Host
This documentation is currently outdated and in the process of being updated. This documentation is provided as a temporary reference to various API endpoints and output. This warning will be at the top of each outdated page. As the documentation is updated, this warning will be removed.
Creating a Host
Create a host for the designated client.
API Call: POST/client/{clientId}/host
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host
URL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
| CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user role that can create a host is:
- Manager
Python
Python Sample create_host Snippet
Copy
import json
import requests
platform = 'https://platform<PLATFORM>.risksense.com'
api_key = '<APIKEY>'
client_id = <CLIENTID>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"groupId": <GROUPID>,
"assessmentId": <ASSESSMENTID>,
"networkId": <NETWORKID>,
"ipAddress": "<IPADDRESS>",
"subnet": "<SUBNET>",
"hostName": "<HOSTNAME>",
"manufacturedBy": "<MANUFACTUREDBY>",
"model": "<MODEL>",
"macAddress": "<MACADDRESS>",
"location": "<LOCATION>",
"managedBy": "<MANAGEDBY>",
"ownedBy": "<OWNER>",
"supportedBy": "<SUPPORTER>",
"supportGroup": "<SUPPORTGROUP>",
"sysId": "<SYSID>",
"operatingSystem": "<OPERATINGSYSTEM>",
"lastScanDate": "<LASTSCANDATE>",
"ferpaComplianceAsset": "<FERPACOMPLIANCEASSET>",
"hipaaComplianceAsset": "<HIPAACOMPLIANCEASSET>",
"pciComplianceAsset": "<PCICOMPLIANCEASSET>",
"discoveredDate": "<DISCOVEREDDATE>",
"services": [
{
"portNumber": <PORTNUMBER>,
"name": "<PORTNAME>"
},
{
"portNumber": <PORTNUMBER>,
"name": "<PORTNAME>"
}
],
"criticality": <CRITICALITY>,
"operatingSystemScanner": {
"name": "<OSSCANNERNAME>",
"family": "<OSSCANNERFAMILY>",
"class": "<OSSCANNERCLASS>",
"vendor": "<OSSCANNERVENDOR>",
"product": "<OSSCANNERPRODUCT>",
"certainty": <OSSCANNERCERTAINTY>
}
}
url = platform + "/api/v1/client/" + str(client_id) + "/host"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
| GROUPID | Group ID number. | |
| ASSESSMENTID | Assessment ID number. | |
| NETWORKID | Network ID number. | |
| IPADDRESS | IP Address. | |
| SUBNET | Host's subnet. | |
| HOSTNAME | Host name. | |
| MANUFACTUREDBY | Host manufactured by. | |
| MODEL | Host model. | |
| MACADDRESS | Host MAC address. | Format: AA-00-04-00-XX-YY |
| LOCATION | Host location. | |
| MANAGEDBY | Host manager. | |
| OWNEDBY | Host owner. | |
| SUPPORTEDBY | Supported by. | |
| SUPPORTGROUP | Support group. | |
| SYSID | Host SYSID. | |
| OPERATINGSYSTEM | Host operating system. | |
| LASTSCANDATE | Host last scan date. | |
| FERPACOMPLIANCEASSET | FERPA compliance asset. | Options: Yes = True, No = False |
| HIPAACOMPLIANCEASSET | HIPAA compliance asset. | Options: Yes = True, No = False |
| PCICOMPLIANCEASSET | PCI compliance asset. | Options: Yes = True, No = False |
| DISCOVEREDDATE | Host discovered date. | |
| PORTNUMBER | Host port number. | |
| PORTNAME | Host port name. | |
| CRITICALITY | Host criticality. | |
| OSSCANNERNAME | Operating system scanner name. | |
| OSSCANNERFAMILY | Operating system scanner family. | |
| OSSCANNERCLASS | Operating system scanner class. | |
| OSSCANNERVENDOR | Operating system scanner vendor. | |
| OSSCANNERPRODUCT | Operating system scanner product. | |
| OSSCANNERCERTAINTY | Operating system scanner certainty. |
cURL
cURL Sample create_host Snippet
Copy
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json" -d "{ \"groupId\": <GROUPID>, \"assessmentId\": <ASSESSMENTID>, \"networkId\": <NETWORKID>, \"ipAddress\": \"<IPADDRESS>\", \"subnet\": \"<SUBNET>\", \"hostName\": \"<HOSTNAME>\", \"manufacturedBy\": \"<MANUFACTUREDBY>\", \"model\": \"<MODEL>\", \"macAddress\": \"<MACADDRESS>\", \"location\": \"<LOCATION>\", \"managedBy\": \"<MANAGEDBY>\", \"ownedBy\": \"<OWNER>\", \"supportedBy\": \"<SUPPORTER>\", \"supportGroup\": \"<SUPPORTGROUP>\", \"sysId\": \"<SYSID>\", \"operatingSystem\": \"<OPERATINGSYSTEM>\", \"lastScanDate\": \"<LASTSCANDATE>\", \"ferpaComplianceAsset\": \"<FERPACOMPLIANCEASSET>\", \"hipaaComplianceAsset\": \"<HIPAACOMPLIANCEASSET>\", \"pciComplianceAsset\": \"<PCICOMPLIANCEASSET>\", \"discoveredDate\": \"<DISCOVEREDDATE>\", \"services\": [ { \"portNumber\": <PORTNUMBER>, \"name\": \"<PORTNAME>\" }, { \"portNumber\": <PORTNUMBER>, \"name\": \"<PORTNAME>\" } ], \"criticality\": <CRITICALITY>, \"operatingSystemScanner\": { \"name\": \"<OSSCANNERNAME>\", \"family\": \"<OSSCANNERFAMILY>\", \"class\": \"<OSSCANNERCLASS>\", \"vendor\": \"<OSSCANNERVENDOR>\", \"product\": \"<OSSCANNERPRODUCT>\", \"certainty\": <OSSCANNERCERTAINTY> }}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
| GROUPID | Group ID number. | |
| ASSESSMENTID | Assessment ID number. | |
| NETWORKID | Network ID number. | |
| IPADDRESS | IP Address. | |
| SUBNET | Host's subnet. | |
| HOSTNAME | Host name. | |
| MANUFACTUREDBY | Host manufactured by. | |
| MODEL | Host model. | |
| MACADDRESS | Host MAC address. | Format: AA-00-04-00-XX-YY |
| LOCATION | Host location. | |
| MANAGEDBY | Host manager. | |
| OWNEDBY | Host owner. | |
| SUPPORTEDBY | Supported by. | |
| SUPPORTGROUP | Support group. | |
| SYSID | Host SYSID. | |
| OPERATINGSYSTEM | Host operating system. | |
| LASTSCANDATE | Host last scan date. | |
| FERPACOMPLIANCEASSET | FERPA compliance asset. | Options: Yes = True, No = False |
| HIPAACOMPLIANCEASSET | HIPAA compliance asset. | Options: Yes = True, No = False |
| PCICOMPLIANCEASSET | PCI compliance asset. | Options: Yes = True, No = False |
| DISCOVEREDDATE | Host discovered date. | |
| PORTNUMBER | Host port number. | |
| PORTNAME | Host port name. | |
| CRITICALITY | Host criticality. | |
| OSSCANNERNAME | Operating system scanner name. | |
| OSSCANNERFAMILY | Operating system scanner family. | |
| OSSCANNERCLASS | Operating system scanner class. | |
| OSSCANNERVENDOR | Operating system scanner vendor. | |
| OSSCANNERPRODUCT | Operating system scanner product. | |
| OSSCANNERCERTAINTY | Operating system scanner certainty. |
Response Parameters
Sample Response
Copy
{
"id": <ID>,
"created": "<CREATED>"
}
| Name | Description | Additional Information |
|---|---|---|
| ID | Host creation job ID | |
| CREATED | Time/Date job created. |
HTTP Status Codes
| Code | Description |
|---|---|
| 201 | Success |
200 Sample Response
Copy
{
"id": 0,
"created": "2019-09-11T22:21:52.539Z"
}
| Code | Description |
|---|---|
| 400 | Bad Request |
| 401 | Unauthorized |
| 409 | Conflict |
Listing Host Projections and Their Models
List host projections and their models that can be requested from the search endpoint.
API Call: GET/client/{clientId}/host/model
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/model
URL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
| CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can list host projections and their models are:
- Manager
- Group Manager
- User
Python
Python Sample host_projections Snippet
Copy
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
url = platform + "/api/v1/client/" + str(client_id) + "/host/model"
response = requests.get(url, headers=header)
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample host_projections Snippet
Copy
curl -X GET "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/model"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
Response Parameters
Sample Response
Copy
{
"subject": "host",
"projections": [
{
"name": "basic",
"fields": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "clientId",
"type": "int",
"nested": []
},
{
"field": "groupIds",
"type": "int[]",
"nested": []
},
{
"field": "rs3",
"type": "Object",
"nested": []
},
{
"field": "criticality",
"type": "int",
"nested": []
},
{
"field": "tagIds",
"type": "int[]",
"nested": []
},
{
"field": "networkId",
"type": "int",
"nested": []
},
{
"field": "findingsDistribution",
"type": "FindingsDistribution",
"nested": [
{
"field": "total",
"type": "EmbeddedSeverityGroup",
"nested": [
{
"field": "value",
"type": "int",
"nested": []
},
{
"field": "subject",
"type": "string",
"nested": []
},
{
"field": "filter",
"type": "string",
"nested": []
}
]
},
{
"field": "critical",
"type": "EmbeddedSeverityGroup",
"nested": [
{
"field": "value",
"type": "int",
"nested": []
},
{
"field": "subject",
"type": "string",
"nested": []
},
{
"field": "filter",
"type": "string",
"nested": []
}
]
},
{
"field": "high",
"type": "EmbeddedSeverityGroup",
"nested": [
{
"field": "value",
"type": "int",
"nested": []
},
{
"field": "subject",
"type": "string",
"nested": []
},
{
"field": "filter",
"type": "string",
"nested": []
}
]
},
{
"field": "medium",
"type": "EmbeddedSeverityGroup",
"nested": [
{
"field": "value",
"type": "int",
"nested": []
},
{
"field": "subject",
"type": "string",
"nested": []
},
{
"field": "filter",
"type": "string",
"nested": []
}
]
},
{
"field": "low",
"type": "EmbeddedSeverityGroup",
"nested": [
{
"field": "value",
"type": "int",
"nested": []
},
{
"field": "subject",
"type": "string",
"nested": []
},
{
"field": "filter",
"type": "string",
"nested": []
}
]
},
{
"field": "info",
"type": "EmbeddedSeverityGroup",
"nested": [
{
"field": "value",
"type": "int",
"nested": []
},
{
"field": "subject",
"type": "string",
"nested": []
},
{
"field": "filter",
"type": "string",
"nested": []
}
]
}
]
},
{
"field": "discoveredOn",
"type": "string",
"nested": []
},
{
"field": "lastFoundOn",
"type": "string",
"nested": []
},
{
"field": "lastScanTime",
"type": "string",
"nested": []
},
{
"field": "hostName",
"type": "string",
"nested": []
},
{
"field": "ipAddress",
"type": "string",
"nested": []
},
{
"field": "portIds",
"type": "int[]",
"nested": []
},
{
"field": "operatingSystemScanner",
"type": "OperatingSystem",
"nested": [
{
"field": "name",
"type": "string",
"nested": []
},
{
"field": "family",
"type": "string",
"nested": []
},
{
"field": "class",
"type": "string",
"nested": []
},
{
"field": "vendor",
"type": "string",
"nested": []
}
]
},
{
"field": "external",
"type": "boolean",
"nested": []
},
{
"field": "configurationManagementDB",
"type": "CmdbFieldDetailView",
"nested": []
}
]
},
{
"name": "detail",
"fields": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "clientId",
"type": "int",
"nested": []
},
{
"field": "group",
"type": "EmbeddedGroup",
"nested": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "name",
"type": "string",
"nested": []
}
]
},
{
"field": "rs3",
"type": "Object",
"nested": []
},
{
"field": "criticality",
"type": "int",
"nested": []
},
{
"field": "tagIds",
"type": "int[]",
"nested": []
},
{
"field": "tags",
"type": "EmbeddedTag[]",
"nested": []
},
{
"field": "network",
"type": "EmbeddedNetwork",
"nested": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "name",
"type": "string",
"nested": []
},
{
"field": "type",
"type": "string",
"nested": []
}
]
},
{
"field": "findingsDistribution",
"type": "FindingsDistribution",
"nested": [
{
"field": "total",
"type": "EmbeddedSeverityGroup",
"nested": [
{
"field": "value",
"type": "int",
"nested": []
},
{
"field": "subject",
"type": "string",
"nested": []
},
{
"field": "filter",
"type": "string",
"nested": []
}
]
},
{
"field": "critical",
"type": "EmbeddedSeverityGroup",
"nested": [
{
"field": "value",
"type": "int",
"nested": []
},
{
"field": "subject",
"type": "string",
"nested": []
},
{
"field": "filter",
"type": "string",
"nested": []
}
]
},
{
"field": "high",
"type": "EmbeddedSeverityGroup",
"nested": [
{
"field": "value",
"type": "int",
"nested": []
},
{
"field": "subject",
"type": "string",
"nested": []
},
{
"field": "filter",
"type": "string",
"nested": []
}
]
},
{
"field": "medium",
"type": "EmbeddedSeverityGroup",
"nested": [
{
"field": "value",
"type": "int",
"nested": []
},
{
"field": "subject",
"type": "string",
"nested": []
},
{
"field": "filter",
"type": "string",
"nested": []
}
]
},
{
"field": "low",
"type": "EmbeddedSeverityGroup",
"nested": [
{
"field": "value",
"type": "int",
"nested": []
},
{
"field": "subject",
"type": "string",
"nested": []
},
{
"field": "filter",
"type": "string",
"nested": []
}
]
},
{
"field": "info",
"type": "EmbeddedSeverityGroup",
"nested": [
{
"field": "value",
"type": "int",
"nested": []
},
{
"field": "subject",
"type": "string",
"nested": []
},
{
"field": "filter",
"type": "string",
"nested": []
}
]
}
]
},
{
"field": "discoveredOn",
"type": "string",
"nested": []
},
{
"field": "lastFoundOn",
"type": "string",
"nested": []
},
{
"field": "lastScanTime",
"type": "string",
"nested": []
},
{
"field": "hostName",
"type": "string",
"nested": []
},
{
"field": "ipAddress",
"type": "string",
"nested": []
},
{
"field": "ports",
"type": "HostPort",
"nested": [
{
"field": "id",
"type": "int",
"nested": []
},
{
"field": "number",
"type": "int",
"nested": []
}
]
},
{
"field": "operatingSystemScanner",
"type": "OperatingSystem",
"nested": [
{
"field": "name",
"type": "string",
"nested": []
},
{
"field": "family",
"type": "string",
"nested": []
},
{
"field": "class",
"type": "string",
"nested": []
},
{
"field": "vendor",
"type": "string",
"nested": []
}
]
},
{
"field": "external",
"type": "boolean",
"nested": []
},
{
"field": "configurationManagementDB",
"type": "CmdbFieldDetailView",
"nested": []
},
{
"field": "services",
"type": "String[]",
"nested": []
},
{
"field": "notes",
"type": "EmbeddedNote[]",
"nested": []
},
{
"field": "sources",
"type": "ScannerDetail[]",
"nested": []
},
{
"field": "tickets",
"type": "EmbeddedTicket[]",
"nested": []
},
{
"field": "lastVulnTrendingOn",
"type": "string",
"nested": []
},
{
"field": "lastThreatTrendingOn",
"type": "string",
"nested": []
},
{
"field": "trending",
"type": "boolean",
"nested": []
},
{
"field": "oldestOpenFindingWithThreatDiscoveredOn",
"type": "string",
"nested": []
}
]
}
]
}
HTTP Status Codes
| Code | Description |
|---|---|
| 200 | OK |
200 Sample Response
Copy
{
"projections": [
{
"name": "basic",
"fields": [
{
"field": "id",
"type": "integer"
},
{
"field": "name",
"type": "string"
}
]
}
]
}
| Code | Description |
|---|---|
| 401 | Unauthorized |
| 404 | Not Found |
Listing Filterable Host Fields
Displays the filterable host fields that can be used by the search endpoint.
API Call: GET/client/{clientId}/host/filter
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/filter
URL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
| CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can list filterable host fields are:
- Manager
- Group Manager
- User
Python
Python Sample list_hostfields Snippet
Copy
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
url = platform + "/api/v1/client/" + str(client_id) + "/host/filter"
response = requests.get(url, headers=header)
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample list_hostfields Snippet
Copy
curl -X GET "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/filter"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
Response Parameters
Sample Response
Copy
[
{
"name": "Assessment",
"legacyUid": "assessment_labels",
"uid": "assessment_labels",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts by assessment(s)."
},
{
"name": "Assigned To",
"legacyUid": "assignments",
"uid": "assignments",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts with vulnerabilities by user assigned to remediate."
},
{
"name": "CMDB Asset Criticality",
"legacyUid": "cmdb_asset_criticality",
"uid": "cmdb_asset_criticality",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Asset Criticality field from CMDB"
},
{
"name": "CMDB Asset Tag",
"legacyUid": "cmdb_asset_tag",
"uid": "cmdb_asset_tag",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Asset Tag field from CMDB"
},
{
"name": "CMDB Custom Field 1",
"legacyUid": "cmdb_custom_field_1",
"uid": "cmdb_custom_field_1",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Custom Field 1 field from CMDB"
},
{
"name": "CMDB Custom Field 10",
"legacyUid": "cmdb_custom_field_10",
"uid": "cmdb_custom_field_10",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Custom Field 10 field from CMDB"
},
{
"name": "CMDB Custom Field 2",
"legacyUid": "cmdb_custom_field_2",
"uid": "cmdb_custom_field_2",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Custom Field 2 field from CMDB"
},
{
"name": "CMDB Custom Field 3",
"legacyUid": "cmdb_custom_field_3",
"uid": "cmdb_custom_field_3",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Custom Field 3 field from CMDB"
},
{
"name": "CMDB Custom Field 4",
"legacyUid": "cmdb_custom_field_4",
"uid": "cmdb_custom_field_4",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Custom Field 4 field from CMDB"
},
{
"name": "CMDB Custom Field 5",
"legacyUid": "cmdb_custom_field_5",
"uid": "cmdb_custom_field_5",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Custom Field 5 field from CMDB"
},
{
"name": "CMDB Custom Field 6",
"legacyUid": "cmdb_custom_field_6",
"uid": "cmdb_custom_field_6",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Custom Field 6 field from CMDB"
},
{
"name": "CMDB Custom Field 7",
"legacyUid": "cmdb_custom_field_7",
"uid": "cmdb_custom_field_7",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Custom Field 7 field from CMDB"
},
{
"name": "CMDB Custom Field 8",
"legacyUid": "cmdb_custom_field_8",
"uid": "cmdb_custom_field_8",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Custom Field 8 field from CMDB"
},
{
"name": "CMDB Custom Field 9",
"legacyUid": "cmdb_custom_field_9",
"uid": "cmdb_custom_field_9",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Custom Field 9 field from CMDB"
},
{
"name": "CMDB Ferpa Compliance Asset",
"legacyUid": "cmdb_ferpa_compliance_asset",
"uid": "cmdb_ferpa_compliance_asset",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Ferpa Compliance Asset field from CMDB"
},
{
"name": "CMDB Hipaa Compliance Asset",
"legacyUid": "cmdb_hipaa_compliance_asset",
"uid": "cmdb_hipaa_compliance_asset",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Hipaa Compliance Asset field from CMDB"
},
{
"name": "CMDB Last Scan Date",
"legacyUid": "cmdb_last_scan_date",
"uid": "cmdb_last_scan_date",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Last Scan Date field from CMDB"
},
{
"name": "CMDB Location",
"legacyUid": "cmdb_location",
"uid": "cmdb_location",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Location field from CMDB"
},
{
"name": "CMDB Managed By",
"legacyUid": "cmdb_managed_by",
"uid": "cmdb_managed_by",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Managed By field from CMDB"
},
{
"name": "CMDB Manufactured By",
"legacyUid": "cmdb_manufactured_by",
"uid": "cmdb_manufactured_by",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Manufactured By field from CMDB"
},
{
"name": "CMDB Model",
"legacyUid": "cmdb_model",
"uid": "cmdb_model",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Model field from CMDB"
},
{
"name": "CMDB Operating System",
"legacyUid": "cmdb_operating_system",
"uid": "cmdb_operating_system",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Operating System field from CMDB"
},
{
"name": "CMDB Owned By",
"legacyUid": "cmdb_owned_by",
"uid": "cmdb_owned_by",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Owned By field from CMDB"
},
{
"name": "CMDB Pci Compliance Asset",
"legacyUid": "cmdb_pci_compliance_asset",
"uid": "cmdb_pci_compliance_asset",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Pci Compliance Asset field from CMDB"
},
{
"name": "CMDB Support Group",
"legacyUid": "cmdb_support_group",
"uid": "cmdb_support_group",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Support Group field from CMDB"
},
{
"name": "CMDB Supported By",
"legacyUid": "cmdb_supported_by",
"uid": "cmdb_supported_by",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Supported By field from CMDB"
},
{
"name": "CMDB Sync Status",
"legacyUid": "cmdb_sync_status",
"uid": "cmdb_sync_status",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts by cmdb Sync status."
},
{
"name": "CMDB Unique ID",
"legacyUid": "cmdb_unique_id",
"uid": "cmdb_unique_id",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Unique ID field from CMDB"
},
{
"name": "CVE",
"legacyUid": "cves",
"uid": "cves",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts with vulnerabilities by associated CVE(s)."
},
{
"name": "Critical Count",
"legacyUid": "critical_count",
"uid": "findingsDistribution.critical",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "string",
"description": "Filters hosts by the count of critical host findings."
},
{
"name": "Criticality",
"legacyUid": "criticality",
"uid": "criticality",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters by criticality"
},
{
"name": "Criticality State",
"legacyUid": "criticality_state",
"uid": "criticality_state",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters by criticality state"
},
{
"name": "Discovered On",
"legacyUid": "discovered_on",
"uid": "discovered_on",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD",
"RANGE"
],
"type": "date",
"description": "Filters hosts by the asset's discovered date."
},
{
"name": "Easily Exploitable",
"legacyUid": "easily_exploitable",
"uid": "easily_exploitable",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters assets with vulnerabilities with exploits, malware or default credentials."
},
{
"name": "Exploit",
"legacyUid": "exploits",
"uid": "exploits",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts with vulnerabilities by exploit name(s)."
},
{
"name": "Exploit Category",
"legacyUid": "exploit_categories",
"uid": "exploit_categories",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts with vulnerabilities by exploit category."
},
{
"name": "Group",
"legacyUid": "group_name",
"uid": "groupName",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts that are within selected groups."
},
{
"name": "Group ID",
"legacyUid": "groups_id",
"uid": "groupIds",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts within selected group IDs."
},
{
"name": "Has Default Credentials",
"legacyUid": "has_default_credentials",
"uid": "has_default_credentials",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters hosts by CVEs associated with using default credentials."
},
{
"name": "Has Note",
"legacyUid": "has_note",
"uid": "has_note",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters hosts that have an associated note."
},
{
"name": "Has Threat",
"legacyUid": "has_threat",
"uid": "has_threat",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters hosts that have a known threat in the wild."
},
{
"name": "Has Ticket",
"legacyUid": "HAS_CONNECTOR_TICKET",
"uid": "HAS_CONNECTOR_TICKET",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Does the tag have a ticket"
},
{
"name": "Has Vulnerabilities",
"legacyUid": "has_vulnerabilities",
"uid": "has_vulnerabilities",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters hosts with vulnerabilities."
},
{
"name": "High Count",
"legacyUid": "high_count",
"uid": "findingsDistribution.high",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "string",
"description": "Filters hosts by the count of high host findings."
},
{
"name": "High Risk Critical Asset",
"legacyUid": "high_threat",
"uid": "high_threat",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters assets with high threat vulnerabilities and a high asset business criticality score."
},
{
"name": "Host Name",
"legacyUid": "hostname",
"uid": "hostName",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts by their host's by hostname."
},
{
"name": "Hostname Not Detected",
"legacyUid": "hostname_not_detected",
"uid": "hostname_not_detected",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters hosts with no hostname detected by a scanner."
},
{
"name": "IP Address",
"legacyUid": "address",
"uid": "ipAddress",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD",
"CIDR"
],
"type": "string",
"description": "Filters hosts by their host's IP address."
},
{
"name": "IP Address Type",
"legacyUid": "ip_address_type",
"uid": "ip_address_type",
"operators": [
"EXACT"
],
"type": "string",
"description": "Filters hosts by the range their IP address falls in."
},
{
"name": "Id",
"legacyUid": "id",
"uid": "id",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": ""
},
{
"name": "Info Count",
"legacyUid": "info_count",
"uid": "findingsDistribution.info",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "string",
"description": "Filters hosts by the count of info host findings."
},
{
"name": "Last Found On",
"legacyUid": "last_found_on",
"uid": "last_found_on",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD",
"RANGE"
],
"type": "date",
"description": "Filters hosts by the asset's last found date."
},
{
"name": "Low Count",
"legacyUid": "low_count",
"uid": "findingsDistribution.low",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "string",
"description": "Filters hosts by the count of low host findings."
},
{
"name": "Malware",
"legacyUid": "malware",
"uid": "malware",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts with vulnerabilities by associated malware."
},
{
"name": "Medium Count",
"legacyUid": "medium_count",
"uid": "findingsDistribution.medium",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "string",
"description": "Filters hosts by the count of medium host findings."
},
{
"name": "Metric Exclude",
"legacyUid": "metric_exclude",
"uid": "metric_exclude",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters by metric exclude."
},
{
"name": "Metric Exclude Reason",
"legacyUid": "metric_exclude_reason",
"uid": "metric_exclude_reason",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters by metric exclude reason."
},
{
"name": "Netbios",
"legacyUid": "netbios",
"uid": "netbios",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filter by host netbios"
},
{
"name": "Network",
"legacyUid": "network_partition_name",
"uid": "network.name",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts by the name of the network partition they belong to."
},
{
"name": "Network Type",
"legacyUid": "network_partition_type",
"uid": "network_partition_type",
"operators": [
"EXACT",
"IN"
],
"type": "string",
"description": "Filters hosts by the type of network partition they belong to."
},
{
"name": "Newly Created Host",
"legacyUid": "newly_created_host",
"uid": "newly_created_host",
"operators": [
"EXACT"
],
"type": "boolean",
"description": "Filters hosts that have been created in the last 30 days."
},
{
"name": "OS Class",
"legacyUid": "os_class",
"uid": "operatingSystem.class",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters by operating system class."
},
{
"name": "OS Family",
"legacyUid": "os_family",
"uid": "operatingSystem.family",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters by operating system family (such as 'Linux' or 'Windows')."
},
{
"name": "OS Vendor",
"legacyUid": "os_vendor",
"uid": "operatingSystem.vendor",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters by vendor of operating system (such as 'Microsoft' or 'Cisco')."
},
{
"name": "Oldest Open Finding with Threat Discovered On",
"legacyUid": "oldestOpenFindingWithThreatDiscoveredOn",
"uid": "oldestOpenFindingWithThreatDiscoveredOn",
"operators": [
"EXACT",
"IN",
"RANGE",
"GREATER",
"LESSER"
],
"type": "string",
"description": "Filters by the oldest open finding (with threat) date on a particular host."
},
{
"name": "Operating System",
"legacyUid": "os_name",
"uid": "operatingSystem.name",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts by name of host's operating system."
},
{
"name": "Owner",
"legacyUid": "owner",
"uid": "owner",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filter by asset Owner"
},
{
"name": "Patch ID",
"legacyUid": "source_patch_ids",
"uid": "source_patch_ids",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters by Patch ID"
},
{
"name": "Port",
"legacyUid": "port_numbers",
"uid": "port_numbers",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "int",
"description": "Filters hosts by associated ports."
},
{
"name": "RS3",
"legacyUid": "rs3",
"uid": "rs3",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "int",
"description": "Filters by rs3."
},
{
"name": "Reported Scan Time",
"legacyUid": "reported_scan_time",
"uid": "lastScanTime",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "date",
"description": "Filter by asset's last reported scan time."
},
{
"name": "Scanner Name",
"legacyUid": "scanner_names",
"uid": "scanner_names",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts by scanner name(s)."
},
{
"name": "Scanner UUID",
"legacyUid": "source",
"uid": "source",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts by scanner uuid(s)."
},
{
"name": "Service",
"legacyUid": "service_names",
"uid": "service_names",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts by name of vulnerable service(s)."
},
{
"name": "Tag",
"legacyUid": "tags",
"uid": "tags",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts by tags."
},
{
"name": "Tag Connector ID",
"legacyUid": "TAG_CONNECTOR_ID",
"uid": "TAG_CONNECTOR_ID",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Tag Connector ID"
},
{
"name": "Tag Connector Name",
"legacyUid": "TAG_CONNECTOR_NAME",
"uid": "TAG_CONNECTOR_NAME",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Name of the Connector associated with the tag"
},
{
"name": "Threat",
"legacyUid": "threats",
"uid": "threats",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts by the name of the threat."
},
{
"name": "Threat Category",
"legacyUid": "threat_categories",
"uid": "threat_categories",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Filters hosts by the threat category."
},
{
"name": "Ticket ID",
"legacyUid": "TICKET_ID",
"uid": "TICKET_ID",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "Ticket ID"
},
{
"name": "Ticket Status",
"legacyUid": "TICKET_STATUS",
"uid": "TICKET_STATUS",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD"
],
"type": "string",
"description": "status of ticket"
},
{
"name": "Total Count",
"legacyUid": "total_count",
"uid": "findingsDistribution.total",
"operators": [
"EXACT",
"IN",
"RANGE"
],
"type": "string",
"description": "Filters hosts by the count of total host findings."
},
{
"name": "Trending Threats",
"legacyUid": "threatLastTrendingOn",
"uid": "threatLastTrendingOn",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD",
"RANGE",
"GREATER",
"LESSER"
],
"type": "string",
"description": "Filters by Threat Trending date."
},
{
"name": "Trending Vulnerabilities",
"legacyUid": "vulnLastTrendingOn",
"uid": "vulnLastTrendingOn",
"operators": [
"EXACT",
"IN",
"LIKE",
"WILDCARD",
"RANGE",
"GREATER",
"LESSER"
],
"type": "string",
"description": "Filters by Vulnerability Trending date."
}
]
HTTP Status Codes
| Code | Description |
|---|---|
| 200 | OK |
200 Sample Response
Copy
[
{
"name": "id",
"uid": "id",
"operator": [
"EXACT",
"IN"
],
"type": "integer",
"description": "The id"
}
]
| Code | Description |
|---|---|
| 401 | Unauthorized |
| 404 | Not Found |
Suggesting Filter Values for Host Filtering
Displays suggested filter values when filtering hosts.
API Call: POST/client/{clientId}/host/suggest
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/suggest
URL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
| CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can view suggested filter values for hosts are:
- Manager
- Group Manager
- User
Python
Python Sample filter_hostvalues Snippet
Copy
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filters": [
{
"field": "id",
"exclusive": True,
"operator": "IN",
"value": "1,2,3,4"
}
],
"filter": {
"field": "id",
"exclusive": False,
"operator": "IN",
"value": ""
}
}
url = platform + "/api/v1/client/" + str(client_id) + "/host/suggest"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample filter_hostvalues Snippet
Copy
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/suggest"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ], \"filter\": { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" }}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
| FIELD | Filter field. | string
|
| EXCLUSIVE | Exclusive. | boolean Options: True, False |
| OPERATOR | Search operator. | Depends on value. |
| VALUE | Search value. | string
|
Response Parameters
Sample Response
Copy
[
{
"key": "<KEY>",
"count": <COUNT>
}
]
| Name | Description | Additional Information |
|---|---|---|
| KEY | Value for the field the suggestion was requested for. | string
|
| COUNT | Count. | integer($int64)
|
HTTP Status Codes
| Code | Description |
|---|---|
| 200 | OK |
200 Sample Response
Copy
[
{
"key": "string",
"count": 0
}
]
| Code | Description |
|---|---|
| 400 | Bad Request |
| 401 | Unauthorized |
| 404 | Not Found |
Searching for a Host
Search for a host within the designated client.
API Call: POST/client/{clientId}/host/search
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/search
URL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
| CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can search for a host are:
- Manager
- Group Manager
- User
Python
Python Sample search_host Snippet
Copy
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filters": [
{
"field": "id",
"exclusive": False,
"operator": "IN",
"value": "1,2,3,4"
}
],
"projection": "basic",
"sort": [
{
"field": "id",
"direction": "ASC"
}
],
"page": 0,
"size": 20
}
url = platform + "/api/v1/client/" + str(client_id) + "/host/search"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample search_host Snippet
Copy
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/search"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"projection\": \"<PROJECTION>\", \"sort\": [ { \"field\": \"<SORTFIELD>\", \"direction\": \"<SORTDIRECTION>\" } ], \"page\": <PAGENUMBER>, \"size\": <PAGESIZE>}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
| PROJECTION | Projection type. | Options: basic, detailed |
| SORTFIELD | Field to sort. | |
| SORTDIRECTION | Sort direction. | Options: ASC, DESC |
| PAGENUMBER | Page number to view. | |
| PAGESIZE | Number of entries per page. |
Response Parameters
Sample Response
Copy
{
"errors": [],
"page": {
"size": <PAGESIZE>,
"totalElements": <TOTALELEMENTS>,
"totalPages": <TOTALPAGES>,
"number": <PAGENUMBER>
},
"_links": {
"self": {
"href": "http://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/search?page=<PAGENUMBER>&size=<PAGESIZE>&sort=<SORT>,<SORTDIRECTION>"
}
}
}
| Name | Description | Additional Information |
|---|---|---|
| PAGESIZE | Page size requested. | Shows how many items to display on the page. |
| TOTALELEMENTS | Total elements on pages. | |
| TOTALPAGES | Total amount of pages. | |
| PAGENUMBER | Page to view. | Note that 0 is the first page. |
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | |
| SORT | Field to sort by. | |
| SORTDIRECTION | Direction to sort. | Options: ASC, DESC |
HTTP Status Codes
| Code | Description |
|---|---|
| 200 | OK |
200 Sample Response
Copy
{
"_embedded": {
"strings": [
{}
]
},
"page": {
"size": 0,
"totalElements": 0,
"totalPages": 0,
"number": 0
},
"errors": [
{
"id": "string",
"errorRefId": "string",
"code": 0,
"cause": "string"
}
]
}
| Code | Description |
|---|---|
| 400 | Bad Request |
| 401 | Unauthorized |
| 404 | Not Found |
Updating a Host
Update a host.
API Call: POST/client/{clientId}/host/update
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/update
URL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
| CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user role that can update a host is:
- Manager
Python
Python Sample host_update Snippet
Copy
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filterRequest": {
"filters": [
{
"field": "ipAddress",
"exclusive": False,
"operator": "EXACT",
"value": "10.0.97.1"
}
]
},
"criticality": 2,
"manufacturedBy": "Example Manufacturer",
"hipaaComplianceAsset": True
}
url = platform + "/api/v1/client/" + str(client_id) + "/host/update"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample host_update Snippet
Copy
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/update"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ] }, \"criticality\": <CRITICALITY>, \"editCmdb\": { \"os\": \"<OS>\", \"manufacturer\": \"<MANUFACTURER>\"}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
| FIELD | Filter field. | string
|
| EXCLUSIVE | Exclusive. | boolean Options: True, False |
| OPERATOR | Search operator. | Depends on value. |
| VALUE | Search value. | string
|
| CRITICALITY | Host criticality. | integer
|
| OS | Operating system. | |
| MANUFACTURER | Operating system manufacturer. |
Response Parameters
Sample Response
Copy
{
"id": <ID>,
"created": "<CREATED>"
}
| Name | Description | Additional Information |
|---|---|---|
| ID | Job ID number. | integer
|
| Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
| Code | Description |
|---|---|
| 200 | Success |
200 Sample Response
Copy
{
"id": 0,
"created": "2019-09-23T17:56:51.384Z"
}
| Code | Description |
|---|---|
| 400 | Bad Request |
| 401 | Unauthorized |
| 404 | Not Found |
Adding or Removing a Tag from a Host
Add or remove a tag from a host.
API Call: POST/client/{clientId}/host/tag
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/tag
URL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
| CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can add or remove a tag from a host are:
- Group Manager
- Manager
- User
Python
Python Sample tag_host Snippet
Copy
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"tagId": 1234,
"isRemove": False, # Change to True to remove a tag
"filterRequest": {
"filters": [
{
"field": "ipAddress",
"exclusive": False,
"operator": "EXACT",
"value": "10.0.97.1"
}
]
}
}
url = platform + "/api/v1/client/" + str(client_id) + "/host/tag"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample tag_host Snippet
Copy
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/tag"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"tagId\":<TAGID>, \"isRemove\": <ISREMOVE>, \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": <VALUE> } ] }}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your designated API key. | Generating an API Token |
| TAGID | Tag ID number. | integer
|
| ISREMOVE | Remove tag? | Options: True = Yes, False = No |
| FIELD | Filter field. | string
|
| EXCLUSIVE | Exclusive. | boolean Options: True, False |
| OPERATOR | Search operator. | Depends on value. |
| VALUE | Search value. | string
|
Response Parameters
Sample Response
Copy
{
"id": <ID>,
"created": "<CREATED>"
}
| Name | Description | Additional Information |
|---|---|---|
| ID | Job ID number. | integer
|
| Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
| Code | Description |
|---|---|
| 200 | Job Created |
200 Sample Response
Copy
{
"id": 0,
"created": "2019-09-23T17:54:19.121Z"
}
| Code | Description |
|---|---|
| 400 | Bad Request |
| 401 | Unauthorized |
| 404 | Not Found |
Deleting Entities Based on Filters
Delete entities based on filters.
API Call: POST/client/{clientId}/host/delete
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/delete
URL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
| CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can delete entities based on filters are:
- Group Manager
- Manager
Python
Python Sample delete_hostByFilter Snippet
Copy
import json
import requests
platform = 'http://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filterRequest": {
"filters": [
{
"field": "ipAddress",
"exclusive": False,
"operator": "EXACT",
"value": "10.0.97.1"
}
]
}
}
url = platform + "/api/v1/client/" + str(client_id) + "/host/delete"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample delete_hostByFilter Snippet
Copy
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/delete"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ] }}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your designated API key. | Generating an API Token |
| FIELD | Filter field. | string
|
| EXCLUSIVE | Exclusive. | boolean Options: True, False |
| OPERATOR | Search operator. | Depends on value. |
| VALUE | Search value. | string
|
Response Parameters
Sample Response
Copy
{
"id": <ID>,
"created": "<CREATED>"
}
| Name | Description | Additional Information |
|---|---|---|
| ID | Job ID number. | integer
|
| Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
| Code | Description |
|---|---|
| 200 | Job Created |
200 Sample Response
Copy
{
"id": 0,
"created": "2019-09-23T17:45:18.407Z"
}
| Code | Description |
|---|---|
| 400 | User Error |
| 401 | Unauthorized |
| 404 | Not Found |
Initiating Host Export Job
Initiate host export job.
API Call: POST/client/{clientId}/host/export
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/export
URL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
| CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can initiate a host export job are:
- Group Manager
- Manager
- User
Python
Python Sample host_export Snippet
Copy
import json
import requests
platform = 'httsp://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filterRequest": {
"filters": [
{
"field": "ipAddress",
"exclusive": False,
"operator": "LIKE",
"value": "10.0"
}
]
},
"fileType": "XML",
"comment": "This is a comment",
"fileName": "filename.xml"
}
url = platform + "/api/v1/client/" + str(client_id) + "/host/export"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample host_export Snippet
Copy
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/export"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json" -d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ] }, \"fileType\": \"<FILETYPE>\", \"comment\": \"<COMMENT>\", \"fileName\": \"<FILENAME>\"}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your designated API key. | Generating an API Token |
| FIELD | Filter field. | string
|
| EXCLUSIVE | Exclusive. | boolean Options: True, False |
| OPERATOR | Search operator. | Depends on value. |
| VALUE | Search value. | string
|
| FILETYPE | Export file type. | Options: XML, XLSX, CSV |
| COMMENT | Exported file description. | string
|
| FILENAME | Exported file's name. | string
|
Response Parameters
Sample Response
Copy
{
"id": 0,
"created": "2019-09-17T16:59:16.922Z"
}
| Name | Description | Type |
|---|---|---|
| ID | Host Export ID number. | integer
|
| CREATED | Job creation date. | string($date-time)
|
HTTP Status Codes
| Code | Description |
|---|---|
| 200 | Success |
200 Sample Response
Copy
{
"id": 0,
"created": "2019-09-17T16:59:16.922Z"
}
| Code | Description |
|---|---|
| 400 | Bad Request |
| 401 | Unauthorized |
| 404 | Not Found |
Moving Hosts to a Different Network Based on Filters
Move hosts to a different network based on filters.
API Call: POST/client/{clientId}/host/network/move
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/network/move
URL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
| CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can move hosts to a different network based on filters are:
- Group Manager
- Manager
Python
Python Sample move_hostFilters Snippet
Copy
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filterRequest": {
"filters": [
{
"field": "ipAddress",
"exclusive": False,
"operator": "EXACT",
"value": "10.0.97.1"
}
]
},
"targetNetworkId": 12345, # Update with proper network ID
"isForceMerge": False
}
url = platform + "/api/v1/client/" + str(client_id) + "/host/network/move"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample move_hostFilters Snippet
Copy
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/network/move"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ] }, \"targetNetworkId\": <TARGETNETWORKID>, \"isForceMerge\": <FORCEMERGE>}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your designated API key. | Generating an API Token |
| FIELD | Filter field. | string
|
| EXCLUSIVE | Exclusive. | boolean Options: True, False |
| OPERATOR | Search operator. | Depends on value. |
| VALUE | Search value. | string
|
| TARGETNETWORKID | Network ID to move hosts into. | integer
|
| FORCEMERGE | Force merge hosts into network? | boolean Options: True, False |
Response Parameters
Sample Response
Copy
{
"id": <ID>,
"created": "<CREATED>"
}
| Name | Description | Additional Information |
|---|---|---|
| ID | Job ID number. | integer
|
| Created | Date/Time job created. | string($date-time)
|
HTTP Status Codes
| Code | Description |
|---|---|
| 200 | Success |
200 Sample Response
Copy
{
"id": 0,
"created": "2019-09-23T17:33:45.811Z"
}
| Code | Description |
|---|---|
| 400 | User Error |
| 401 | Unauthorized |
| 404 | Not Found |
Remediating Findings by Assessment
Remediate findings by assessment.
API Call: POST/client/{clientId}/host/update-remediation-by-assessment
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/update-remediation-by-assessment
URL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
| CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can remediate findings by assessment are:
- Group Manager
- Manager
Python
Python Sample host_remediationByAssessment Snippet
Copy
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filterRequest": {
"filters": [
{
"field": "ipAddress",
"exclusive": False,
"operator": "EXACT",
"value": "10.0.97.1"
}
]
}
}
url = platform + "/api/v1/client/" + str(client_id) + "/host/update-remediation-by-assessment"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your designated API key. | Generating an API Token |
cURL
cURL Sample host_remediationByAssessment Snippet
Copy
curl -X POST https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/update-remediation-by-assessment"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json"
-d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>\" } ] }}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your designated API key. | Generating an API Token |
| FIELD | Filter field. | string
|
| EXCLUSIVE | Exclusive. | boolean Options: True, False |
| OPERATOR | Search operator. | Depends on value. |
| VALUE | Search value. | string
|
Response Parameters
Sample Response
Copy
{
"id": <ID>,
"created": "<CREATED>"
}
| Name | Description | Additional Information |
|---|---|---|
| ID | Job ID number. | integer
|
| Created | Date/Time job created. | string
|
HTTP Status Codes
| Code | Description |
|---|---|
| 200 | Success |
200 Sample Response
Copy
{
"id": 0,
"created": "2019-09-23T09:48:29.939Z"
}
| Code | Description |
|---|---|
| 400 | Bad Request |
| 401 | Unauthorized |
| 404 | Not Found |
Adding Notes to a Host
Add a note to a host.
API Call: POST/client/{clientId}/host/note
URL: https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/note
URL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | If you are on platform 1, you do not need to put a number. |
| CLIENTID | Client ID number. | Finding Your Client ID |
User Roles
The user roles that can add a note to a host are:
- Group Manager
- Manager
- User
Python
Python Sample add_hostNote Snippet
Copy
import json
import requests
platform = 'https://platform.risksense.com'
api_key = '<INSERT API KEY HERE>'
client_id = <INSERT CLIENT ID HERE>
header = {
"x-api-key": api_key,
"content-type": "application/json"
}
body = {
"filterRequest": {
"filters": [
{
"field": "ipAddress",
"exclusive": False,
"operator": "EXACT",
"value": "10.0.97.1"
}
]
},
"note": "This is some note text."
}
url = platform + "/api/v1/client/" + str(client_id) + "/host/note"
response = requests.post(url, headers=header, data=json.dumps(body))
Make sure to replace the angle bracket parameters here with your own values.
Python Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
cURL
cURL Sample add_hostNote Snippet
Copy
curl -X POST "https://platform<PLATFORM>.risksense.com/api/v1/client/<CLIENTID>/host/note"
-H "accept: application/json"
-H "x-api-key: <APIKEY>"
-H "Content-Type: application/json" -d "{ \"filterRequest\": { \"filters\": [ { \"field\": \"<FIELD>\", \"exclusive\": <EXCLUSIVE>, \"operator\": \"<OPERATOR>\", \"value\": \"<VALUE>/" } ] }, \"note\": \"<NOTE>\"}"
Make sure to replace the angle bracket parameters here with your own values.
cURL Parameters
| Name | Description | Additional Information |
|---|---|---|
| PLATFORM | Platform number. | |
| CLIENTID | Client ID number. | Finding Your Client ID |
| APIKEY | Your API key. | Generating an API Token |
| FIELD | Filter field. | |
| EXCLUSIVE | Exclusive. | Options: True, False |
| OPERATOR | Filter Operator. | |
| VALUE | Search value. | |
| NOTE | Note to add to host. |
Response Parameters
Sample Response
Copy
{
"id": <ID>,
"created": "<CREATED>"
}
| Name | Description | Additional Information |
|---|---|---|
| ID | Job ID number. | integer
|
| Created | Date/Time job created. | string
|
HTTP Status Codes
| Code | Description |
|---|---|
| 200 | Success |
200 Sample Response
Copy
{
"id": 0,
"created": "2019-09-17T10:47:52.725Z"
}
| Code | Description |
|---|---|
| 400 | Bad Request |
| 401 | Unauthorized |
| 404 | Not Found |