Host Finding
This documentation is currently outdated and in the process of being updated. This documentation is provided as a temporary reference to various API endpoints and output. This warning will be at the top of each outdated page. As the documentation is updated, this warning will be removed.
Creating a Host Finding
Create host finding.
API Call: POST/client/{clientId}/hostFinding
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user role that can create a host finding is:
- Manager
API Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample create_hostFinding Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"hostId\": [ <HOSTID>, <HOSTID> ], \"assessmentId\": <ASSESSMENTID>, \"severity\": <SEVERITY>, \"sourceId\": \"<SOURCEID>\", \"scannerUuid\": \"<SCANNERUUID>\", \"title\": \"<TITLE>\", \"type\": \"<TYPE>\", \"description\": \"<DESCRIPTION>\", \"solution\": \"<SOLUTION>\", \"synopsis\": \"S<SYNOPSIS>\", \"service\": { \"portNumber\": <PORTNUMBER>, \"name\": \"<PORTNAME>\" }, \"cveId\": \"<CVEID>\", \"cveIds\": [ \"<CVEIDS>\", \"<CVEIDS>\" ]}"
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
HOSTID | Host ID number. | |
ASSESSMENTID | Assessment ID number. | |
SEVERITY | Host finding severity. | |
SOURCEID | Source ID. | |
SCANNERUUID | Scanner UUID. | |
TITLE | Host finding title. | |
TYPE | Type of host finding. | |
DESCRIPTION | Host finding description. | |
SOLUTION | Host finding solution. | |
SYNOPSIS | Host finding synopsis. | |
PORTNUMBER | Port number | |
PORTNAME | Port name. | |
CVEID | CVE ID. | |
CVEIDS | CVE IDs. |
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
201 | Success |
201 Sample Response
{
"id": 0,
"created": "2019-09-23T10:02:19.711Z"
}
Code | Description |
---|---|
400 | User Error |
{
"status": 0,
"path": "string",
"errors": [
{
"field": "string",
"code": "string"
}
]
}
Code | Description |
---|---|
401 | Unauthorized |
409 | Conflict |
Updating a Host Finding
API Call: PUT/client/{clientId}/hostFinding/{hostFindingId}
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<HOSTFINDINGID>
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
HOSTFINDINGID | Host finding ID number. |
User Roles
The user role that can update a host finding is:
- Manager
Python
Python Sample update_hostFinding Snippet
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
hostfinding_id = <INSERT HOST FINDING ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"title": "Example Title",
"description": "Example Description",
"solution": "Example Solution",
"synopsis": "Example Synopsis"
}
url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/" + str(hostfinding_id)
response = requests.put(url, headers=header, data=json.dumps(body))
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample update_hostFinding Snippet
curl -X PUT "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<HOSTFINDINGID>"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"title\": \"<TITLE>\", \"description\": \"<DESCRIPTION>\", \"solution\": \"<SOLUTION>\", \"synopsis\": \"<SYNOPSIS>\"}"
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
TITLE | Host finding title. | |
DESCRIPTION | Host finding description. | |
SOLUTION | Host finding solution. | |
SYNOPSIS | Host finding synopsis. |
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
201 | Success |
201 Sample Response
{
"id": 0,
"created": "2019-09-23T19:12:41.243Z"
}
Code | Description |
---|---|
400 | User Error |
400 Sample Response
{
"status": 0,
"path": "string",
"errors": [
{
"field": "string",
"code": "string"
}
]
}
Code | Description |
---|---|
401 | User Error |
403 | Forbidden |
404 | Not Found |
Listing Host Finding Projections and Their Models
API Call: GET/client/{clientId}/hostFinding/model
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/model
URL Parameters
Name | Description | Notes |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
Python
Python Sample hostFinding_projection Snippet
import requests
platform = 'http://platform<PLATFORM>.risksense.com'
api_key = '<APIKEY>'
client_id = <CLIENTID>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/model"
response = requests.get(url, headers=header)
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample hostFinding_projection Snippet
curl -X GET "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/model"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
Response Parameters
Sample Response
{
"subject": "hostFinding",
"projections": [
{
"name": "basic",
"fields": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "title",
"type": "string",
"nested": []
},
{
"field": "risk",
"type": "double",
"nested": []
},
{
"field": "severity",
"type": "double",
"nested": []
},
{
"field": "xrs3Impact",
"type": "Object",
"nested": []
},
{
"field": "xrs3ImpactOnCategory",
"type": "Object",
"nested": []
},
{
"field": "scannerReported",
"type": "string",
"nested": []
},
{
"field": "cvssV2",
"type": "double",
"nested": []
},
{
"field": "cvssV3",
"type": "double",
"nested": []
},
{
"field": "state",
"type": "string",
"nested": []
},
{
"field": "status",
"type": "string",
"nested": []
},
{
"field": "groupId",
"type": "int",
"nested": []
},
{
"field": "portId",
"type": "int",
"nested": []
},
{
"field": "hostname",
"type": "string",
"nested": []
},
{
"field": "ip",
"type": "string",
"nested": []
},
{
"field": "criticality",
"type": "int",
"nested": []
},
{
"field": "isExternal",
"type": "boolean",
"nested": []
},
{
"field": "lastFoundOn",
"type": "string",
"nested": []
},
{
"field": "discoveredOn",
"type": "string",
"nested": []
},
{
"field": "resolvedOn",
"type": "string",
"nested": []
}
]
},
{
"name": "detail",
"fields": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "source",
"type": "string",
"nested": []
},
{
"field": "sourceId",
"type": "string",
"nested": []
},
{
"field": "title",
"type": "string",
"nested": []
},
{
"field": "port",
"type": "int",
"nested": []
},
{
"field": "description",
"type": "string",
"nested": []
},
{
"field": "services",
"type": "string",
"nested": []
},
{
"field": "group",
"type": "EmbeddedGroup",
"nested": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "name",
"type": "string",
"nested": []
}
]
},
{
"field": "host",
"type": "EmbeddedHost",
"nested": [
{
"field": "hostId",
"type": "int",
"nested": []
},
{
"field": "hostName",
"type": "string",
"nested": []
},
{
"field": "ipAddress",
"type": "string",
"nested": []
},
{
"field": "criticality",
"type": "int",
"nested": []
},
{
"field": "external",
"type": "boolean",
"nested": []
},
{
"field": "ports",
"type": "HostPort",
"nested": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "number",
"type": "int",
"nested": []
}
]
}
]
},
{
"field": "network",
"type": "EmbeddedNetwork",
"nested": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "name",
"type": "string",
"nested": []
},
{
"field": "type",
"type": "string",
"nested": []
}
]
},
{
"field": "statusEmbedded",
"type": "EmbeddedStatus",
"nested": [
{
"field": "state",
"type": "string",
"nested": []
},
{
"field": "stateName",
"type": "string",
"nested": []
},
{
"field": "stateDescription",
"type": "string",
"nested": []
},
{
"field": "status",
"type": "boolean",
"nested": []
},
{
"field": "userIds",
"type": "int[]",
"nested": []
},
{
"field": "durationInDays",
"type": "string",
"nested": []
},
{
"field": "dueDate",
"type": "string",
"nested": []
},
{
"field": "expirationDate",
"type": "string",
"nested": []
}
]
},
{
"field": "assessments",
"type": "EmbeddedAssessment",
"nested": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "name",
"type": "string",
"nested": []
},
{
"field": "date",
"type": "string",
"nested": []
}
]
},
{
"field": "assignments",
"type": "EmbeddedUserDetail",
"nested": [
{
"field": "firstName",
"type": "string",
"nested": []
},
{
"field": "lastName",
"type": "string",
"nested": []
},
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "receiveEmails",
"type": "boolean",
"nested": []
},
{
"field": "email",
"type": "string",
"nested": []
},
{
"field": "username",
"type": "string",
"nested": []
}
]
},
{
"field": "vulnerabilities",
"type": "EmbeddedVulnerabilities",
"nested": [
{
"field": "vulnInfoList",
"type": "EmbeddedVulnerability",
"nested": [
{
"field": "cve",
"type": "string",
"nested": []
},
{
"field": "baseScore",
"type": "double",
"nested": []
},
{
"field": "threatCount",
"type": "int",
"nested": []
},
{
"field": "summary",
"type": "string",
"nested": []
},
{
"field": "attackVector",
"type": "string",
"nested": []
},
{
"field": "accessComplexity",
"type": "string",
"nested": []
},
{
"field": "authentication",
"type": "string",
"nested": []
},
{
"field": "confidentialityImpact",
"type": "string",
"nested": []
},
{
"field": "integrity",
"type": "string",
"nested": []
},
{
"field": "availabilityImpact",
"type": "string",
"nested": []
},
{
"field": "trending",
"type": "boolean",
"nested": []
},
{
"field": "vulnLastTrendingOn",
"type": "string",
"nested": []
}
]
},
{
"field": "vulnLastTrendingOn",
"type": "string",
"nested": []
},
{
"field": "trending",
"type": "boolean",
"nested": []
}
]
},
{
"field": "vulnerabilitiesWithV3",
"type": "EmbeddedVulnerabilityV3",
"nested": [
{
"field": "cve",
"type": "string",
"nested": []
},
{
"field": "baseScore",
"type": "double",
"nested": []
},
{
"field": "threatCount",
"type": "int",
"nested": []
},
{
"field": "summary",
"type": "string",
"nested": []
},
{
"field": "attackVector",
"type": "string",
"nested": []
},
{
"field": "attackComplexity",
"type": "string",
"nested": []
},
{
"field": "privilegesRequired",
"type": "string",
"nested": []
},
{
"field": "userInteraction",
"type": "string",
"nested": []
},
{
"field": "scope",
"type": "string",
"nested": []
},
{
"field": "confidentialityImpact",
"type": "string",
"nested": []
},
{
"field": "integrityImpact",
"type": "string",
"nested": []
},
{
"field": "availabilityImpact",
"type": "string",
"nested": []
}
]
},
{
"field": "threats",
"type": "EmbeddedThreats",
"nested": [
{
"field": "manualExploits",
"type": "EmbeddedManualExploit",
"nested": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "title",
"type": "string",
"nested": []
},
{
"field": "label",
"type": "string",
"nested": []
},
{
"field": "pii",
"type": "string",
"nested": []
},
{
"field": "description",
"type": "string",
"nested": []
},
{
"field": "source",
"type": "string",
"nested": []
},
{
"field": "isManualExploit",
"type": "boolean",
"nested": []
},
{
"field": "easeOfExploit",
"type": "string",
"nested": []
}
]
},
{
"field": "threats",
"type": "EmbeddedThreat",
"nested": [
{
"field": "title",
"type": "string",
"nested": []
},
{
"field": "category",
"type": "string",
"nested": []
},
{
"field": "severity",
"type": "string",
"nested": []
},
{
"field": "description",
"type": "string",
"nested": []
},
{
"field": "details",
"type": "string",
"nested": []
},
{
"field": "cves",
"type": "string",
"nested": []
},
{
"field": "source",
"type": "string",
"nested": []
},
{
"field": "published",
"type": "string",
"nested": []
},
{
"field": "updated",
"type": "string",
"nested": []
},
{
"field": "threatLastTrendingOn",
"type": "string",
"nested": []
},
{
"field": "trending",
"type": "boolean",
"nested": []
}
]
},
{
"field": "threatLastTrendingOn",
"type": "string",
"nested": []
},
{
"field": "trending",
"type": "boolean",
"nested": []
}
]
},
{
"field": "manualFindingReports",
"type": "EmbeddedManualExploit",
"nested": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "title",
"type": "string",
"nested": []
},
{
"field": "label",
"type": "string",
"nested": []
},
{
"field": "pii",
"type": "string",
"nested": []
},
{
"field": "description",
"type": "string",
"nested": []
},
{
"field": "source",
"type": "string",
"nested": []
},
{
"field": "isManualExploit",
"type": "boolean",
"nested": []
},
{
"field": "easeOfExploit",
"type": "string",
"nested": []
}
]
},
{
"field": "solution",
"type": "string",
"nested": []
},
{
"field": "patches",
"type": "EmbeddedPatch",
"nested": [
{
"field": "name",
"type": "string",
"nested": []
},
{
"field": "url",
"type": "string",
"nested": []
}
]
},
{
"field": "tags",
"type": "EmbeddedTag",
"nested": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "name",
"type": "string",
"nested": []
},
{
"field": "category",
"type": "string",
"nested": []
},
{
"field": "description",
"type": "string",
"nested": []
},
{
"field": "created",
"type": "string",
"nested": []
},
{
"field": "updated",
"type": "string",
"nested": []
},
{
"field": "color",
"type": "string",
"nested": []
}
]
},
{
"field": "tagsAsset",
"type": "EmbeddedTag",
"nested": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "name",
"type": "string",
"nested": []
},
{
"field": "category",
"type": "string",
"nested": []
},
{
"field": "description",
"type": "string",
"nested": []
},
{
"field": "created",
"type": "string",
"nested": []
},
{
"field": "updated",
"type": "string",
"nested": []
},
{
"field": "color",
"type": "string",
"nested": []
}
]
},
{
"field": "tickets",
"type": "EmbeddedTicket",
"nested": [
{
"field": "ticketNumber",
"type": "string",
"nested": []
},
{
"field": "ticketStatus",
"type": "string",
"nested": []
},
{
"field": "deepLink",
"type": "string",
"nested": []
},
{
"field": "type",
"type": "string",
"nested": []
},
{
"field": "connectorName",
"type": "string",
"nested": []
},
{
"field": "detailedStatus",
"type": "string",
"nested": []
}
]
},
{
"field": "notes",
"type": "EmbeddedNote",
"nested": [
{
"field": "user",
"type": "EmbeddedUser",
"nested": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "name",
"type": "string",
"nested": []
}
]
},
{
"field": "note",
"type": "string",
"nested": []
},
{
"field": "date",
"type": "string",
"nested": []
}
]
},
{
"field": "authScanDetail",
"type": "EmbeddedAuthScanDetail",
"nested": [
{
"field": "testStatus",
"type": "string",
"nested": []
},
{
"field": "technology",
"type": "string",
"nested": []
}
]
},
{
"field": "authScanHistory",
"type": "EmbeddedAuthScanHistory",
"nested": [
{
"field": "assessmentId",
"type": "int",
"nested": []
},
{
"field": "testStatus",
"type": "string",
"nested": []
},
{
"field": "scanDate",
"type": "string",
"nested": []
}
]
},
{
"field": "output",
"type": "string",
"nested": []
},
{
"field": "severity",
"type": "double",
"nested": []
},
{
"field": "severityEmbedded",
"type": "EmbeddedSeverityHost",
"nested": [
{
"field": "combined",
"type": "double",
"nested": []
},
{
"field": "overridden",
"type": "boolean",
"nested": []
},
{
"field": "scanner",
"type": "string",
"nested": []
},
{
"field": "cvssV2",
"type": "double",
"nested": []
},
{
"field": "cvssV3",
"type": "double",
"nested": []
},
{
"field": "aggregated",
"type": "double",
"nested": []
},
{
"field": "state",
"type": "string",
"nested": []
},
{
"field": "stateName",
"type": "string",
"nested": []
},
{
"field": "expirationDate",
"type": "string",
"nested": []
}
]
},
{
"field": "riskRating",
"type": "double",
"nested": []
},
{
"field": "xrs3Impact",
"type": "Object",
"nested": []
},
{
"field": "xrs3ImpactOnCategory",
"type": "Object",
"nested": []
},
{
"field": "lastFoundOn",
"type": "string",
"nested": []
},
{
"field": "discoveredOn",
"type": "string",
"nested": []
},
{
"field": "resolvedOn",
"type": "string",
"nested": []
},
{
"field": "scannerName",
"type": "string",
"nested": []
},
{
"field": "findingType",
"type": "string",
"nested": []
},
{
"field": "machineId",
"type": "string",
"nested": []
},
{
"field": "detailedDescription",
"type": "string",
"nested": []
},
{
"field": "detailedSolution",
"type": "string",
"nested": []
},
{
"field": "cloudSecurityGroups",
"type": "EmbeddedCloudScannerGroupsModel",
"nested": [
{
"field": "groupId",
"type": "string",
"nested": []
},
{
"field": "groupName",
"type": "string",
"nested": []
}
]
},
{
"field": "cloudScalingGroups",
"type": "EmbeddedCloudScannerGroupsModel",
"nested": [
{
"field": "groupId",
"type": "string",
"nested": []
},
{
"field": "groupName",
"type": "string",
"nested": []
}
]
},
{
"field": "scannerPluginStatus",
"type": "string",
"nested": []
},
{
"field": "additionalInfo",
"type": "JsonNode",
"nested": []
}
]
}
]
}
HTTP Status Codes
Code | Description |
---|---|
200 | Ok |
200 Sample Response
{
"projections": [
{
"name": "basic",
"fields": [
{
"field": "id",
"type": "integer"
},
{
"field": "name",
"type": "string"
}
]
}
]
}
Code | Description |
---|---|
401 | Unauthorized |
404 | Not Found |
List Filterable Host Finding Fields
Displays the fields that the search endpoint can filter by.
API Call: GET/client/{clientId}/hostFinding/filter
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/filter
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can list host finding fields that can be filtered by are:
- Manager
- Group Manager
- User
Python
Python Sample list_hostFindingFields Snippet
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/filter"
response = requests.get(url, headers=header)
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample list_hostFindingFields Snippet
curl -X GET "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/filter"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
Make sure to replace the option values here with your own option values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
Response Parameters
Sample Response
[
{
"name": "Assessment",
"legacyUid": "assessment_labels",
"uid": "assessment_labels",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by one or more assessments."
},
{
"name": "Asset Tag",
"legacyUid": "asset_tags",
"uid": "asset_tags",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by the tag(s) applied to the host(s) of the vulnerabilities."
},
{
"name": "Assigned To",
"legacyUid": "assignments",
"uid": "assignments",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by user assigned to remediate."
},
{
"name": "CVE",
"legacyUid": "cves",
"uid": "cves",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by associated CVE(s)."
},
{
"name": "CVSS v2",
"legacyUid": "cvss2BaseScore",
"uid": "cvss2BaseScore",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "double",
"description": "Filters vulnerabilities by numerical CVSS v2 score."
},
{
"name": "CVSS v2 Access Complexity",
"legacyUid": "cvss2BaseAC",
"uid": "cvss2BaseAC",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v2 access complexity."
},
{
"name": "CVSS v2 Attack Vector",
"legacyUid": "cvss2BaseAV",
"uid": "cvss2BaseAV",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v2 attack vector."
},
{
"name": "CVSS v2 Authentication",
"legacyUid": "cvss2BaseAu",
"uid": "cvss2BaseAu",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v2 authentication."
},
{
"name": "CVSS v2 Availability Impact",
"legacyUid": "cvss2BaseAI",
"uid": "cvss2BaseAI",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v2 availability impact."
},
{
"name": "CVSS v2 Confidentiality Impact",
"legacyUid": "cvss2BaseCI",
"uid": "cvss2BaseCI",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v2 confidentiality impact."
},
{
"name": "CVSS v2 Integrity",
"legacyUid": "cvss2BaseII",
"uid": "cvss2BaseII",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v2 integrity."
},
{
"name": "CVSS v3",
"legacyUid": "cvss3BaseScore",
"uid": "cvss3BaseScore",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "double",
"description": "Filters vulnerabilities by numerical CVSS v3 score."
},
{
"name": "CVSS v3 Attack Complexity",
"legacyUid": "cvss3BaseAC",
"uid": "cvss3BaseAC",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v3 attack complexity."
},
{
"name": "CVSS v3 Attack Vector",
"legacyUid": "cvss3BaseAV",
"uid": "cvss3BaseAV",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v3 attack vector."
},
{
"name": "CVSS v3 Availability",
"legacyUid": "cvss3BaseA",
"uid": "cvss3BaseA",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v3 availability."
},
{
"name": "CVSS v3 Confidentiality Impact",
"legacyUid": "cvss3BaseC",
"uid": "cvss3BaseC",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v3 confidentiality impact."
},
{
"name": "CVSS v3 Integrity Impact",
"legacyUid": "cvss3BaseI",
"uid": "cvss3BaseI",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v3 integrity impact."
},
{
"name": "CVSS v3 Privleges Required",
"legacyUid": "cvss3BasePR",
"uid": "cvss3BasePR",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v3 privleges required."
},
{
"name": "CVSS v3 Scope",
"legacyUid": "cvss3BaseS",
"uid": "cvss3BaseS",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v3 scope."
},
{
"name": "CVSS v3 User Interaction",
"legacyUid": "cvss3BaseUI",
"uid": "cvss3BaseUI",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by CVSS v3 user interaction."
},
{
"name": "Criticality",
"legacyUid": "criticality",
"uid": "criticality",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by criticality"
},
{
"name": "Criticality State",
"legacyUid": "criticality_state",
"uid": "criticality_state",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by criticality state"
},
{
"name": "Cve Publish Dates",
"legacyUid": "cve_publish_dates",
"uid": "cve_publish_dates",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD",
"RANGE",
"GREATER",
"LESSER"
],
"type": "string",
"description": "Filters by Cve Publish Date."
},
{
"name": "Discovered On",
"legacyUid": "discovered_dates",
"uid": "discovered_dates",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD",
"RANGE"
],
"type": "string",
"description": "Filters vulnerabilities by discovered date."
},
{
"name": "Due Date",
"legacyUid": "due_dates",
"uid": "due_dates",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "string",
"description": "Filters vulnerabilities by assigned remediation date due."
},
{
"name": "Exploit",
"legacyUid": "exploits",
"uid": "exploits",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by exploit name(s)."
},
{
"name": "Exploit Category",
"legacyUid": "exploit_categories",
"uid": "exploit_categories",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by exploit category."
},
{
"name": "Finding Type",
"legacyUid": "finding_type",
"uid": "finding_type",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by finding type."
},
{
"name": "Group",
"legacyUid": "group_name",
"uid": "groupName",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities within selected group(s)."
},
{
"name": "Group ID",
"legacyUid": "groups_id",
"uid": "groupIds",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities within selected group IDs."
},
{
"name": "Has CVE",
"legacyUid": "has_cves",
"uid": "has_cves",
"operators": [
"EXACT"
],
"type": "string",
"description": "Filters vulnerabilities that have CVE"
},
{
"name": "Has Cve Publish Dates",
"legacyUid": "has_cve_publish_dates",
"uid": "has_cve_publish_dates",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters vulnerabilities that has a Cve publish dates."
},
{
"name": "Has Default Credentials",
"legacyUid": "has_default_credentials",
"uid": "has_default_credentials",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters vulnerabilities by CVEs associated with using default credentials."
},
{
"name": "Has Exploit",
"legacyUid": "has_exploit",
"uid": "has_exploit",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters vulnerabilities that have a known exploit in the wild."
},
{
"name": "Has Malware",
"legacyUid": "has_malware",
"uid": "has_malware",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters vulnerabilities that have known malware in the wild."
},
{
"name": "Has Manual Exploit",
"legacyUid": "has_manual_exploit",
"uid": "has_manual_exploit",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters vulnerabilities by manually verified exploit."
},
{
"name": "Has Note",
"legacyUid": "has_note",
"uid": "has_note",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters Host Findings that have an associated note."
},
{
"name": "Has Privilege Escalation Exploit",
"legacyUid": "has_pe",
"uid": "has_pe",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters vulnerabilities that have an exploit that can escalate privilege."
},
{
"name": "Has Remote Code Execution Exploit",
"legacyUid": "has_rce",
"uid": "has_rce",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters vulnerabilities that have an exploit that can remotely execute code."
},
{
"name": "Has Threat",
"legacyUid": "has_threat",
"uid": "has_threat",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters vulnerabilities that have a known threat in the wild."
},
{
"name": "Has Ticket",
"legacyUid": "HAS_CONNECTOR_TICKET",
"uid": "HAS_CONNECTOR_TICKET",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Does the tag have a ticket"
},
{
"name": "Host ID",
"legacyUid": "host_id",
"uid": "hostId",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by host ID."
},
{
"name": "Host Name",
"legacyUid": "host_name",
"uid": "hostName",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by host name."
},
{
"name": "IP Address",
"legacyUid": "address",
"uid": "ipAddress",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD",
"CIDR"
],
"type": "string",
"description": "Filters vulnerabilities by host IP address."
},
{
"name": "IP Address Type",
"legacyUid": "ip_address_type",
"uid": "ip_address_type",
"operators": [
"EXACT"
],
"type": "string",
"description": "Filters vulnerabilities by the range their hosts ip address falls in."
},
{
"name": "Id",
"legacyUid": "id",
"uid": "id",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": ""
},
{
"name": "Last Found On",
"legacyUid": "lastFoundOn",
"uid": "lastFoundOn",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD",
"RANGE"
],
"type": "string",
"description": ""
},
{
"name": "Malware",
"legacyUid": "malware",
"uid": "malware",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by malware name(s)."
},
{
"name": "Manual Exploit",
"legacyUid": "manual_exploits",
"uid": "manual_exploits",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by name(s) of manual exploits added by a penetration tester."
},
{
"name": "Manual Finding Report",
"legacyUid": "manual_finding_reports",
"uid": "manual_finding_reports",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by name(s) of manual finding reports added by a penetration tester."
},
{
"name": "Manual Finding Report Type",
"legacyUid": "manual_finding_report_types",
"uid": "manual_finding_report_types",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters Host Findings by the type of manual finding reports associated with it"
},
{
"name": "Netbios",
"legacyUid": "netbios",
"uid": "netbios",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filter by host netbios"
},
{
"name": "Network",
"legacyUid": "network_partition_name",
"uid": "network.name",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by the name of the network partition they belong to."
},
{
"name": "Network Type",
"legacyUid": "network_partition_type",
"uid": "network_partition_type",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by the type of network partition they belong to."
},
{
"name": "OS Class",
"legacyUid": "os_class",
"uid": "operatingSystem.class",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by operating system class (generally describes operating system hardware)"
},
{
"name": "OS Family",
"legacyUid": "os_family",
"uid": "operatingSystem.family",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by operating system family (such as 'Linux' or 'Windows')."
},
{
"name": "OS Vendor",
"legacyUid": "os_vendor",
"uid": "operatingSystem.vendor",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by operating system vendor (such as 'Microsoft' or Cisco')."
},
{
"name": "Operating System",
"legacyUid": "os_name",
"uid": "operatingSystem.name",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by host's operating system."
},
{
"name": "Owner",
"legacyUid": "owner",
"uid": "owner",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filter by asset Owner"
},
{
"name": "Past Due",
"legacyUid": "past_due",
"uid": "past_due",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters unmediated vulnerabilities by due date."
},
{
"name": "Patch ID",
"legacyUid": "source_patch_ids",
"uid": "source_patch_ids",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters Host Findings by Patch ID"
},
{
"name": "PolicyCompliance:Actual Result",
"legacyUid": "actual_result",
"uid": "actual_result",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by actual result."
},
{
"name": "PolicyCompliance:Expected Result",
"legacyUid": "expected_result",
"uid": "expected_result",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by expected result."
},
{
"name": "PolicyCompliance:Technology",
"legacyUid": "technology",
"uid": "technology",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by technology."
},
{
"name": "PolicyCompliance:Test Status",
"legacyUid": "test_status",
"uid": "test_status",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by test status."
},
{
"name": "Port",
"legacyUid": "port_number",
"uid": "port",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "string",
"description": "Filters vulnerabilities by associated port(s)."
},
{
"name": "Reported Scan Time",
"legacyUid": "reported_scan_time",
"uid": "lastScanTime",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "date",
"description": "Filter by asset's last reported scan time."
},
{
"name": "Resolved On",
"legacyUid": "resolved_on",
"uid": "resolved_on",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD",
"RANGE"
],
"type": "string",
"description": "Filters vulnerabilities by remediation date."
},
{
"name": "Risk Rating",
"legacyUid": "riskRating",
"uid": "riskRating",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "double",
"description": "Filters by risk rating."
},
{
"name": "Scanner Name",
"legacyUid": "scanner_name",
"uid": "scanner_name",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by scanner name(s)."
},
{
"name": "Scanner Output",
"legacyUid": "output",
"uid": "output",
"operators": [
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters Host Findings by the output reported by the scanner."
},
{
"name": "Scanner Plugin",
"legacyUid": "found_by_id",
"uid": "found_by_id",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by scanner plugin ID."
},
{
"name": "Scanner Plugin Status",
"legacyUid": "scanner_plugin_status",
"uid": "scanner_plugin_status",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by scanner plugin status"
},
{
"name": "Scanner UUID",
"legacyUid": "found_by",
"uid": "source",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by scanner uuid(s)."
},
{
"name": "Service",
"legacyUid": "service_names",
"uid": "service_names",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by associated name of service."
},
{
"name": "Severity",
"legacyUid": "severity",
"uid": "severity",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "double",
"description": "Filters vulnerabilities by risk association."
},
{
"name": "Severity Group",
"legacyUid": "severity_group",
"uid": "severity_group",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters vulnerabilities by severity group (high, medium and low)."
},
{
"name": "Severity Update State",
"legacyUid": "severity_update_state",
"uid": "severity_update_state",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters Host Findings by severity update state."
},
{
"name": "State",
"legacyUid": "states",
"uid": "state",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by current state (unassigned, assigned, review by scan, reviewed, false positive, accepted, awaiting acceptance or reworked)."
},
{
"name": "Status",
"legacyUid": "generic_state",
"uid": "generic_state",
"operators": [
"EXACT"
],
"type": "string",
"description": "Filter vulnerabilities by open/close status."
},
{
"name": "Tag",
"legacyUid": "tags",
"uid": "tags",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by tag(s)."
},
{
"name": "Tag Connector ID",
"legacyUid": "TAG_CONNECTOR_ID",
"uid": "TAG_CONNECTOR_ID",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Tag Connector ID"
},
{
"name": "Tag Connector Name",
"legacyUid": "TAG_CONNECTOR_NAME",
"uid": "TAG_CONNECTOR_NAME",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Name of the Connector associated with the tag"
},
{
"name": "Threat",
"legacyUid": "threats",
"uid": "threats",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by the name of the threat."
},
{
"name": "Threat Category",
"legacyUid": "threat_categories",
"uid": "threat_categories",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by the threat category."
},
{
"name": "Ticket ID",
"legacyUid": "TICKET_ID",
"uid": "TICKET_ID",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Ticket ID"
},
{
"name": "Ticket Status",
"legacyUid": "TICKET_STATUS",
"uid": "TICKET_STATUS",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "status of ticket"
},
{
"name": "Title",
"legacyUid": "titles",
"uid": "titles",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by title."
},
{
"name": "Trending Threats",
"legacyUid": "threatLastTrendingOn",
"uid": "threatLastTrendingOn",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD",
"RANGE",
"GREATER",
"LESSER"
],
"type": "string",
"description": "Filters by Threat Trending date."
},
{
"name": "Trending Vulnerabilities",
"legacyUid": "vulnLastTrendingOn",
"uid": "vulnLastTrendingOn",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD",
"RANGE",
"GREATER",
"LESSER"
],
"type": "string",
"description": "Filters by Vulnerability Trending date."
},
{
"name": "Unique ID",
"legacyUid": "unique_id",
"uid": "unique_id",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters vulnerabilities by unique ID(s)."
}
]
HTTP Status Codes
Code | Description |
---|---|
200 | OK |
200 Sample Response
[
{
"name": "id",
"uid": "id",
"operator": [
"EXACT",
"IN"
],
"type": "integer",
"description": "The id"
}
]
Code | Description |
---|---|
401 | Unauthorized |
404 | Not Found |
Suggesting Filter Values for Host Finding Filtering
Displays suggested filter values when filtering host unique findings.
API Call: GET/client/{clientId}/hostFinding/filter
URL: https://platform<#>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/filter
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can view suggested filter values for host findings are:
- Manager
- Group Manager
- User
Python
Python Sample filter_hostFindingvalues Snippet
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filters": [
{
"field": "id",
"exclusive": True,
"operator": "IN",
"value": "1,2,3,4"
}
],
"filter": {
"field": "id",
"exclusive": False,
"operator": "IN",
"value": ""
}
}
url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/suggest"
response = requests.post(url, headers=header, data=json.dumps(body))
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample filter_hostFindingvalues Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/suggest"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ], \"filter\": { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" }}"
Make sure to replace the option values here with your own option values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
FIELD | Filter field. | string
|
EXCLUSIVE | Exclusive. | boolean Options: True, False |
OPERATOR | Search operator. | Depends on value. |
VALUE | Search value. | string
|
Response Parameters
Sample Response
[
{
"key": "<KEY>",
"count": <COUNT>
}
]
Name | Description | Additional Information |
---|---|---|
KEY | Value for the field the suggestion was requested for. | string
|
COUNT | Count. | integer($int64)
|
HTTP Status Codes
Code | Description |
---|---|
200 | OK |
200 Sample Response
[
{
"key": "string",
"count": 0
}
]
Code | Description |
---|---|
400 | Bad Request |
401 | Unauthorized |
404 | Not Found |
Searching for a Host Finding
Search for a host finding within the designated client.
API Call: POST/client/{clientId}/hostFinding/search
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/search
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can search for a host finding are:
- Manager
- Group Manager
- User
Python
Python Sample search_hostFinding Snippet
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filters": [
{
"field": "id",
"exclusive": False,
"operator": "IN",
"value": "1,2,3,4"
}
],
"projection": "basic",
"sort": [
{
"field": "id",
"direction": "ASC"
}
],
"page": 0,
"size": 20
}
url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/search"
response = requests.post(url, headers=header, data=json.dumps(body))
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample search_hostFinding Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/search"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"projection\": \"<PROJECTION>\", \"sort\": [ { \"field\": \"<SORTFIELD>\", \"direction\": \"<SORTDIRECTION>\" } ], \"page\": <PAGENUMBER>, \"size\": <PAGESIZE>}"
Make sure to replace the option values here with your own option values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
PROJECTION | Projection type. Options: basic, detailed | Yes |
SORTFIELD | Notes about the assessment. | Yes |
SORTDIRECTION | Sort direction. Options: ASC, DESC | Yes |
PAGENUMBER | Page number to view. | Yes |
PAGESIZE | Number of entries per page. | Yes |
Response Parameters
Sample Response
{
"errors": [],
"page": {
"size": <PAGESIZE>,
"totalElements": <TOTALELEMENTS>,
"totalPages": <TOTALPAGES>,
"number": <PAGENUMBER>
},
"_links": {
"self": {
"href": "http://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/search?page=<PAGENUMBER>&size=<PAGESIZE>&sort=<SORT>,<SORTDIRECTION>"
}
}
}
Name | Description | Additional Information |
---|---|---|
PAGESIZE | Page size requested. | Shows how many items to display on the page. |
TOTALELEMENTS | Total elements on pages. | |
TOTALPAGES | Total amount of pages. | |
PAGENUMBER | Page to view. | Note that 0 is the first page. |
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | |
SORT | Field to sort by. | |
SORTDIRECTION | Direction to sort. | Options: ASC, DESC |
HTTP Status Codes
Code | Description |
---|---|
200 | OK |
200 Sample Response
{
"_embedded": {
"strings": [
{}
]
},
"page": {
"size": 0,
"totalElements": 0,
"totalPages": 0,
"number": 0
},
"errors": [
{
"id": "string",
"errorRefId": "string",
"code": 0,
"cause": "string"
}
]
}
Code | Description |
---|---|
400 | Bad Request |
401 | Unauthorized |
404 | Not Found |
Adding or Removing a Tag from a Host Finding
Add or remove a tag from a host finding.
API Call: POST/client/{clientId}/hostFinding/tag
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/tag
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can add or remove a tag from a host finding are:
- Group Manager
- Manager
- User
Python
Python Sample tag_hostFinding Snippet
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
tag_id = <INSERT TAG ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"tagId": 1,
"isRemove": False, # Change to True for removing tags
"filterRequest": {
"filters": [
{
"field": "id",
"exclusive": False,
"operator": "EXACT",
"value": 12345
}
]
}
}
url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/tag"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample tag_hostFinding Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/tag"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"tagId\":<TAGID>, \"isRemove\": <ISREMOVE>, \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": <VALUE> } ] }}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your designated API key. | Generating an API Token |
TAGID | Tag ID number. | integer
|
ISREMOVE | Remove tag? | Options: True = Yes, False = No |
FIELD | Filter field. | string
|
EXCLUSIVE | Exclusive. | boolean Options: True, False |
OPERATOR | Search operator. | Depends on value. |
VALUE | Search value. | string
|
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
200 | Job Created |
200 Sample Response
{
"id": 0,
"created": "2019-09-23T17:54:19.121Z"
}
Code | Description |
---|---|
400 | Bad Request |
401 | Unauthorized |
404 | Not Found |
Assigning Host Findings
Assign host finding to user.
API Call: POST/client/{clientId}/hostFinding/assign
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/assign
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can assign a host finding to user are:
- Group Manager
- Manager
- User
Python
Python Sample assign_hostFinding Snippet
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
user_id_list = [<INSERT COMMA-SEPARATED USER IDS HERE>]
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filters": [
{
"field": "id",
"exclusive": False,
"operator": "EXACT",
"value": 12345
}
],
"userIds": user_id_list
}
url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/assign"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your designated API key. | Generating an API Token |
cURL
cURL Sample assign_hostFinding Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/assign"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ], \"userIds\": [ <USERID>, <USERID> ]}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
FIELD | Filter field. | string
|
EXCLUSIVE | Exclusive. | boolean Options: True, False |
OPERATOR | Search operator. | Depends on value. |
VALUE | Search value. | string
|
USERID | User ID number. | Separate user IDs with a comma. |
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
200 | Job Created |
200 Sample Response
{
"id": 0,
"created": "2019-09-23T10:33:56.434Z"
}
Code | Description |
---|---|
400 | User Error |
401 | Unauthorized |
404 | Not Found |
Unassigning Host Findings
Unssign host finding from a user.
API Call: POST/client/{clientId}/hostFinding/unassign
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/unassign
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can unassign a host finding to user are:
- Group Manager
- Manager
- User
Python
Python Sample unassign_hostFinding Snippet
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
user_id_list = [<INSERT COMMA-SEPARATED USER IDS HERE>]
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filters": [
{
"field": "id",
"exclusive": False,
"operator": "EXACT",
"value": 12345
}
],
"userIds": user_id_list
}
url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/unassign"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your designated API key. | Generating an API Token |
cURL
cURL Sample unassign_hostFinding Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/unassign"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ], \"userIds\": [ <USERID>, <USERID> ]}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
FIELD | Filter field. | string
|
EXCLUSIVE | Exclusive. | boolean Options: True, False |
OPERATOR | Search operator. | Depends on value. |
VALUE | Search value. | string
|
USERID | User ID number. | Separate user IDs with a comma. |
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
200 | Job Created |
200 Sample Response
{
"id": 0,
"created": "2019-09-23T10:33:56.434Z"
}
Code | Description |
---|---|
400 | User Error |
401 | Unauthorized |
404 | Not Found |
Initiating Host Finding Export Job
Initiate host finding export job.
API Call: POST/client/{clientId}/hostFinding/export
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/export
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can initiate a host finding export job are:
- Group Manager
- Manager
- User
Python
Python Sample hostFinding_export Snippet
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
filename = '<INSERT DESIRED FILE NAME HERE>'
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filterRequest": {
"filters": [
{
"field": "id",
"exclusive": False,
"operator": "IN",
"value": "1,2,3,4"
}
]
},
"fileType": "XML", # Valid options here are XML, CSV, or XLSX
"comment": "Example Comment",
"fileName": filename
}
url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/export"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample hostFinding_export Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/export"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json" -d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ] }, \"fileType\": \"<FILETYPE>\", \"comment\": \"<COMMENT>\", \"fileName\": \"<FILENAME>\"}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
FIELD | Filter field. | string
|
EXCLUSIVE | Exclusive. | boolean Options: True, False |
OPERATOR | Search operator. | Depends on value. |
VALUE | Search value. | string
|
FILETYPE | Export file type. | Options: XML, XLSX, CSV |
COMMENT | Exported file description. | string
|
FILENAME | Exported file's name. | string
|
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
200 | Success |
200 Sample Response
{
"id": 0,
"created": "2019-09-17T16:59:16.922Z"
}
Code | Description |
---|---|
400 | Bad Request |
401 | Unauthorized |
404 | Not Found |
Updating Host Finding Due Dates in Bulk
Update host finding due dates in bulk.
API Call: POST/client/{clientId}/hostFinding/update-due-date
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/update-due-date
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can update host finding due dates in bulk are:
- Group Manager
- Manager
- User
Python
Python Sample hostFinding_updateDueDate Snippet
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filterRequest": {
"filters": [
{
"field": "id",
"exclusive": False,
"operator": "IN",
"value": "1,2,3,4"
}
]
},
"dueDate": "2019-12-30" # Due date must be in YYYY-MM-DD format.
}
url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/update-due-date"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample hostFinding_updateDueDate Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/update-due-date"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>,<VALUE>\" } ] }, \"dueDate\": \"<DUEDATE>\"}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your designated API key. | Generating an API Token |
FIELD | Filter field. | string
|
EXCLUSIVE | Exclusive. | boolean Options: True, False |
OPERATOR | Search operator. | Depends on value. |
VALUE | Search value. | string
|
DUEDATE | Due date. | Format: YYYY-MM-DD |
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
200 | Success |
200 Sample Response
{
"id": 0,
"created": "2019-09-23T19:28:53.639Z"
}
Code | Description |
---|---|
400 | Bad Request |
401 | Unauthorized |
404 | Not Found |
Deleting Entities Based on Filters
Delete entities based on filters.
API Call: POST/client/{clientId}/hostFinding/delete
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/delete
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can delete entities based on filters are:
- Group Manager
- Manager
Python
Python Sample delete_hostFindingByFilter Snippet
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filterRequest": {
"filters": [
{
"field": "id",
"exclusive": False,
"operator": "IN",
"value": "1,2,3,4"
}
]
}
}
url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/delete"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample delete_hostFindingByFilter Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/delete"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ] }}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your designated API key. | Generating an API Token |
FIELD | Filter field. | string
|
EXCLUSIVE | Exclusive. | boolean Options: True, False |
OPERATOR | Search operator. | Depends on value. |
VALUE | Search value. | string
|
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
200 | Job Created |
200 Sample Response
{
"id": 0,
"created": "2019-09-23T17:45:18.407Z"
}
Code | Description |
---|---|
400 | User Error |
401 | Unauthorized |
404 | Not Found |
Initiating Workflow Request
Initiate workflow request.
API Call: POST/client/{clientId}/search/hostFinding/{workflowType}/request
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/request
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
WORKFLOWTYPE | Workflow type. | For this, use request. |
User Roles
The user roles that can initiate workflow request are:
- Group Manager
- Manager
- User
Python
Python Sample hostFinding_workflowRequest Snippet
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
workflow_type = 'acceptance' # REQUIRED. Other valid options are "falsePositive", "severityChange", and "remediation"
filename = "<INSERT FILE NAME/PATH HERE FOR UPLOAD>"
filter_request = {
"filters": [
{
"field": "id",
"exclusive": False,
"operator": "IN",
"value": "1,2,3,4"
}
]
}
expiration_date = ""
description = "This is an example description." # REQUIRED
reason = ""
compensating_controls = ""
severity = None
header = {
"x-api-key": api_key,
"content-type": "multipart/form-data"
}
data = {
"files": open(filename, 'r'),
"filterRequest": filter_request,
"expirationDate": expiration_date,
"description": description,
"reason": reason,
"compensatingControls": compensating_controls,
"severity": severity
}
url = url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/" + workflow_type + "/request"
response = requests.post(url, headers=header, files=data)
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your designated API key. | Generating an API Token |
cURL
cURL Sample hostFinding_workflowRequest Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/request"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ], \"projection\": \"<PROJECTION>\", \"sort\": [ { \"field\": \"<SORTFIELD>\", \"direction\": \"<SORTDICRECTION>\" } ], \"page\": <PAGENUMBER>, \"size\": <PAGESIZE> }, \"expirationDate\": \"<EXPDATE>\", \"overrideExpDate\": <OVERRIDEEXPDATE>}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
WORKFLOWTYPE | Workflow type. | For this, use Request. |
APIKEY | Your designated API key. | Generating an API Token |
FIELD | Filter field. | string
|
EXCLUSIVE | Exclusive. | boolean Options: True, False |
OPERATOR | Search operator. | Depends on value. |
VALUE | Search value. | string
|
PROJECTION | Projection type. | Options: basic, detailed |
SORTFIELD | Field to sort. | |
SORTDIRECTION | Sort direction. | Options: ASC, DESC |
PAGENUMBER | Page number to view. | |
PAGESIZE | Number of entries per page. | |
EXPDATE | Expiration date. | |
OVERRIDEEXPDATE | Override expiration date. |
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
200 | Success |
200 Sample Response
{
"id": 0,
"created": "2019-09-23T09:21:43.971Z"
}
Code | Description |
---|---|
400 | Bad Request |
401 | Unauthorized |
404 | Not Found |
Initiating Workflow Reject
Initiate workflow reject.
API Call: POST/client/{clientId}/search/hostFinding/{workflowType}/reject
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/reject
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
WORKFLOWTYPE | Workflow type. | For this, use reject. |
User Roles
The user roles that can initiate workflow reject are:
- Group Manager
- Manager
Python
Python Sample hostFinding_workflowReject Snippet
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
file_path = '<INSERT FILE PATH HERE>'
workflow_type = 'acceptance' # REQUIRED. Other valid options are "falsePositive", "severityChange", and "remediation"
header = {
"x-api-key": api_key
}
body = {
"file": (file_path, open(file_path, 'rb')),
"filterRequest": {
"filters": [
{
"field": "id",
"exclusive": False,
"operator": "IN",
"value": "1,2,3,4"
}
]
},
"expirationDate": "2019-12-31", # Must be in YYYY-MM-DD format
"description": "This is an example description",
"reason": "This is an example reason",
"compensatingControls": "This is an example of compensating controls."
}
response = requests.post(url, headers=header, files=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your designated API key. | Generating an API Token |
cURL
cURL Sample hostFinding_workflowReject Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/reject"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ], \"projection\": \"<PROJECTION>\", \"sort\": [ { \"field\": \"<SORTFIELD>\", \"direction\": \"<SORTDICRECTION>\" } ], \"page\": <PAGENUMBER>, \"size\": <PAGESIZE> }, \"expirationDate\": \"<EXPDATE>\", \"overrideExpDate\": <OVERRIDEEXPDATE>}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
WORKFLOWTYPE | Workflow type. | For this, use Reject. |
APIKEY | Your designated API key. | Generating an API Token |
FIELD | Filter field. | string
|
EXCLUSIVE | Exclusive. | boolean Options: True, False |
OPERATOR | Search operator. | Depends on value. |
VALUE | Search value. | string
|
PROJECTION | Projection type. | Options: basic, detailed |
SORTFIELD | Field to sort. | |
SORTDIRECTION | Sort direction. | Options: ASC, DESC |
PAGENUMBER | Page number to view. | |
PAGESIZE | Number of entries per page. | |
EXPDATE | Expiration date. | |
OVERRIDEEXPDATE | Override expiration date. |
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
200 | Success |
200 Sample Response
{
"id": 0,
"created": "2019-09-23T09:21:43.971Z"
}
Code | Description |
---|---|
400 | Bad Request |
401 | Unauthorized |
404 | Not Found |
Initiate Workflow Rework
Initiate workflow rework.
API Call: POST/client/{clientId}/search/hostFinding/{workflowType}/rework
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/rework
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
WORKFLOWTYPE | Workflow type. | For this, use rework. |
User Roles
The user roles that can initiate workflow rework are:
- Group Manager
- Manager
Python
Python Sample hostFinding_workflowRework Snippet
TBA
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your designated API key. | Generating an API Token |
cURL
cURL Sample hostFinding_workflowRework Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/rework"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ], \"projection\": \"<PROJECTION>\", \"sort\": [ { \"field\": \"<SORTFIELD>\", \"direction\": \"<SORTDICRECTION>\" } ], \"page\": <PAGENUMBER>, \"size\": <PAGESIZE> }, \"expirationDate\": \"<EXPDATE>\", \"overrideExpDate\": <OVERRIDEEXPDATE>}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
WORKFLOWTYPE | Workflow type. | For this, use Rework. |
APIKEY | Your designated API key. | Generating an API Token |
FIELD | Filter field. | string
|
EXCLUSIVE | Exclusive. | boolean Options: True, False |
OPERATOR | Search operator. | Depends on value. |
VALUE | Search value. | string
|
PROJECTION | Projection type. | Options: basic, detailed |
SORTFIELD | Field to sort. | |
SORTDIRECTION | Sort direction. | Options: ASC, DESC |
PAGENUMBER | Page number to view. | |
PAGESIZE | Number of entries per page. | |
EXPDATE | Expiration date. | |
OVERRIDEEXPDATE | Override expiration date. |
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
200 | Success |
200 Sample Response
{
"id": 0,
"created": "2019-09-23T09:21:43.971Z"
}
Code | Description |
---|---|
400 | Bad Request |
401 | Unauthorized |
404 | Not Found |
Initiating Workflow Approve
Initiate workflow approve.
API Call: POST/client/{clientId}/search/hostFinding/{workflowType}/approve
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/approve
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
WORKFLOWTYPE | Workflow type. | For this, use Approve. |
User Roles
The user roles that can initiate workflow approve are:
- Group Manager
- Manager
Python
Python Sample hostFinding_workflowApprove Snippet
TBA
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample hostFinding_workflowApprove Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/<WORKFLOWTYPE>/approve"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ], \"projection\": \"<PROJECTION>\", \"sort\": [ { \"field\": \"<SORTFIELD>\", \"direction\": \"<SORTDICRECTION>\" } ], \"page\": <PAGENUMBER>, \"size\": <PAGESIZE> }, \"expirationDate\": \"<EXPDATE>\", \"overrideExpDate\": <OVERRIDEEXPDATE>}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
WORKFLOWTYPE | Workflow type. | For this, use Approve. |
APIKEY | Your designated API key. | Generating an API Token |
FIELD | Filter field. | string
|
EXCLUSIVE | Exclusive. | boolean Options: True, False |
OPERATOR | Search operator. | Depends on value. |
VALUE | Search value. | string
|
PROJECTION | Projection type. | Options: basic, detailed |
SORTFIELD | Field to sort. | |
SORTDIRECTION | Sort direction. | Options: ASC, DESC |
PAGENUMBER | Page number to view. | |
PAGESIZE | Number of entries per page. | |
EXPDATE | Expiration date. | |
OVERRIDEEXPDATE | Override expiration date. |
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
200 | Success |
200 Sample Response
{
"id": 0,
"created": "2019-09-23T09:21:43.971Z"
}
Code | Description |
---|---|
400 | Bad Request |
401 | Unauthorized |
404 | Not Found |
Adding Note to a Host Finding
Add a note to a host finding.
API Call: POST/client/{clientId}/hostFinding/note
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/note
URL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can add a note to a host finding are:
- Group Manager
- Manager
- User
Python
Python Sample addNote_hostFinding Snippet
import requests
import json
platform = 'http://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = 1 # UPDATE AS NEEDED
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filterRequest": {
"filters": [
{
"field": "criticality",
"exclusive": False,
"operator": "EXACT",
"value": "5"
}
]
},
"note": "This is my note." # UPDATE AS DESIRED
}
url = platform + "/api/v1/client/" + str(client_id) + "/hostFinding/note"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your designated API key. | Generating an API Token |
cURL
cURL Sample addNote_hostFinding Snippet
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/hostFinding/note"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD<\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ] }, \"note\": \"<NOTE>\"}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
Name | Description | Additional Information |
---|---|---|
PLATFORM | Platform number. | |
CLIENTID | Client ID number. | Finding Your Client ID |
APIKEY | Your designated API key. | Generating an API Token |
FIELD | Filter field. | string
|
EXCLUSIVE | Exclusive. | boolean Options: True, False |
OPERATOR | Search operator. | Depends on value. |
VALUE | Search value. | string
|
NOTE | Note to add. |
Response Parameters
Sample Response
{
"id": <ID>,
"created": "<CREATED>"
}
Name | Description | Additional Information |
---|---|---|
ID | Job ID number. | integer
|
Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
Code | Description |
---|---|
200 | Success |
200 Sample Response
{
"id": 0,
"created": "2019-09-23T09:14:11.180Z"
}
Code | Description |
---|---|
400 | Bad Request |
401 | Unauthorized |
404 | Not Found |