Reporting

class nessus.Report(uri, api)
attributes(report)

List of filter attributes associated with a given report.

Parameters:report – UUID of the report

Permissions:

  • authenticated: Yes
  • administrator: No
can_delete_item(report)

Determine if a specified report allows items to be deleted.

Parameters:report – UUID of the report

Permissions:

  • authenticated: Yes
  • administrator: No

Example:

>>> from nessus import API
>>> nessus = API('https://127.0.0.1:8834', username='user', password='pass')
>>> name = nessus.report.list()[0]['name']
>>> nessus.report.can_delete_item(name)
True
>>> if nessus.report.can_delete_item(name):
>>>    print 'Report {} allows items to be deleted'.format(name)
Report 95c309f8-2578-fd3e-9e4d-a8aa6d6511e8b617b5a088c93309 allows items to be deleted
delete(report)

Delete a specified report.

Parameters:report – UUID of the report to be deleted

Permissions:

  • authenticated: Yes
  • administrator: No
details(report, hostname, port, protocol)

Details of a scan for a given host.

Parameters:
  • report – UUID of the report
  • hostname – name of host to display scan details for
  • port – port to display scan results for
  • protocol – protocol of open port on host to display scan details for

Permissions:

  • authenticated: Yes
  • administrator: No

Example:

>>> from nessus import API
>>> nessus = API('https://127.0.0.1:8834', username='user', password='pass')
>>> name = nessus.report.list()[0]['name']
>>> print nessus.report.details(name, '127.0.0.1', '0', 'tcp')
[
  {
    "severity": "1",
    "pluginid": "19506",
    "pluginname": "Nessus Scan Information",
    "item_id": "117",
    "data": {
      "description": "This script displays, for each tested host, information about the scan itself :(...)",
      "plugin_modification_date": "2014/06/20",
      "plugin_name": "Nessus Scan Information",
      "plugin_publication_date": "2005/08/26",
      "script_version": "$Revision: 1.69 $",
      "solution": "n/a",
      "risk_factor": "None",
      "synopsis": "Information about the Nessus scan.",
      "fname": "scan_info.nasl",
      "plugin_type": "summary",
      "@xmlns:cm": "http://www.nessus.org/cm"
    },
    "port": "general/tcp"
  },(...)

Todo

check if all args are required

download()
Raises:NotImplementedError

Todo

/file/report/download, /chapter, /chapter/list, /file/xslt, /file/xslt/list

errors(report)

List of any errors associated with a given report.

Parameters:report – UUID of the report

Permissions:

  • authenticated: Yes
  • administrator: No
has_audit_trail(report)

Determine if a specified report has an Audit Trail associated with it.

Parameters:report – UUID of the report

Permissions:

  • authenticated: Yes
  • administrator: No

Example:

>>> from nessus import API
>>> nessus = API('https://127.0.0.1:8834', username='user', password='pass')
>>> name = nessus.report.list()[0]['name']
>>> nessus.report.has_audit_trail(name)
True
>>> if nessus.report.has_audit_trail(name):
>>>    print 'Report {} has audit trail'.format(name)
Report 95c309f8-2578-fd3e-9e4d-a8aa6d6511e8b617b5a088c93309 has audit trail
has_kb(report)

Determine if a specified report has a KB associated with it.

Parameters:report – UUID of the report

Permissions:

  • authenticated: Yes
  • administrator: No

Example:

>>> from nessus import API
>>> nessus = API('https://127.0.0.1:8834', username='user', password='pass')
>>> name = nessus.report.list()[0]['name']
>>> nessus.report.has_kb(name)
True
>>> if nessus.report.kb(name):
>>>    print 'Report {} has a KB associated with it'.format(name)
Report 95c309f8-2578-fd3e-9e4d-a8aa6d6511e8b617b5a088c93309 has a KB associated with it
hosts(report)

List of hosts contained in a specified report.

Parameters:report – UUID of the report

Permissions:

  • authenticated: Yes
  • administrator: No

Example:

>>> from nessus import API
>>> nessus = API('https://127.0.0.1:8834', username='user', password='pass')
>>> name = nessus.report.list()
[
  {
    "status": "imported",
    "timestamp": 1416478505,
    "name": "95c309f8-2578-fd3e-9e4d-a8aa6d6511e8b617b5a088c93309",
    "readableName": "Test Scan"
  },
  (...)
]
>>> print nessus.report.hosts('95c309f8-2578-fd3e-9e4d-a8aa6d6511e8b617b5a088c93309')
{
  "scanprogresscurrent": "0",
  "scanprogresstotal": "100",
  "totalchecksconsidered": "100",
  "hostname": "127.0.0.1",
  "numchecksconsidered": "100",
  "severitycount": {
    "item": [
      {
        "severitylevel": "0",
        "count": "0"
      },
      {
        "severitylevel": "1",
        "count": "10"
      },
      {
        "severitylevel": "2",
        "count": "0"
      },
      {
        "severitylevel": "3",
        "count": "1"
      }
    ]
  },
  "severity": "11"
}

Get second host name from list and pass as arg to hosts():

>>> second_host = nessus.report.list()[1]['name']
>>> print nessus.report.hosts(second_host)
{
  "scanprogresscurrent": "0",
  "scanprogresstotal": "100",
  (...)
}
list()

List of available scan reports.

Permissions:

  • authenticated: Yes
  • administrator: No

Example:

>>> from nessus import API
>>> nessus = API('https://127.0.0.1:8834', username='user', password='pass')
>>> print nessus.report.list()
[
  {
    "status": "imported",
    "timestamp": 1416478505,
    "name": "95c309f8-2578-fd3e-9e4d-a8aa6d6511e8b617b5a088c93309",
    "readableName": "Test Scan"
  },
  (...)
]
ports(report, hostname)

List of ports, and the number of findings on each port for each severity.

Severities: Info, Low, Medium, High, Critical

Parameters:
  • report – UUID of the report
  • hostname – name of host to display open ports for

Permissions:

  • authenticated: Yes
  • administrator: No

Example:

>>> from nessus import API
>>> nessus = API('https://127.0.0.1:8834', username='user', password='pass')
>>> name = nessus.report.list()[0]['name']
>>> print nessus.report.ports(name, '127.0.0.1')
[
  {
    "svcname": "general",
    "portnum": "0",
    "protocol": "tcp",
    "severity": "3",
    "severitycount": {
      "item": [
        {
          "severitylevel": "0",
          "count": "0"
        },
        {
          "severitylevel": "1",
          "count": "2"
        },
        {
          "severitylevel": "2",
          "count": "0"
        },
        {
          "severitylevel": "3",
          "count": "1"
        }
      ]
    }
  }, (...)
tags(report, hostname)

Tags of a scan for a given host.

Some plugins can create “tags” for a remote host that can be extracted later. For example, the OS fingerreturn plugin creates the tag “operating-system” with the actual OS as a value. This makes it easier to extract data automatically.

Parameters:
  • report – UUID of the report
  • hostname – name of host to display scan details for

Permissions:

  • authenticated: Yes
  • administrator: No

Note

“Tags” cover plugin-supplied information, such as the OS name, type of credentials used, etc.

trail_details(report, hostname, plugin_id)

Audit trail details for a specified report.

Parameters:
  • report – UUID of the report
  • hostname – host name or IP (optional)
  • plugin_id – numeric ID of a Nessus plugin

Permissions:

  • authenticated: Yes
  • administrator: No

Todo

check if all args are required

upload(path)
Raises:NotImplementedError

Todo

/file/report/import