Host

This documentation is currently outdated and in the process of being updated. This documentation is provided as a temporary reference to various API endpoints and output. This warning will be at the top of each outdated page. As the documentation is updated, this warning will be removed.

Creating a Host

Create a host for the designated client.

API Call: POST/client/{clientId}/host

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user role that can create a host is:

  • Manager

Python

Python Sample create_host Snippet

Copy

import json
import requests

platform = 'https://platform<PLATFORM>.risksense.com'
api_key = '<APIKEY>'
client_id = <CLIENTID>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "groupId": <GROUPID>,
    "assessmentId": <ASSESSMENTID>,
    "networkId": <NETWORKID>,
    "ipAddress": "<IPADDRESS>",
    "subnet": "<SUBNET>",
    "hostName": "<HOSTNAME>",
    "manufacturedBy": "<MANUFACTUREDBY>",
    "model": "<MODEL>",
    "macAddress": "<MACADDRESS>",
    "location": "<LOCATION>",
    "managedBy": "<MANAGEDBY>",
    "ownedBy": "<OWNER>",
    "supportedBy": "<SUPPORTER>",
    "supportGroup": "<SUPPORTGROUP>",
    "sysId": "<SYSID>",
    "operatingSystem": "<OPERATINGSYSTEM>",
    "lastScanDate": "<LASTSCANDATE>",
    "ferpaComplianceAsset": "<FERPACOMPLIANCEASSET>",
    "hipaaComplianceAsset": "<HIPAACOMPLIANCEASSET>",
    "pciComplianceAsset": "<PCICOMPLIANCEASSET>",
    "discoveredDate": "<DISCOVEREDDATE>",
    "services": [
        {
            "portNumber": <PORTNUMBER>,
            "name": "<PORTNAME>"
        },
        {
            "portNumber": <PORTNUMBER>,
            "name": "<PORTNAME>"
        }
    ],
    "criticality": <CRITICALITY>,
    "operatingSystemScanner": {
        "name": "<OSSCANNERNAME>",
        "family": "<OSSCANNERFAMILY>",
        "class": "<OSSCANNERCLASS>",
        "vendor": "<OSSCANNERVENDOR>",
        "product": "<OSSCANNERPRODUCT>",
        "certainty": <OSSCANNERCERTAINTY>
    }
}

url = platform + "/api/v1/client/" + str(client_id) + "/host"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
GROUPID Group ID number.
ASSESSMENTID Assessment ID number.
NETWORKID Network ID number.
IPADDRESS IP Address.
SUBNET Host's subnet.
HOSTNAME Host name.
MANUFACTUREDBY Host manufactured by.
MODEL Host model.
MACADDRESS Host MAC address. Format: AA-00-04-00-XX-YY
LOCATION Host location.
MANAGEDBY Host manager.
OWNEDBY Host owner.
SUPPORTEDBY Supported by.
SUPPORTGROUP Support group.
SYSID Host SYSID.
OPERATINGSYSTEM Host operating system.
LASTSCANDATE Host last scan date.
FERPACOMPLIANCEASSET FERPA compliance asset. Options: Yes = True, No = False
HIPAACOMPLIANCEASSET HIPAA compliance asset. Options: Yes = True, No = False
PCICOMPLIANCEASSET PCI compliance asset. Options: Yes = True, No = False
DISCOVEREDDATE Host discovered date.
PORTNUMBER Host port number.
PORTNAME Host port name.
CRITICALITY Host criticality.
OSSCANNERNAME Operating system scanner name.
OSSCANNERFAMILY Operating system scanner family.
OSSCANNERCLASS Operating system scanner class.
OSSCANNERVENDOR Operating system scanner vendor.
OSSCANNERPRODUCT Operating system scanner product.
OSSCANNERCERTAINTY Operating system scanner certainty.

cURL

cURL Sample create_host Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json" -d "{  \"groupId\": <GROUPID>,  \"assessmentId\": <ASSESSMENTID>,  \"networkId\": <NETWORKID>,  \"ipAddress\": \"<IPADDRESS>\",  \"subnet\": \"<SUBNET>\",  \"hostName\": \"<HOSTNAME>\",  \"manufacturedBy\": \"<MANUFACTUREDBY>\",  \"model\": \"<MODEL>\",  \"macAddress\": \"<MACADDRESS>\",  \"location\": \"<LOCATION>\",  \"managedBy\": \"<MANAGEDBY>\",  \"ownedBy\": \"<OWNER>\",  \"supportedBy\": \"<SUPPORTER>\",  \"supportGroup\": \"<SUPPORTGROUP>\",  \"sysId\": \"<SYSID>\",  \"operatingSystem\": \"<OPERATINGSYSTEM>\",  \"lastScanDate\": \"<LASTSCANDATE>\",  \"ferpaComplianceAsset\": \"<FERPACOMPLIANCEASSET>\",  \"hipaaComplianceAsset\": \"<HIPAACOMPLIANCEASSET>\",  \"pciComplianceAsset\": \"<PCICOMPLIANCEASSET>\",  \"discoveredDate\": \"<DISCOVEREDDATE>\",  \"services\": [    {      \"portNumber\": <PORTNUMBER>,      \"name\": \"<PORTNAME>\"    },    {      \"portNumber\": <PORTNUMBER>,      \"name\": \"<PORTNAME>\"    }  ],  \"criticality\": <CRITICALITY>,  \"operatingSystemScanner\": {    \"name\": \"<OSSCANNERNAME>\",    \"family\": \"<OSSCANNERFAMILY>\",    \"class\": \"<OSSCANNERCLASS>\",    \"vendor\": \"<OSSCANNERVENDOR>\",    \"product\": \"<OSSCANNERPRODUCT>\",    \"certainty\": <OSSCANNERCERTAINTY>  }}"


Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
GROUPID Group ID number.
ASSESSMENTID Assessment ID number.
NETWORKID Network ID number.
IPADDRESS IP Address.
SUBNET Host's subnet.
HOSTNAME Host name.
MANUFACTUREDBY Host manufactured by.
MODEL Host model.
MACADDRESS Host MAC address. Format: AA-00-04-00-XX-YY
LOCATION Host location.
MANAGEDBY Host manager.
OWNEDBY Host owner.
SUPPORTEDBY Supported by.
SUPPORTGROUP Support group.
SYSID Host SYSID.
OPERATINGSYSTEM Host operating system.
LASTSCANDATE Host last scan date.
FERPACOMPLIANCEASSET FERPA compliance asset. Options: Yes = True, No = False
HIPAACOMPLIANCEASSET HIPAA compliance asset. Options: Yes = True, No = False
PCICOMPLIANCEASSET PCI compliance asset. Options: Yes = True, No = False
DISCOVEREDDATE Host discovered date.
PORTNUMBER Host port number.
PORTNAME Host port name.
CRITICALITY Host criticality.
OSSCANNERNAME Operating system scanner name.
OSSCANNERFAMILY Operating system scanner family.
OSSCANNERCLASS Operating system scanner class.
OSSCANNERVENDOR Operating system scanner vendor.
OSSCANNERPRODUCT Operating system scanner product.
OSSCANNERCERTAINTY Operating system scanner certainty.

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Host creation job ID
CREATED Time/Date job created.

HTTP Status Codes

Code Description
201 Success

200 Sample Response

Copy

{
  "id": 0,
  "created": "2019-09-11T22:21:52.539Z"
}

Code Description
400 Bad Request
401 Unauthorized
409 Conflict

Listing Host Projections and Their Models

List host projections and their models that can be requested from the search endpoint.

API Call: GET/client/{clientId}/host/model

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/model

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can list host projections and their models are:

  • Manager
  • Group Manager
  • User

Python

Python Sample host_projections Snippet

Copy

import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

url = platform + "/api/v1/client/" + str(client_id) + "/host/model"

response = requests.get(url, headers=header)

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample host_projections Snippet

Copy

curl -X GET "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/model"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

Response Parameters

Sample Response

Copy
{
  "subject": "host",
  "projections": [
    {
      "name": "basic",
      "fields": [
        {
          "field": "id",
          "type": "int",
          "nested": []
        },
        {
          "field": "clientId",
          "type": "int",
          "nested": []
        },
        {
          "field": "groupIds",
          "type": "int[]",
          "nested": []
        },
        {
          "field": "rs3",
          "type": "Object",
          "nested": []
        },
        {
          "field": "criticality",
          "type": "int",
          "nested": []
        },
        {
          "field": "tagIds",
          "type": "int[]",
          "nested": []
        },
        {
          "field": "networkId",
          "type": "int",
          "nested": []
        },
        {
          "field": "findingsDistribution",
          "type": "FindingsDistribution",
          "nested": [
            {
              "field": "total",
              "type": "EmbeddedSeverityGroup",
              "nested": [
                {
                  "field": "value",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "subject",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "filter",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "critical",
              "type": "EmbeddedSeverityGroup",
              "nested": [
                {
                  "field": "value",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "subject",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "filter",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "high",
              "type": "EmbeddedSeverityGroup",
              "nested": [
                {
                  "field": "value",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "subject",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "filter",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "medium",
              "type": "EmbeddedSeverityGroup",
              "nested": [
                {
                  "field": "value",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "subject",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "filter",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "low",
              "type": "EmbeddedSeverityGroup",
              "nested": [
                {
                  "field": "value",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "subject",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "filter",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "info",
              "type": "EmbeddedSeverityGroup",
              "nested": [
                {
                  "field": "value",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "subject",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "filter",
                  "type": "string",
                  "nested": []
                }
              ]
            }
          ]
        },
        {
          "field": "discoveredOn",
          "type": "string",
          "nested": []
        },
        {
          "field": "lastFoundOn",
          "type": "string",
          "nested": []
        },
        {
          "field": "lastScanTime",
          "type": "string",
          "nested": []
        },
        {
          "field": "hostName",
          "type": "string",
          "nested": []
        },
        {
          "field": "ipAddress",
          "type": "string",
          "nested": []
        },
        {
          "field": "portIds",
          "type": "int[]",
          "nested": []
        },
        {
          "field": "operatingSystemScanner",
          "type": "OperatingSystem",
          "nested": [
            {
              "field": "name",
              "type": "string",
              "nested": []
            },
            {
              "field": "family",
              "type": "string",
              "nested": []
            },
            {
              "field": "class",
              "type": "string",
              "nested": []
            },
            {
              "field": "vendor",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "external",
          "type": "boolean",
          "nested": []
        },
        {
          "field": "configurationManagementDB",
          "type": "CmdbFieldDetailView",
          "nested": []
        }
      ]
    },
    {
      "name": "detail",
      "fields": [
        {
          "field": "id",
          "type": "int",
          "nested": []
        },
        {
          "field": "clientId",
          "type": "int",
          "nested": []
        },
        {
          "field": "group",
          "type": "EmbeddedGroup",
          "nested": [
            {
              "field": "id",
              "type": "int",
              "nested": []
            },
            {
              "field": "name",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "rs3",
          "type": "Object",
          "nested": []
        },
        {
          "field": "criticality",
          "type": "int",
          "nested": []
        },
        {
          "field": "tagIds",
          "type": "int[]",
          "nested": []
        },
        {
          "field": "tags",
          "type": "EmbeddedTag[]",
          "nested": []
        },
        {
          "field": "network",
          "type": "EmbeddedNetwork",
          "nested": [
            {
              "field": "id",
              "type": "int",
              "nested": []
            },
            {
              "field": "name",
              "type": "string",
              "nested": []
            },
            {
              "field": "type",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "findingsDistribution",
          "type": "FindingsDistribution",
          "nested": [
            {
              "field": "total",
              "type": "EmbeddedSeverityGroup",
              "nested": [
                {
                  "field": "value",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "subject",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "filter",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "critical",
              "type": "EmbeddedSeverityGroup",
              "nested": [
                {
                  "field": "value",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "subject",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "filter",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "high",
              "type": "EmbeddedSeverityGroup",
              "nested": [
                {
                  "field": "value",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "subject",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "filter",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "medium",
              "type": "EmbeddedSeverityGroup",
              "nested": [
                {
                  "field": "value",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "subject",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "filter",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "low",
              "type": "EmbeddedSeverityGroup",
              "nested": [
                {
                  "field": "value",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "subject",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "filter",
                  "type": "string",
                  "nested": []
                }
              ]
            },
            {
              "field": "info",
              "type": "EmbeddedSeverityGroup",
              "nested": [
                {
                  "field": "value",
                  "type": "int",
                  "nested": []
                },
                {
                  "field": "subject",
                  "type": "string",
                  "nested": []
                },
                {
                  "field": "filter",
                  "type": "string",
                  "nested": []
                }
              ]
            }
          ]
        },
        {
          "field": "discoveredOn",
          "type": "string",
          "nested": []
        },
        {
          "field": "lastFoundOn",
          "type": "string",
          "nested": []
        },
        {
          "field": "lastScanTime",
          "type": "string",
          "nested": []
        },
        {
          "field": "hostName",
          "type": "string",
          "nested": []
        },
        {
          "field": "ipAddress",
          "type": "string",
          "nested": []
        },
        {
          "field": "ports",
          "type": "HostPort",
          "nested": [
            {
              "field": "id",
              "type": "int",
              "nested": []
            },
            {
              "field": "number",
              "type": "int",
              "nested": []
            }
          ]
        },
        {
          "field": "operatingSystemScanner",
          "type": "OperatingSystem",
          "nested": [
            {
              "field": "name",
              "type": "string",
              "nested": []
            },
            {
              "field": "family",
              "type": "string",
              "nested": []
            },
            {
              "field": "class",
              "type": "string",
              "nested": []
            },
            {
              "field": "vendor",
              "type": "string",
              "nested": []
            }
          ]
        },
        {
          "field": "external",
          "type": "boolean",
          "nested": []
        },
        {
          "field": "configurationManagementDB",
          "type": "CmdbFieldDetailView",
          "nested": []
        },
        {
          "field": "services",
          "type": "String[]",
          "nested": []
        },
        {
          "field": "notes",
          "type": "EmbeddedNote[]",
          "nested": []
        },
        {
          "field": "sources",
          "type": "ScannerDetail[]",
          "nested": []
        },
        {
          "field": "tickets",
          "type": "EmbeddedTicket[]",
          "nested": []
        },
        {
          "field": "lastVulnTrendingOn",
          "type": "string",
          "nested": []
        },
        {
          "field": "lastThreatTrendingOn",
          "type": "string",
          "nested": []
        },
        {
          "field": "trending",
          "type": "boolean",
          "nested": []
        },
        {
          "field": "oldestOpenFindingWithThreatDiscoveredOn",
          "type": "string",
          "nested": []
        }
      ]
    }
  ]
}

HTTP Status Codes

Code Description
200 OK

200 Sample Response

Copy
{
  "projections": [
    {
      "name": "basic",
      "fields": [
        {
          "field": "id",
          "type": "integer"
        },
        {
          "field": "name",
          "type": "string"
        }
      ]
    }
  ]
}
Code Description
401 Unauthorized
404 Not Found

Listing Filterable Host Fields

Displays the filterable host fields that can be used by the search endpoint.

API Call: GET/client/{clientId}/host/filter

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/filter

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can list filterable host fields are:

  • Manager
  • Group Manager
  • User

Python

Python Sample list_hostfields Snippet

Copy

import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

url = platform + "/api/v1/client/" + str(client_id) + "/host/filter"

response = requests.get(url, headers=header)

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample list_hostfields Snippet

Copy

curl -X GET "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/filter"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

Response Parameters

Sample Response

Copy

[
  {
    "name": "Assessment",
    "legacyUid": "assessment_labels",
    "uid": "assessment_labels",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts by assessment(s)."
  },
  {
    "name": "Assigned To",
    "legacyUid": "assignments",
    "uid": "assignments",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts with vulnerabilities by user assigned to remediate."
  },
  {
    "name": "CMDB Asset Criticality",
    "legacyUid": "cmdb_asset_criticality",
    "uid": "cmdb_asset_criticality",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Asset Criticality field from CMDB"
  },
  {
    "name": "CMDB Asset Tag",
    "legacyUid": "cmdb_asset_tag",
    "uid": "cmdb_asset_tag",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Asset Tag field from CMDB"
  },
  {
    "name": "CMDB Custom Field 1",
    "legacyUid": "cmdb_custom_field_1",
    "uid": "cmdb_custom_field_1",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Custom Field 1 field from CMDB"
  },
  {
    "name": "CMDB Custom Field 10",
    "legacyUid": "cmdb_custom_field_10",
    "uid": "cmdb_custom_field_10",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Custom Field 10 field from CMDB"
  },
  {
    "name": "CMDB Custom Field 2",
    "legacyUid": "cmdb_custom_field_2",
    "uid": "cmdb_custom_field_2",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Custom Field 2 field from CMDB"
  },
  {
    "name": "CMDB Custom Field 3",
    "legacyUid": "cmdb_custom_field_3",
    "uid": "cmdb_custom_field_3",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Custom Field 3 field from CMDB"
  },
  {
    "name": "CMDB Custom Field 4",
    "legacyUid": "cmdb_custom_field_4",
    "uid": "cmdb_custom_field_4",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Custom Field 4 field from CMDB"
  },
  {
    "name": "CMDB Custom Field 5",
    "legacyUid": "cmdb_custom_field_5",
    "uid": "cmdb_custom_field_5",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Custom Field 5 field from CMDB"
  },
  {
    "name": "CMDB Custom Field 6",
    "legacyUid": "cmdb_custom_field_6",
    "uid": "cmdb_custom_field_6",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Custom Field 6 field from CMDB"
  },
  {
    "name": "CMDB Custom Field 7",
    "legacyUid": "cmdb_custom_field_7",
    "uid": "cmdb_custom_field_7",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Custom Field 7 field from CMDB"
  },
  {
    "name": "CMDB Custom Field 8",
    "legacyUid": "cmdb_custom_field_8",
    "uid": "cmdb_custom_field_8",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Custom Field 8 field from CMDB"
  },
  {
    "name": "CMDB Custom Field 9",
    "legacyUid": "cmdb_custom_field_9",
    "uid": "cmdb_custom_field_9",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Custom Field 9 field from CMDB"
  },
  {
    "name": "CMDB Ferpa Compliance Asset",
    "legacyUid": "cmdb_ferpa_compliance_asset",
    "uid": "cmdb_ferpa_compliance_asset",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Ferpa Compliance Asset field from CMDB"
  },
  {
    "name": "CMDB Hipaa Compliance Asset",
    "legacyUid": "cmdb_hipaa_compliance_asset",
    "uid": "cmdb_hipaa_compliance_asset",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Hipaa Compliance Asset field from CMDB"
  },
  {
    "name": "CMDB Last Scan Date",
    "legacyUid": "cmdb_last_scan_date",
    "uid": "cmdb_last_scan_date",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Last Scan Date field from CMDB"
  },
  {
    "name": "CMDB Location",
    "legacyUid": "cmdb_location",
    "uid": "cmdb_location",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Location field from CMDB"
  },
  {
    "name": "CMDB Managed By",
    "legacyUid": "cmdb_managed_by",
    "uid": "cmdb_managed_by",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Managed By field from CMDB"
  },
  {
    "name": "CMDB Manufactured By",
    "legacyUid": "cmdb_manufactured_by",
    "uid": "cmdb_manufactured_by",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Manufactured By field from CMDB"
  },
  {
    "name": "CMDB Model",
    "legacyUid": "cmdb_model",
    "uid": "cmdb_model",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Model field from CMDB"
  },
  {
    "name": "CMDB Operating System",
    "legacyUid": "cmdb_operating_system",
    "uid": "cmdb_operating_system",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Operating System field from CMDB"
  },
  {
    "name": "CMDB Owned By",
    "legacyUid": "cmdb_owned_by",
    "uid": "cmdb_owned_by",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Owned By field from CMDB"
  },
  {
    "name": "CMDB Pci Compliance Asset",
    "legacyUid": "cmdb_pci_compliance_asset",
    "uid": "cmdb_pci_compliance_asset",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Pci Compliance Asset field from CMDB"
  },
  {
    "name": "CMDB Support Group",
    "legacyUid": "cmdb_support_group",
    "uid": "cmdb_support_group",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Support Group field from CMDB"
  },
  {
    "name": "CMDB Supported By",
    "legacyUid": "cmdb_supported_by",
    "uid": "cmdb_supported_by",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Supported By field from CMDB"
  },
  {
    "name": "CMDB Sync Status",
    "legacyUid": "cmdb_sync_status",
    "uid": "cmdb_sync_status",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts by cmdb Sync status."
  },
  {
    "name": "CMDB Unique ID",
    "legacyUid": "cmdb_unique_id",
    "uid": "cmdb_unique_id",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Unique ID field from CMDB"
  },
  {
    "name": "CVE",
    "legacyUid": "cves",
    "uid": "cves",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts with vulnerabilities by associated CVE(s)."
  },
  {
    "name": "Critical Count",
    "legacyUid": "critical_count",
    "uid": "findingsDistribution.critical",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "string",
    "description": "Filters hosts by the count of critical host findings."
  },
  {
    "name": "Criticality",
    "legacyUid": "criticality",
    "uid": "criticality",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters by criticality"
  },
  {
    "name": "Criticality State",
    "legacyUid": "criticality_state",
    "uid": "criticality_state",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters by criticality state"
  },
  {
    "name": "Discovered On",
    "legacyUid": "discovered_on",
    "uid": "discovered_on",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD",
      "RANGE"
    ],
    "type": "date",
    "description": "Filters hosts by the asset's discovered date."
  },
  {
    "name": "Easily Exploitable",
    "legacyUid": "easily_exploitable",
    "uid": "easily_exploitable",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters assets with vulnerabilities with exploits, malware or default credentials."
  },
  {
    "name": "Exploit",
    "legacyUid": "exploits",
    "uid": "exploits",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts with vulnerabilities by exploit name(s)."
  },
  {
    "name": "Exploit Category",
    "legacyUid": "exploit_categories",
    "uid": "exploit_categories",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts with vulnerabilities by exploit category."
  },
  {
    "name": "Group",
    "legacyUid": "group_name",
    "uid": "groupName",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts that are within selected groups."
  },
  {
    "name": "Group ID",
    "legacyUid": "groups_id",
    "uid": "groupIds",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts within selected group IDs."
  },
  {
    "name": "Has Default Credentials",
    "legacyUid": "has_default_credentials",
    "uid": "has_default_credentials",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters hosts by CVEs associated with using default credentials."
  },
  {
    "name": "Has Note",
    "legacyUid": "has_note",
    "uid": "has_note",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters hosts that have an associated note."
  },
  {
    "name": "Has Threat",
    "legacyUid": "has_threat",
    "uid": "has_threat",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters hosts that have a known threat in the wild."
  },
  {
    "name": "Has Ticket",
    "legacyUid": "HAS_CONNECTOR_TICKET",
    "uid": "HAS_CONNECTOR_TICKET",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Does the tag have a ticket"
  },
  {
    "name": "Has Vulnerabilities",
    "legacyUid": "has_vulnerabilities",
    "uid": "has_vulnerabilities",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters hosts with vulnerabilities."
  },
  {
    "name": "High Count",
    "legacyUid": "high_count",
    "uid": "findingsDistribution.high",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "string",
    "description": "Filters hosts by the count of high host findings."
  },
  {
    "name": "High Risk Critical Asset",
    "legacyUid": "high_threat",
    "uid": "high_threat",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters assets with high threat vulnerabilities and a high asset business criticality score."
  },
  {
    "name": "Host Name",
    "legacyUid": "hostname",
    "uid": "hostName",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts by their host's by hostname."
  },
  {
    "name": "Hostname Not Detected",
    "legacyUid": "hostname_not_detected",
    "uid": "hostname_not_detected",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters hosts with no hostname detected by a scanner."
  },
  {
    "name": "IP Address",
    "legacyUid": "address",
    "uid": "ipAddress",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD",
      "CIDR"
    ],
    "type": "string",
    "description": "Filters hosts by their host's IP address."
  },
  {
    "name": "IP Address Type",
    "legacyUid": "ip_address_type",
    "uid": "ip_address_type",
    "operators": [
      "EXACT"
    ],
    "type": "string",
    "description": "Filters hosts by the range their IP address falls in."
  },
  {
    "name": "Id",
    "legacyUid": "id",
    "uid": "id",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": ""
  },
  {
    "name": "Info Count",
    "legacyUid": "info_count",
    "uid": "findingsDistribution.info",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "string",
    "description": "Filters hosts by the count of info host findings."
  },
  {
    "name": "Last Found On",
    "legacyUid": "last_found_on",
    "uid": "last_found_on",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD",
      "RANGE"
    ],
    "type": "date",
    "description": "Filters hosts by the asset's last found date."
  },
  {
    "name": "Low Count",
    "legacyUid": "low_count",
    "uid": "findingsDistribution.low",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "string",
    "description": "Filters hosts by the count of low host findings."
  },
  {
    "name": "Malware",
    "legacyUid": "malware",
    "uid": "malware",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts with vulnerabilities by associated malware."
  },
  {
    "name": "Medium Count",
    "legacyUid": "medium_count",
    "uid": "findingsDistribution.medium",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "string",
    "description": "Filters hosts by the count of medium host findings."
  },
  {
    "name": "Metric Exclude",
    "legacyUid": "metric_exclude",
    "uid": "metric_exclude",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters by metric exclude."
  },
  {
    "name": "Metric Exclude Reason",
    "legacyUid": "metric_exclude_reason",
    "uid": "metric_exclude_reason",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters by metric exclude reason."
  },
  {
    "name": "Netbios",
    "legacyUid": "netbios",
    "uid": "netbios",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filter by host netbios"
  },
  {
    "name": "Network",
    "legacyUid": "network_partition_name",
    "uid": "network.name",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts by the name of the network partition they belong to."
  },
  {
    "name": "Network Type",
    "legacyUid": "network_partition_type",
    "uid": "network_partition_type",
    "operators": [
      "EXACT",
      "IN"
    ],
    "type": "string",
    "description": "Filters hosts by the type of network partition they belong to."
  },
  {
    "name": "Newly Created Host",
    "legacyUid": "newly_created_host",
    "uid": "newly_created_host",
    "operators": [
      "EXACT"
    ],
    "type": "boolean",
    "description": "Filters hosts that have been created in the last 30 days."
  },
  {
    "name": "OS Class",
    "legacyUid": "os_class",
    "uid": "operatingSystem.class",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters by operating system class."
  },
  {
    "name": "OS Family",
    "legacyUid": "os_family",
    "uid": "operatingSystem.family",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters by operating system family (such as 'Linux' or 'Windows')."
  },
  {
    "name": "OS Vendor",
    "legacyUid": "os_vendor",
    "uid": "operatingSystem.vendor",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters by vendor of operating system (such as 'Microsoft' or 'Cisco')."
  },
  {
    "name": "Oldest Open Finding with Threat Discovered On",
    "legacyUid": "oldestOpenFindingWithThreatDiscoveredOn",
    "uid": "oldestOpenFindingWithThreatDiscoveredOn",
    "operators": [
      "EXACT",
      "IN",
      "RANGE",
      "GREATER",
      "LESSER"
    ],
    "type": "string",
    "description": "Filters by the oldest open finding (with threat) date on a particular host."
  },
  {
    "name": "Operating System",
    "legacyUid": "os_name",
    "uid": "operatingSystem.name",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts by name of host's operating system."
  },
  {
    "name": "Owner",
    "legacyUid": "owner",
    "uid": "owner",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filter by asset Owner"
  },
  {
    "name": "Patch ID",
    "legacyUid": "source_patch_ids",
    "uid": "source_patch_ids",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters by Patch ID"
  },
  {
    "name": "Port",
    "legacyUid": "port_numbers",
    "uid": "port_numbers",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "int",
    "description": "Filters hosts by associated ports."
  },
  {
    "name": "RS3",
    "legacyUid": "rs3",
    "uid": "rs3",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "int",
    "description": "Filters by rs3."
  },
  {
    "name": "Reported Scan Time",
    "legacyUid": "reported_scan_time",
    "uid": "lastScanTime",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "date",
    "description": "Filter by asset's last reported scan time."
  },
  {
    "name": "Scanner Name",
    "legacyUid": "scanner_names",
    "uid": "scanner_names",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts by scanner name(s)."
  },
  {
    "name": "Scanner UUID",
    "legacyUid": "source",
    "uid": "source",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts by scanner uuid(s)."
  },
  {
    "name": "Service",
    "legacyUid": "service_names",
    "uid": "service_names",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts by name of vulnerable service(s)."
  },
  {
    "name": "Tag",
    "legacyUid": "tags",
    "uid": "tags",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts by tags."
  },
  {
    "name": "Tag Connector ID",
    "legacyUid": "TAG_CONNECTOR_ID",
    "uid": "TAG_CONNECTOR_ID",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Tag Connector ID"
  },
  {
    "name": "Tag Connector Name",
    "legacyUid": "TAG_CONNECTOR_NAME",
    "uid": "TAG_CONNECTOR_NAME",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Name of the Connector associated with the tag"
  },
  {
    "name": "Threat",
    "legacyUid": "threats",
    "uid": "threats",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts by the name of the threat."
  },
  {
    "name": "Threat Category",
    "legacyUid": "threat_categories",
    "uid": "threat_categories",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Filters hosts by the threat category."
  },
  {
    "name": "Ticket ID",
    "legacyUid": "TICKET_ID",
    "uid": "TICKET_ID",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "Ticket ID"
  },
  {
    "name": "Ticket Status",
    "legacyUid": "TICKET_STATUS",
    "uid": "TICKET_STATUS",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD"
    ],
    "type": "string",
    "description": "status of ticket"
  },
  {
    "name": "Total Count",
    "legacyUid": "total_count",
    "uid": "findingsDistribution.total",
    "operators": [
      "EXACT",
      "IN",
      "RANGE"
    ],
    "type": "string",
    "description": "Filters hosts by the count of total host findings."
  },
  {
    "name": "Trending Threats",
    "legacyUid": "threatLastTrendingOn",
    "uid": "threatLastTrendingOn",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD",
      "RANGE",
      "GREATER",
      "LESSER"
    ],
    "type": "string",
    "description": "Filters by Threat Trending date."
  },
  {
    "name": "Trending Vulnerabilities",
    "legacyUid": "vulnLastTrendingOn",
    "uid": "vulnLastTrendingOn",
    "operators": [
      "EXACT",
      "IN",
      "LIKE",
      "WILDCARD",
      "RANGE",
      "GREATER",
      "LESSER"
    ],
    "type": "string",
    "description": "Filters by Vulnerability Trending date."
  }
]

HTTP Status Codes

Code Description
200 OK

200 Sample Response

Copy
[
  {
    "name": "id",
    "uid": "id",
    "operator": [
      "EXACT",
      "IN"
    ],
    "type": "integer",
    "description": "The id"
  }
]
Code Description
401 Unauthorized
404 Not Found

Suggesting Filter Values for Host Filtering

Displays suggested filter values when filtering hosts.

API Call: POST/client/{clientId}/host/suggest

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/suggest

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can view suggested filter values for hosts are:

  • Manager
  • Group Manager
  • User

Python

Python Sample filter_hostvalues Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filters": [
        {
            "field": "id",
            "exclusive": True,
            "operator": "IN",
            "value": "1,2,3,4"
        }
    ],
    "filter": {
        "field": "id",
        "exclusive": False,
        "operator": "IN",
        "value": ""
    }
}

url = platform + "/api/v1/client/" + str(client_id) + "/host/suggest"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample filter_hostvalues Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/suggest"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filters\": [    {      \"field\": \"<FIELD>\",      \"exclusive\": <EXCLUSIVE>,      \"operator\": \"<OPERATOR>\",      \"value\": \"<VALUE>\"    }  ],  \"filter\": {    \"field\": \"<FIELD>\",    \"exclusive\": <EXCLUSIVE>,    \"operator\": \"<OPERATOR>\",    \"value\": \"<VALUE>\"  }}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string

Response Parameters

Sample Response

Copy

[
  {
    "key": "<KEY>",
    "count": <COUNT>
  }
]

Name Description Additional Information
KEY Value for the field the suggestion was requested for. string
COUNT Count. integer($int64)

HTTP Status Codes

Code Description
200 OK

200 Sample Response

Copy
[
  {
    "key": "string",
    "count": 0
  }
]
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Searching for a Host

Search for a host within the designated client.

API Call: POST/client/{clientId}/host/search

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/search

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can search for a host are:

  • Manager
  • Group Manager
  • User

Python

Python Sample search_host Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filters": [
        {
            "field": "id",
            "exclusive": False,
            "operator": "IN",
            "value": "1,2,3,4"
        }
    ],
    "projection": "basic",
    "sort": [
        {
            "field": "id",
            "direction": "ASC"
        }
    ],
    "page": 0,
    "size": 20
}


url = platform + "/api/v1/client/" + str(client_id) + "/host/search"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample search_host Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/search"
  -H "accept: application/json"
  -H "x-api-key: <APIKEY>"
  -H "Content-Type: application/json"
  -d "{ \"projection\": \"<PROJECTION>\", \"sort\": [ { \"field\": \"<SORTFIELD>\", \"direction\": \"<SORTDIRECTION>\" } ], \"page\": <PAGENUMBER>, \"size\": <PAGESIZE>}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
PROJECTION Projection type. Options: basic, detailed
SORTFIELD Field to sort.
SORTDIRECTION Sort direction. Options: ASC, DESC
PAGENUMBER Page number to view.
PAGESIZE Number of entries per page.

Response Parameters

Sample Response

Copy

{
  "errors": [],
  "page": {
    "size": <PAGESIZE>,
    "totalElements": <TOTALELEMENTS>,
    "totalPages": <TOTALPAGES>,
    "number": <PAGENUMBER>
  },
  "_links": {
    "self": {
      "href": "http://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/search?page=<PAGENUMBER>&size=<PAGESIZE>&sort=<SORT>,<SORTDIRECTION>"
    }
  }
}

Name Description Additional Information
PAGESIZE Page size requested. Shows how many items to display on the page.
TOTALELEMENTS Total elements on pages.
TOTALPAGES Total amount of pages.
PAGENUMBER Page to view. Note that 0 is the first page.
PLATFORM Platform number.
CLIENTID Client ID number.
SORT Field to sort by.
SORTDIRECTION Direction to sort. Options: ASC, DESC

HTTP Status Codes

Code Description
200 OK

200 Sample Response

Copy
{
  "_embedded": {
    "strings": [
      {}
    ]
  },
  "page": {
    "size": 0,
    "totalElements": 0,
    "totalPages": 0,
    "number": 0
  },
  "errors": [
    {
      "id": "string",
      "errorRefId": "string",
      "code": 0,
      "cause": "string"
    }
  ]
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Updating a Host

Update a host.

API Call: POST/client/{clientId}/host/update

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/update

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user role that can update a host is:

  • Manager

Python

Python Sample host_update Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filterRequest": {
        "filters": [
            {
                "field": "ipAddress",
                "exclusive": False,
                "operator": "EXACT",
                "value": "10.0.97.1"
            }
        ]
    },
    "criticality": 2,
    "manufacturedBy": "Example Manufacturer",
    "hipaaComplianceAsset": True
}

url = platform + "/api/v1/client/" + str(client_id) + "/host/update"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample host_update Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/update"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>\"      }    ]  },  \"criticality\": <CRITICALITY>,  \"editCmdb\": {    \"os\": \"<OS>\",    \"manufacturer\": \"<MANUFACTURER>\"}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string
CRITICALITY Host criticality. integer
OS Operating system.
MANUFACTURER Operating system manufacturer.

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Success

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T17:56:51.384Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Adding or Removing a Tag from a Host

Add or remove a tag from a host.

API Call: POST/client/{clientId}/host/tag

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/tag

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can add or remove a tag from a host are:

  • Group Manager
  • Manager
  • User

Python

Python Sample tag_host Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "tagId": 1234,
    "isRemove": False,   # Change to True to remove a tag
    "filterRequest": {
        "filters": [
            {
                "field": "ipAddress",
                "exclusive": False,
                "operator": "EXACT",
                "value": "10.0.97.1"
            }
        ]
    }
}


url = platform + "/api/v1/client/" + str(client_id) + "/host/tag"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample tag_host Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/tag"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"tagId\":<TAGID>,  \"isRemove\": <ISREMOVE>,  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": <VALUE>      }    ]  }}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token
TAGID Tag ID number. integer
ISREMOVE Remove tag? Options: True = Yes, False = No
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Job Created

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T17:54:19.121Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Deleting Entities Based on Filters

Delete entities based on filters.

API Call: POST/client/{clientId}/host/delete

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/delete

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can delete entities based on filters are:

  • Group Manager
  • Manager

Python

Python Sample delete_hostByFilter Snippet

Copy

import json
import requests

platform = 'http://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filterRequest": {
        "filters": [
            {
                "field": "ipAddress",
                "exclusive": False,
                "operator": "EXACT",
                "value": "10.0.97.1"
            }
        ]
    }
}


url = platform + "/api/v1/client/" + str(client_id) + "/host/delete"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample delete_hostByFilter Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/delete"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>\"      }    ]  }}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Job Created

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T17:45:18.407Z"
}
Code Description
400 User Error
401 Unauthorized
404 Not Found

Initiating Host Export Job

Initiate host export job.

API Call: POST/client/{clientId}/host/export

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/export

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can initiate a host export job are:

  • Group Manager
  • Manager
  • User

Python

Python Sample host_export Snippet

Copy

import json
import requests

platform = 'httsp://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filterRequest": {
        "filters": [
            {
                "field": "ipAddress",
                "exclusive": False,
                "operator": "LIKE",
                "value": "10.0"
            }
        ]
    },
    "fileType": "XML",
    "comment": "This is a comment",
    "fileName": "filename.xml"
}


url = platform + "/api/v1/client/" + str(client_id) + "/host/export"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample host_export Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/export"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json" -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>\"      }    ]  },  \"fileType\": \"<FILETYPE>\",  \"comment\": \"<COMMENT>\",  \"fileName\": \"<FILENAME>\"}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string
FILETYPE Export file type. Options: XML, XLSX, CSV
COMMENT Exported file description. string
FILENAME Exported file's name. string

Response Parameters

Sample Response

Copy

{
  "id": 0,
  "created": "2019-09-17T16:59:16.922Z"
}

Name Description Type
ID Host Export ID number. integer
CREATED Job creation date. string($date-time)

HTTP Status Codes

Code Description
200 Success

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-17T16:59:16.922Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Moving Hosts to a Different Network Based on Filters

Move hosts to a different network based on filters.

API Call: POST/client/{clientId}/host/network/move

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/network/move

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can move hosts to a different network based on filters are:

  • Group Manager
  • Manager

Python

Python Sample move_hostFilters Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filterRequest": {
        "filters": [
            {
                "field": "ipAddress",
                "exclusive": False,
                "operator": "EXACT",
                "value": "10.0.97.1"
            }
        ]
    },
    "targetNetworkId": 12345,   #  Update with proper network ID
    "isForceMerge": False
}


url = platform + "/api/v1/client/" + str(client_id) + "/host/network/move"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample move_hostFilters Snippet

Copy

curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/network/move"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>\"      }    ]  },  \"targetNetworkId\": <TARGETNETWORKID>,  \"isForceMerge\": <FORCEMERGE>}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string
TARGETNETWORKID Network ID to move hosts into. integer
FORCEMERGE Force merge hosts into network? boolean Options: True, False

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string($date-time)

HTTP Status Codes

Code Description
200 Success

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T17:33:45.811Z"
}
Code Description
400 User Error
401 Unauthorized
404 Not Found

Remediating Findings by Assessment

Remediate findings by assessment.

API Call: POST/client/{clientId}/host/update-remediation-by-assessment

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/update-remediation-by-assessment

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can remediate findings by assessment are:

  • Group Manager
  • Manager

Python

Python Sample host_remediationByAssessment Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filterRequest": {
        "filters": [
            {
                "field": "ipAddress",
                "exclusive": False,
                "operator": "EXACT",
                "value": "10.0.97.1"
            }
        ]
    }
}

url = platform + "/api/v1/client/" + str(client_id) + "/host/update-remediation-by-assessment"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token

cURL

cURL Sample host_remediationByAssessment Snippet

Copy

curl -X POST https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/update-remediation-by-assessment"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json"
  -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>\"      }    ]  }}"


Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your designated API key. Generating an API Token
FIELD Filter field. string
EXCLUSIVE Exclusive. boolean Options: True, False
OPERATOR Search operator. Depends on value.
VALUE Search value. string

Response Parameters

Sample Response

Copy

{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string

HTTP Status Codes

Code Description
200 Success

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-23T09:48:29.939Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found

Adding Notes to a Host

Add a note to a host.

API Call: POST/client/{clientId}/host/note

URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/note

URL Parameters

Name Description Additional Information
PLATFORM Platform number. If you are on platform 1, you do not need to put a number.
CLIENTID Client ID number. Finding Your Client ID

User Roles

The user roles that can add a note to a host are:

  • Group Manager
  • Manager
  • User

Python

Python Sample add_hostNote Snippet

Copy

import json
import requests

platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>

header = {
    "x-api-key": api_key,
    "content-type": "application/json"
}

body = {
    "filterRequest": {
        "filters": [
            {
                "field": "ipAddress",
                "exclusive": False,
                "operator": "EXACT",
                "value": "10.0.97.1"
            }
        ]
    },
    "note": "This is some note text."
}

url = platform + "/api/v1/client/" + str(client_id) + "/host/note"

response = requests.post(url, headers=header, data=json.dumps(body))

Make sure to replace the angle bracket parameters here with your own values.

Python Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token

cURL

cURL Sample add_hostNote Snippet

Copy
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/note"
  -H  "accept: application/json"
  -H  "x-api-key: <APIKEY>"
  -H  "Content-Type: application/json" -d "{  \"filterRequest\": {    \"filters\": [      {        \"field\": \"<FIELD>\",        \"exclusive\": <EXCLUSIVE>,        \"operator\": \"<OPERATOR>\",        \"value\": \"<VALUE>/"      }    ]  },  \"note\": \"<NOTE>\"}"

Make sure to replace the angle bracket parameters here with your own values.

cURL Parameters

Name Description Additional Information
PLATFORM Platform number.
CLIENTID Client ID number. Finding Your Client ID
APIKEY Your API key. Generating an API Token
FIELD Filter field.
EXCLUSIVE Exclusive. Options: True, False
OPERATOR Filter Operator.
VALUE Search value.
NOTE Note to add to host.

Response Parameters

Sample Response

Copy
{
  "id": <ID>,
  "created": "<CREATED>"
}

Name Description Additional Information
ID Job ID number. integer
Created Date/Time job created. string

HTTP Status Codes

Code Description
200 Success

200 Sample Response

Copy
{
  "id": 0,
  "created": "2019-09-17T10:47:52.725Z"
}
Code Description
400 Bad Request
401 Unauthorized
404 Not Found