Skip to content

"scan" command

Jump to bottom
Casey Reid edited this page Jul 17, 2021 · 8 revisions

Purpose

You can't do much in Tenable.io without Vulnerability information. While scheduled scans are extremely effective they don't scale in a lot of scenarios. The ability to automate a scan after another event is crucial in today's enterprise. In addition, as a remediator, you may benefit from the quick nature of a command-line tool; scanning a group of assets for a single vulnerability.

Command Options

Scan commands - 'navi scan'

  • change --> Change Ownership

    • --who --> check what scans a current user owns before transferring the scans.
    • --owner --> Current owner
    • --new --> New user you are changing ownership to

  • create TEXT --> Quickly Scan a Target

    • --scanner --> scanner ID which will perform the scan
    • --cred --> Credential UUID to be used during the scan
    • --plugin TEXT Plugin required for Remediation Scan
    • -discovery Scan using the Discovery Template
    • --custom TEXT Scan using a custom Scan Template
    • --policy TEXT Custom Policy ID to use for the scan

  • details TEXT --> Display Scan Details using a Scan ID

  • hosts TEXT --> Display Hosts found by a Scan ID

  • latest --> Display the Latest scan information

  • pause TEXT --> Pause a running Scan ID

  • resume TEXT --> Resume a paused Scan ID

  • start TEXT --> Start a valid Scan ID

  • status TEXT --> Get Scan Status ID

  • stop TEXT --> Stop a Running Scan ID

Examples

Change Scanner Ownership

First See what scans a user owns

navi scan change --who "[email protected]"

Then tansfer the scans owned by User A to User B

navi scan change --owner "[email protected]" --new "[email protected]"

Create a Scan Examples

navi scan create 192.168.128.1 -scanner 123456

navi scan create 192.168.128.0/24 -discovery

navi scan create 192.168.128.2 -scanner <scanner id> --cred <cred uuid> --plugin <plugin>

Workflow

  • A basic Policy is used by default. Use -discovery or -custom to alter
  • If -scanner option is missing you will be prompted to enter in your scanner ID after displaying your scanners
  • Scan will immediately kick off

Control your scans

navi scan pause 13

navi scan resume 13

navi scan stop 13

navi scan start 13

Find Available scanners

navi display -scanners

Find details of a certain scan

navi scan details 13

Find hosts that responded to a certain scan

navi scan hosts 13
Clone this wiki locally