The Scan Templates API module provides comprehensive functionality for managing scan templates in Rapid7 InsightVM. Scan templates define the configuration for vulnerability scans, including which vulnerability checks to perform, discovery settings, performance parameters, and authentication options.
from rapid7 import InsightVMClient
# Initialize client
client = InsightVMClient()
# List all scan templates
templates = client.scan_templates.list()
for template in templates['resources']:
print(f"{template['name']}: {template['id']}")
# Get specific template details
template = client.scan_templates.get(template_id='full-audit-without-web-spider')
print(f"Template: {template['name']}")
print(f"Checks: {template['checks']['categories']}")
# Create a custom template
template = client.scan_templates.create(
name="Custom Production Template",
description="Template for production asset scanning",
checks={
'categories': ['windows', 'unix', 'malware', 'policy']
}
)
print(f"Created template: {template['id']}")List all available scan templates (both built-in and custom):
templates = client.scan_templates.list()
for template in templates['resources']:
print(f"ID: {template['id']}")
print(f"Name: {template['name']}")
print(f"Description: {template.get('description', 'N/A')}")
print(f"Built-in: {template.get('builtin', False)}")
print("---")Retrieve detailed configuration for a specific scan template:
template = client.scan_templates.get(
template_id='discovery'
)
print(f"Template Name: {template['name']}")
print(f"Description: {template.get('description')}")
print(f"Vulnerability Checks: {template.get('checks', {})}")
print(f"Discovery Settings: {template.get('discovery', {})}")
print(f"Performance: {template.get('performance', {})}")Create a new scan template with custom configuration:
# Create basic template
template = client.scan_templates.create(
name="Custom Production Template",
description="Template for production asset scanning",
checks={
'categories': ['windows', 'unix', 'malware'],
'individual': [],
'unsafe': False
}
)
# Create advanced template with full configuration
template = client.scan_templates.create(
name="Advanced Custom Template",
description="Comprehensive scanning with custom settings",
checks={
'categories': ['windows', 'unix', 'malware', 'policy'],
'individual': ['ssh-weak-algorithms', 'ssl-weak-ciphers'],
'unsafe': False,
'correlate': True
},
discovery={
'asset': {
'ipAddressDiscovery': True,
'collectWhoisInformation': True
},
'service': {
'serviceNameDiscovery': True,
'tcpPorts': {'type': 'well-known'},
'udpPorts': {'type': 'well-known'}
},
'performance': {
'scanDelay': 0,
'packetRate': 'adaptive',
'parallelAssets': 10,
'parallelMinPorts': 0,
'parallelMaxPorts': 0
}
},
enableWindowsServices=True,
enableSNMPCollection=True
)Modify an existing scan template:
# Update template name and description
result = client.scan_templates.update(
template_id='my-custom-template',
name="Updated Template Name",
description="Updated description"
)
# Update vulnerability checks
result = client.scan_templates.update(
template_id='my-custom-template',
checks={
'categories': ['windows', 'unix', 'web'],
'correlate': True
}
)
# Enable unsafe checks (use with caution)
result = client.scan_templates.update(
template_id='my-custom-template',
checks={
'unsafe': True
}
)Remove a custom scan template (built-in templates cannot be deleted):
result = client.scan_templates.delete(template_id='my-custom-template')Retrieve discovery configuration from a template:
discovery = client.scan_templates.get_discovery(
template_id='full-audit'
)
print(f"Asset Discovery: {discovery.get('asset', {})}")
print(f"Service Discovery: {discovery.get('service', {})}")
print(f"Performance: {discovery.get('performance', {})}")Modify discovery configuration for a template:
# Update asset discovery
result = client.scan_templates.update_discovery(
template_id='my-template',
asset={
'ipAddressDiscovery': True,
'collectWhoisInformation': True,
'ipv6Discovery': True
}
)
# Update service discovery
result = client.scan_templates.update_discovery(
template_id='my-template',
service={
'serviceNameDiscovery': True,
'tcpPorts': {'type': 'custom', 'ports': [22, 80, 443, 3389, 8080]},
'udpPorts': {'type': 'well-known'}
}
)
# Update performance settings
result = client.scan_templates.update_discovery(
template_id='my-template',
performance={
'scanDelay': 5,
'packetRate': 'adaptive',
'parallelAssets': 20,
'parallelMinPorts': 0,
'parallelMaxPorts': 0
}
)Retrieve service discovery configuration:
service_discovery = client.scan_templates.get_service_discovery(
template_id='full-audit'
)
print(f"Service Name Discovery: {service_discovery.get('serviceNameDiscovery')}")
print(f"TCP Ports: {service_discovery.get('tcpPorts')}")
print(f"UDP Ports: {service_discovery.get('udpPorts')}")Modify service discovery configuration:
# Well-known ports only
result = client.scan_templates.update_service_discovery(
template_id='my-template',
serviceNameDiscovery=True,
tcpPorts={'type': 'well-known'},
udpPorts={'type': 'well-known'}
)
# Custom port ranges
result = client.scan_templates.update_service_discovery(
template_id='my-template',
serviceNameDiscovery=True,
tcpPorts={
'type': 'custom',
'ports': [22, 80, 443, 3389, 8080, 8443]
},
udpPorts={
'type': 'range',
'start': 1,
'end': 1024
}
)
# All TCP ports (thorough but slow)
result = client.scan_templates.update_service_discovery(
template_id='my-template',
tcpPorts={'type': 'all'}
)Filter templates to show only built-in ones:
builtin_templates = client.scan_templates.get_builtin_templates()
for template in builtin_templates:
print(f"{template['name']}: {template['id']}")Create a copy of an existing template:
# Clone a built-in template
new_template = client.scan_templates.clone_template(
template_id='full-audit',
new_name="My Custom Full Audit",
new_description="Customized full audit template"
)
print(f"Created clone: {new_template['id']}")Set performance parameters for optimal scanning:
# Conservative settings (slower, safer)
result = client.scan_templates.configure_performance(
template_id='my-template',
scan_delay=10,
packet_rate='slow',
parallel_assets=5
)
# Aggressive settings (faster, may impact network)
result = client.scan_templates.configure_performance(
template_id='my-template',
scan_delay=0,
packet_rate='fast',
parallel_assets=50
)
# Adaptive settings (balanced)
result = client.scan_templates.configure_performance(
template_id='my-template',
packet_rate='adaptive',
parallel_assets=20
)Enable specific vulnerability check categories:
# Enable multiple categories
result = client.scan_templates.enable_vulnerability_categories(
template_id='my-template',
categories=['windows', 'unix', 'web', 'database', 'malware', 'policy']
)
# Enable all available categories
result = client.scan_templates.enable_vulnerability_categories(
template_id='my-template',
categories=[
'aix', 'as400', 'bsd', 'cisco', 'cups', 'database',
'db2', 'debian', 'docker', 'f5', 'fortinet', 'hp-ux',
'huawei', 'ibm', 'industrial', 'informix', 'ios', 'juniper',
'linux', 'mac-os', 'mainframe', 'malware', 'microsoft',
'mobile', 'mysql', 'netware', 'office', 'oracle',
'palo-alto', 'policy', 'postgresql', 'printer', 'redhat',
'scada', 'smtp', 'snmp', 'solaris', 'sql-server',
'ssh', 'ssl', 'suse', 'sybase', 'ubuntu', 'unix',
'vmware', 'vpn', 'web', 'windows', 'wireless'
]
)Disable specific vulnerability check categories:
# Disable categories not needed for specific assets
result = client.scan_templates.disable_vulnerability_categories(
template_id='my-template',
categories=['mobile', 'wireless', 'scada', 'industrial']
)Create a template optimized for asset discovery:
# Quick discovery template
template = client.scan_templates.create_discovery_template(
name="Quick Network Discovery",
description="Fast network and service discovery",
collect_whois=True,
service_name_discovery=True,
tcp_ports='well-known',
udp_ports='well-known'
)
# Comprehensive discovery template
template = client.scan_templates.create_discovery_template(
name="Comprehensive Discovery",
description="Thorough asset and service discovery",
collect_whois=True,
ipv6_discovery=True,
service_name_discovery=True,
tcp_ports='all',
udp_ports='custom',
custom_udp_ports=[53, 123, 161, 162, 500]
)Create a template optimized for production environments:
# Clone a built-in template
base_template = client.scan_templates.clone_template(
template_id='full-audit-without-web-spider',
new_name="Production Full Audit",
new_description="Customized for production scanning"
)
template_id = base_template['id']
# Configure conservative performance
client.scan_templates.configure_performance(
template_id=template_id,
scan_delay=5,
packet_rate='adaptive',
parallel_assets=10
)
# Enable relevant checks only
client.scan_templates.enable_vulnerability_categories(
template_id=template_id,
categories=['windows', 'unix', 'linux', 'web', 'database', 'ssl']
)
# Disable intensive checks
client.scan_templates.disable_vulnerability_categories(
template_id=template_id,
categories=['mobile', 'wireless', 'scada', 'industrial']
)
print(f"Production template ready: {template_id}")Create an aggressive template for development environments:
template = client.scan_templates.create(
name="Development Full Scan",
description="Comprehensive scanning for development",
checks={
'categories': ['windows', 'unix', 'web', 'database', 'malware'],
'unsafe': True, # Enable unsafe checks in dev
'correlate': True
}
)
# Configure aggressive performance
client.scan_templates.configure_performance(
template_id=template['id'],
scan_delay=0,
packet_rate='fast',
parallel_assets=50
)Create a template for compliance auditing:
# Start with policy template
template = client.scan_templates.clone_template(
template_id='policy',
new_name="Compliance Audit Template",
new_description="PCI DSS, HIPAA, and CIS compliance"
)
template_id = template['id']
# Enable policy and configuration checks
client.scan_templates.enable_vulnerability_categories(
template_id=template_id,
categories=['policy', 'windows', 'unix', 'ssl', 'database']
)
# Add specific checks
client.scan_templates.update(
template_id=template_id,
checks={
'individual': [
'ssl-weak-ciphers',
'ssl-certificate-expiry',
'ssh-weak-algorithms',
'smb-signing-disabled'
],
'correlate': True
}
)Audit existing templates and optimize:
# Get all custom templates (exclude built-in)
all_templates = client.scan_templates.list()
custom_templates = [
t for t in all_templates['resources']
if not t.get('builtin', False)
]
print(f"Found {len(custom_templates)} custom templates")
for template in custom_templates:
template_id = template['id']
# Get full details
details = client.scan_templates.get(template_id)
print(f"\nTemplate: {details['name']}")
print(f"Categories: {details.get('checks', {}).get('categories', [])}")
# Get discovery settings
discovery = client.scan_templates.get_discovery(template_id)
performance = discovery.get('performance', {})
print(f"Scan Delay: {performance.get('scanDelay', 0)}ms")
print(f"Parallel Assets: {performance.get('parallelAssets', 0)}")
print(f"Packet Rate: {performance.get('packetRate', 'unknown')}")Create a consistent set of templates:
# Define standard templates
standard_templates = {
'production': {
'name': 'Standard Production Scan',
'categories': ['windows', 'unix', 'web', 'ssl'],
'performance': {'scan_delay': 5, 'parallel_assets': 10}
},
'development': {
'name': 'Standard Development Scan',
'categories': ['windows', 'unix', 'web', 'database', 'malware'],
'performance': {'scan_delay': 0, 'parallel_assets': 50}
},
'compliance': {
'name': 'Standard Compliance Scan',
'categories': ['policy', 'windows', 'unix', 'ssl'],
'performance': {'scan_delay': 10, 'parallel_assets': 5}
}
}
# Create each standard template
for key, config in standard_templates.items():
# Create template
template = client.scan_templates.create(
name=config['name'],
description=f"Standard {key} template",
checks={'categories': config['categories']}
)
# Configure performance
client.scan_templates.configure_performance(
template_id=template['id'],
scan_delay=config['performance']['scan_delay'],
parallel_assets=config['performance']['parallel_assets']
)
print(f"Created: {config['name']}")Handle common error scenarios:
from requests.exceptions import HTTPError
try:
template = client.scan_templates.get(template_id='non-existent')
except HTTPError as e:
if e.response.status_code == 404:
print("Template not found")
elif e.response.status_code == 401:
print("Authentication failed")
else:
print(f"Error: {e}")
# Prevent accidental deletion of built-in templates
try:
client.scan_templates.delete(template_id='discovery')
except HTTPError as e:
if e.response.status_code == 400:
print("Cannot delete built-in template"){
"id": "my-custom-template",
"name": "Custom Production Template",
"description": "Template for production asset scanning",
"builtin": false,
"checks": {
"categories": ["windows", "unix", "malware", "policy"],
"individual": ["ssl-weak-ciphers", "ssh-weak-algorithms"],
"unsafe": false,
"correlate": true
},
"discovery": {
"asset": {
"ipAddressDiscovery": true,
"collectWhoisInformation": true,
"ipv6Discovery": false
},
"service": {
"serviceNameDiscovery": true,
"tcpPorts": {"type": "well-known"},
"udpPorts": {"type": "well-known"}
},
"performance": {
"scanDelay": 5,
"packetRate": "adaptive",
"parallelAssets": 10,
"parallelMinPorts": 0,
"parallelMaxPorts": 0
}
},
"enableWindowsServices": true,
"enableSNMPCollection": true,
"links": [
{
"href": "https://hostname:3780/api/3/scan_templates/my-custom-template",
"rel": "self"
}
]
}{
"asset": {
"ipAddressDiscovery": true,
"collectWhoisInformation": true,
"ipv6Discovery": true,
"fingerprintMinimumCertainty": "0.16"
},
"service": {
"serviceNameDiscovery": true,
"tcpPorts": {
"type": "custom",
"ports": [22, 80, 443, 3389, 8080, 8443]
},
"udpPorts": {
"type": "well-known"
}
},
"performance": {
"scanDelay": 0,
"packetRate": "adaptive",
"parallelAssets": 20,
"parallelMinPorts": 0,
"parallelMaxPorts": 0
}
}list(**params)- List all scan templatesget(template_id)- Get template detailscreate(name, description, **kwargs)- Create templateupdate(template_id, **kwargs)- Update templatedelete(template_id)- Delete template
get_discovery(template_id)- Get discovery settingsupdate_discovery(template_id, **settings)- Update discoveryget_service_discovery(template_id)- Get service discoveryupdate_service_discovery(template_id, **settings)- Update service discovery
get_builtin_templates()- Get built-in templatesclone_template(template_id, new_name, new_description)- Clone templateconfigure_performance(template_id, **settings)- Set performanceenable_vulnerability_categories(template_id, categories)- Enable checksdisable_vulnerability_categories(template_id, categories)- Disable checkscreate_discovery_template(name, description, **kwargs)- Create discovery template
- Start with Built-in Templates: Clone and customize rather than creating from scratch
- Test in Development: Validate new templates in dev before production use
- Document Customizations: Clearly describe why custom templates exist
- Regular Reviews: Periodically review and optimize template configurations
- Performance Tuning: Adjust based on network capacity and scanning windows
- Unsafe Checks: Only enable in controlled environments
- Standardization: Create consistent templates across your organization
- Compliance Alignment: Map templates to compliance requirements
Common vulnerability check categories include:
- Operating Systems: windows, unix, linux, redhat, ubuntu, debian, suse, solaris, aix, bsd, hp-ux, mac-os
- Network Devices: cisco, juniper, f5, fortinet, palo-alto, huawei
- Databases: database, mysql, postgresql, oracle, sql-server, db2, sybase, informix
- Applications: web, office, cups, smtp, snmp, ssh, ssl, vpn
- Specialized: malware, policy, scada, industrial, mobile, wireless, docker, vmware, printer
Port scanning can be configured with these options:
- well-known: Ports 1-1024 (fast, covers common services)
- all: All ports 1-65535 (thorough but slow)
- custom: Specific list of ports
- range: Port range (start to end)
- none: No port scanning
0: No delay (fastest, may impact network)5: Small delay (balanced)10+: Conservative (slower, network-friendly)
slow: ~1 packet/sec (very conservative)adaptive: Adjusts based on network response (recommended)fast: Maximum speed (use with caution)
1-5: Conservative (slower scans)10-20: Balanced (recommended)50+: Aggressive (requires adequate resources)
- Scans API Documentation - Running scans with templates
- Sites API Documentation - Assigning templates to sites
- Scan Engines API Documentation - Managing scan engines
- API Reference - Complete API documentation