-
Notifications
You must be signed in to change notification settings - Fork 26
"update" command
Since Tenable.io has a workbench API limit of 5000 assets, navi downloads all of the vulnerability, asset and compliance data into a local SQLite database to enable more powerful queries and use cases.
All Vulns(30 days) and All Assets(90 days) are downloaded into a SQLite database named navi.db in the current directory after running the "navi upate full" command. Compliance data will need to be downloaded separately as it is not apart of the "navi update full" process.
The data will not be updated until you run the update command. Keep this in mind when adding elements to Tenable.io like Tags.
navi update full
Alternatively you can select which export you want to update. This is helpful when updating tags for instance; rather than doing an "navi update full" you can specify the assets table be updated which contain the tag relationships:
navi update assets
navi update vulns
navi update compliance
navi update was
Furthermore, you can limit how much data is downloaded by using the --days command
navi update assets --days 2
You can even specify your export id.
navi update vulns --exid 123456-987654-asdfgh-jklopi-ididis
You can also control the amount of threads used for downloads (1-10) The Default thread value is 10.
navi update compliance --threads 4
Keep in mind that you are downloading very sensitive data. It is recommended to harden and use encryption on the host that navi is running on. Alternatively, you can use docker as a deployment method which will destroy after you're finished.
By Default, navi points to https://cloud.tenable.com and all other commands append endpoints to this base URL. Since Tenable created a FedCloud version of Tenable.io the ability to change the base URL was added after 6.8.1.
navi update url "https://fedcloud.tenable.com"