Create active scan
Action ID:tools.tenable_sc.create_active_scan
Create a Tenable Security Center scan using an existing policy and set of assets or targets.
Reference: https://docs.tenable.com/security-center/api/Scan.htm
Secrets
Required secrets:tenable_sc: required valuesTENABLE_SC_ACCESS_KEY,TENABLE_SC_SECRET_KEY.
Input fields
Name of the scan to create.
Repository ID targeted by the scan.
Asset object IDs that the scan should target.Default:
[].Tenable Security Center base URL (e.g. https://security-center.example.com).Default:
null.Credential objects to use for authenticated scanning.Default:
[].Optional scan description shown in Tenable Security Center.Default:
null.Comma-separated list of additional targets/IP ranges.Default:
null.Policy ID to associate with the scan (required for policy scans).Default:
null.Scan type (e.g. policy, discovery, agent).Default:
"policy".Whether to verify TLS certificates when calling the API.Default:
true.Run analysis query
Action ID:tools.tenable_sc.run_analysis_query
Execute a Tenable Security Center analysis query (e.g. vuln details for a scan).
Reference: https://docs.tenable.com/security-center/api/Analysis.htm
Secrets
Required secrets:tenable_sc: required valuesTENABLE_SC_ACCESS_KEY,TENABLE_SC_SECRET_KEY.
Input fields
ID of the scan whose results the query should evaluate.
Analysis type to pass to the Analysis API.Default:
"vuln".Tenable Security Center base URL (e.g. https://security-center.example.com).Default:
null.Ending offset for pagination.Default:
100.Tenable Security Center analysis query block (tool, type, filters, etc.).Default:
{ "tool": "vulndetails", "type": "vuln" }.Sort direction for the results.Default:
"desc".Field to sort results by.Default:
"severity".Result source type (e.g. individual, cumulative, lce).Default:
"individual".Starting offset for pagination.Default:
0.Whether to verify TLS certificates when calling the API.Default:
true.View applied to the result set (e.g. all, exploitable, accepted).Default:
"all".