Skip to content

"scan bridge" command

Casey Reid edited this page Jul 23, 2021 · 3 revisions

Purpose

If you are a tenable diehard then you know that Tenable.sc is one of the best vulnerability analytics platforms on the market today. If you are a T.sc customer it can be disappointing not to have your favorite dashboard in T.io. While we wait for T.io to build the same dashboards, you can benefit from using T.io to orchestrate your scans while downloading the data into T.sc and using the reports you're used to in T.sc.

Command options

  • --un TEXT --> T.sc User Name
  • --pw TEXT --> T.sc password
  • --a TEXT --> T.sc Destination Access Key
  • --s TEXT --> T.sc Destination Secret Key
  • --host TEXT --> T.sc IP Address
  • --scanid TEXT --> Limit the Download to one scan ID
  • --repoid TEXT --> T.sc Repository to import the scan data into

Workflow

If you're using navi for your automation you can automate the entire process with a helper script. Here is a below example workflow:

Manual Tasks - Collect necessary data:

  • Navigate to your destination repo and grab the repo ID.
  • navi display creds - Copy Credential UUID
  • navi display scanners - Copy the Scanner ID

In your Automation Script:

  • Create and Start your script
    • navi scan create 192.168.0.9/24 --cred 08028-9239487-9273947-82934 --scanner 120238
  • While scan status is not finished, check status.
  • when navi scan status XXX == "Complete"

Download Scan and import the scan into T.sc

  • navi scan bridge --un admin --pw password --host 192.168.0.10 --scanid XXX --repoid YY

Place script on a cron job or scheduled task to gain complete automation.

Use Case Example

Move Scan IDs 13, 5091 and 5057 from T.io to T.sc at 192.168.1.200 and use repo ID 54.

for scan in 13 5057 5091; do navi scan bridge --un yourusername --pw yourpassword --host 192.168.1.200 --scanid $scan --repoid 54; done
Clone this wiki locally