Looking through the API documentation I cannot find a way to edit our policies through the API. The only things it seems it allows me to do is pull information with the GET command. Please let me know if it is possible to edit our policies with the API.
The API does not support editing/creating new policies . I’m not sure if we have any plans to add those capabilities in the future, but I’ll definitely pass that along internally.
One thing that I’ll add though, if you’re using custom policies you may be able to modify the policy XML locally to configure it to suit your needs. You can export the policy XML from the policy editor in InsightVM and could then upload it with the edits.
We are sort of experiencing issues downloading the xml files we created for a custom policy. Below is the error we are experiencing. Any suggestions? We are trying to add L2 checks to a custom policy based off of L1. The L1 does not have a sub category that we need to add from the L2 checks. We need to add 8.5 sub category to a policy that has the category 8 but not 8.5. If you need any more detail happy to share.
@jacob_horning, could you post the full file name? I wonder it’s being generated on our end in a way that is valid for *nix systems but not for Windows.
@tyler_schmidtke Thank you again for helping with renaming those files.
When we download custom policies there is only one xml file in the zip folder. When we download existing policies in the zip folder there our 4 total files. We are looking to add a few more categories from the existing policy to our custom policy. Any suggestions?
I can’t say that I have any experience with creating/editing them (outside the editor). I just know that they’re XML so they could be programmatically modified. I did some quick digging and found the schema files for the XCCDF format which these policies are in: https://csrc.nist.gov/Projects/Security-Content-Automation-Protocol/Specifications/xccdf#resource-1.1.4
Additionally, it looks like MITRE has some open source tooling that might help with converting them to an easier to work with format and then back to the XCCDF XML: https://inspec-tools.mitre.org/
In particular the
inspec2xccdf commands stood out to me. Hope that proves helpful. Sorry that I can’t provide more specific help.