hours, but pytenable documentation indicate in seconds. I tried to create scan with max_time=1 and see on web SecurityCenter, I got max duration = 1 hour.

In documentation it's write: "max_time (int, optional) – The maximum amount of time that the scan may run in seconds. 0 or less for unlimited. The default is 3600 seconds."

In reality, it's not on seconds, but in hours.
I use SecurityCenter version 6.1.0

To Reproduce

from tenable.sc import TenableSC
import configparser
import warnings
warnings.filterwarnings("ignore")

class connectSC:
SC = dict()
uri = dict()

def __init__(self, filename = 'connectSC.cfg'):
    cfg = configparser.ConfigParser()
    cfg.read(filename)
    sections = cfg.sections()
    for section in sections:
        self.uri[section] = cfg[section]['uri']
        self.SC[section] = TenableSC(self.uri[section])
        keys = list()
        for key in cfg[section]:
            keys.append(key)

        if 'access_key' in keys and 'secret_key' in keys:
            self.SC[section].login(access_key=cfg[section]['access_key'], secret_key=cfg[section]['secret_key'])
        elif 'username' in keys and 'password' in keys:
            self.SC[section].login(username=cfg[section]['username'], password=cfg[section]['password'])

sc = connectSC()
sc.SC['my_org'].scans.create(name='Test', repo=6, max_time=1, policy_id=1000290, asset_lists=['1978'])

now check on web SecurityCenter the scan Test max duration is 1 hour. If I set to 3600, it's "Nothing Selected"
@aseemsavio aseemsavio added the Tenable.sc Tenable.sc Package label Feb 15, 2024
@aseemsavio
Copy link
Collaborator

@ve2tmq pyTenable is inline with the public documentation for the POST /scan API. I'll get back to you after getting clarity on the API side of things.

@aseemsavio aseemsavio added the upstream-api The issue is related to the calling API or API Docs label Feb 15, 2024
@aseemsavio
Copy link
Collaborator

@ve2tmq - max_time should always accompany inactivity_timeout. max_time should be in multiples of 3600, and inactivity_timeout must be between 3600 and max_time.

@ve2tmq
Copy link
Author

ve2tmq commented Feb 15, 2024

Hi

I understand that, but my observations indicates the unit should not be in seconds but in hours. The function works, the issue is in the doc. The doc is worng.

@SteveMcGrath SteveMcGrath added the bug This is a bug with the pyTenable library label Feb 15, 2024
@SteveMcGrath
Copy link
Contributor

Can confirm that max_time is indeed hours, not seconds in the upstream API

@SteveMcGrath SteveMcGrath added documentation Documentation issues and removed bug This is a bug with the pyTenable library labels Feb 15, 2024
SteveMcGrath added a commit that referenced this issue May 20, 2024
@SteveMcGrath
Updated docstrings based on discovery from #760
cedbd91
SteveMcGrath added a commit that referenced this issue May 20, 2024
@SteveMcGrath
Multiple Doc fixes #752, #760
ae03010
@SteveMcGrath SteveMcGrath mentioned this issue May 20, 2024
Open
14 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation Documentation issues Tenable.sc Tenable.sc Package upstream-api The issue is related to the calling API or API Docs
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@SteveMcGrath @aseemsavio @ve2tmq