You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Attempting to use the TenableSC accept_risks.create() method while providing a list of ip addresses with the 'ips' argument returns
the following error:
ERROR:restfly.errors.APIError:[403: POST] https://XXXXXXXXXXXXX:443/rest/acceptRiskRule body=b'{"type":"regular","response":"","error_code":146,"error_msg":"Please specify ips for this Accept Risk Rule.\\nPlease specify an IP Range.\\n","warnings":[],"timestamp":1677001796}\n'
The debug output below shows that the request body has the proper 'hostType" and 'hostValue' properties set.
This error occurs with Tenable.sc version 6.0.0.
Accept Risk rules are successfully created on Tenable.sc version 5.23.1.
When the 'ips' argument is omitted, an accept risk rule is successful created which targets all assets in the repository.
To Reproduce
import logging
from tenable.sc import TenableSC
logging.basicConfig(level=logging.DEBUG)
logger = logging.getLogger("Bug-report")
with TenableSC(
host="<TENABLE.SC HOST>",
access_key="<ACCESS KEY>",
secret_key="<SECRET KEY>") as sc:
try:
sc.accept_risks.create(
99130,
[2],
ips = ["192.168.1.5","192.168.1.6"]
)
except Exception as e:
logger.debug(e)
Expected behavior
A new accept risk rule is created for plugin id 99130 targeting ip addresses 192.168.1.5 and 192.168.1.6
Debug output
DEBUG:tenable.sc.TenableSC:Request: {"method": "GET", "url": "https://XXXXXXXXX:443/rest/system", "params": {}, "body": {}}
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): XXXXXXXX:443
DEBUG:urllib3.connectionpool:https://XXXXXXXXX:443 "GET /rest/system HTTP/1.1" 200 None
DEBUG:tenable.sc.TenableSC:Request: {"method": "POST", "url": "https://XXXXXXXXX:443/rest/acceptRiskRule", "params": {}, "body": {"hostType": "ip", "repositories": [{"id": 2}], "plugin": {"id": "99130"}, "hostValue": "192.168.1.5,192.168.1.6"}}
DEBUG:urllib3.connectionpool:https://XXXXXXXXXX:443 "POST /rest/acceptRiskRule HTTP/1.1" 403 178
ERROR:restfly.errors.APIError:[403: POST] https://XXXXXXXXXX:443/rest/acceptRiskRule body=b'{"type":"regular","response":"","error_code":146,"error_msg":"Please specify ips for this Accept Risk Rule.\\nPlease specify an IP Range.\\n","warnings":[],"timestamp":1677002768}\n'
DEBUG:Bug-report:[403: POST] https://XXXXXXXXXXX:443/rest/acceptRiskRule body=b'{"type":"regular","response":"","error_code":146,"error_msg":"Please specify ips for this Accept Risk Rule.\\nPlease specify an IP Range.\\n","warnings":[],"timestamp":1677002768}\n'
System Information (please complete the following information):
OS: Windows 10
Architecture: 64bit
Version 21H2
Memory 16G
pyTenable version: 1.4.12
Python version: 3.10.2
Tenable.sc version: 6.0.0
Tenable.sc OS version: CentOS 7
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered:
We cannot duplicate this. I used a Tenable.sc instance version SC 6.0.0. I've tried the exact same request using the API, for an IPv4, Agent, and Universal repository. The rule was created for each. It did not create the rule for an IPv6 repository, but did not return an error, returned 200, error code 0, because the addresses were not IPv6 addresses.
The error code in the example response that you gave us above is 146, which means Invalid Data. Is it possible that there are invisible characters in the POST request?
I've left the organization where I encounter this error so I'm afraid I can no longer troubleshoot. However as far as my example is concerned, you can see the post request on line 4 of the Debug Output section above.
Describe the bug
Attempting to use the TenableSC accept_risks.create() method while providing a list of ip addresses with the 'ips' argument returns
the following error:
The debug output below shows that the request body has the proper 'hostType" and 'hostValue' properties set.
This error occurs with Tenable.sc version 6.0.0.
Accept Risk rules are successfully created on Tenable.sc version 5.23.1.
When the 'ips' argument is omitted, an accept risk rule is successful created which targets all assets in the repository.
To Reproduce
Expected behavior
A new accept risk rule is created for plugin id 99130 targeting ip addresses 192.168.1.5 and 192.168.1.6
Debug output
System Information (please complete the following information):
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: