Important

   

Starting from version 8.9.03, BMC Network Automation is renamed to TrueSight Network Automation. This space contains information about TrueSight Network Automation 8.9.03 and the later service packs for 8.9. For earlier releases, see BMC Network Automation 8.9.

Security Vulnerability Importers API

TrueSight Network Automation REST API – SecurityVulnerabilityImporterService
The base URL for the API is:

https://serverName:portNumber/bca-networks/api


GET /v3.0/security_vulnerability_importers
 Retrieves security vulnerability importers, matching any filter criteria


Parameters

Name

Located in

Description

Default

Schema

orderBy

query

Sort by the specified attribute (name, transformerName or a listable security vulnerability importer dynamic field name) in the specified order (prefix with a '+' for ascending or a '-' for descending)

"+name"

string
Enum: [
  "+name",
  "-name",
  "+transformerName",
  "-transformerName"
]

offset

query

Return the specified page number

1

integer

limit

query

Define the number of rows in a page or the maximum number of security vulnerability importers to return

25

integer

Authorization

header

Authorization token formatted as 'Bearer [token]'


String*

Responses

Code

Description

Schema

200

successful operation

[
   #SecurityVulnerabilityImporterDTO
]

401

Unauthorized: Failed to provide a suitable Authorization header or the specified user is not logged in


403

Forbidden: Not allowed to access security vulnerability importers


500

Internal server error: Unexpected exception occurred


POST /v3.0/security_vulnerability_importers
 Adds a new security vulnerability importer


Parameters

Name

Located in

Description

Default

Schema

body

body

Complete attributes of the new security vulnerability importer


#SecurityVulnerabilityImporterDTO

Authorization

header

Authorization token formatted as 'Bearer [token]'


String*

Responses

Code

Description

Schema

201

Created: New security vulnerability importer successfully added


400

Bad request: Input security vulnerability importer DTO is missing or the new security vulnerability importer is invalid


401

Unauthorized: Failed to provide a suitable Authorization header or the specified user is not logged in


403

Forbidden: Not allowed to add a new security vulnerability importer


500

Internal server error: Unexpected exception occurred


GET /v3.0/security_vulnerability_importers/{nameOrKey}
 Retrieves one security vulnerability importer either by name or by database key


Parameters

Name

Located in

Description

Default

Schema

nameOrKey

path

Name or database key of the security vulnerability importer of interest


string*

Authorization

header

Authorization token formatted as 'Bearer [token]'


String*

Responses

Code

Description

Schema

200

successful operation

#SecurityVulnerabilityImporterDTO

401

Unauthorized: Failed to provide a suitable Authorization header or the specified user is not logged in


403

Forbidden: Not allowed to access security vulnerability importers


404

Not found: No single matching security vulnerability importer found


500

Internal server error: Unexpected exception occurred


PUT /v3.0/security_vulnerability_importers/{nameOrKey}
 Modifies all attributes of an existing security vulnerability importer


Parameters

Name

Located in

Description

Default

Schema

nameOrKey

path

Name or database key of the security vulnerability importer to be modified


string*

body

body

Complete new attribute values for the security vulnerability importer; anything left out will be considered to be null and will be nulled out in the security vulnerability importer


#SecurityVulnerabilityImporterDTO

Authorization

header

Authorization token formatted as 'Bearer [token]'


string*

Responses

Code

Description

Schema

200

successful operation

#SecurityVulnerabilityImporterDTO

400

Bad request: Input security vulnerability importer DTO is missing or modified security vulnerability importer is invalid


401

Unauthorized: Failed to provide a suitable authorization header or the specified user is not logged in


403

Forbidden: Not allowed to modify the security vulnerability importer


404

Not found: No single matching security vulnerability importer found


500

Internal server error: Unexpected exception occurred


DELETE /v3.0/security_vulnerability_importers/{nameOrKey}
 Deletes a security vulnerability importer


Parameters

Name

Located in

Description

Default

Schema

nameOrKey

path

Name or database key of the security vulnerability importer to be deleted


string*

Authorization

header

Authorization token formatted as 'Bearer [token]'


string*

Responses

Code

Description

Schema

200

successful operation

string

401

Unauthorized: Failed to provide a suitable Authorization header or the specified user is not logged in


403

Forbidden: Not allowed to delete the security vulnerability importer


404

Not found: No single matching security vulnerability importer found


500

Internal server error: Unexpected exception occurred


PATCH /v3.0/security_vulnerability_importers/{nameOrKey}
 Modifies only the specified attributes of an existing security vulnerability importer, where the changes are specified in JSON Patch format (per RFC 6902)


Parameters

Name

Located in

Description

Default

Schema

nameOrKey

path

Name or database key of the security vulnerability importer to be modified


string*

body

body

New attribute values for the security vulnerability importer, in JSON Patch format


#JsonPatch

Authorization

header

Authorization token formatted as 'Bearer [token]'


string*

Responses

Code

Description

Schema

200

successful operation

#SecurityVulnerabilityImporterDTO

400

Bad request: Input JSON patch information is missing or modified security vulnerability importer is invalid


401

Unauthorized: Failed to provide a suitable Authorization header or the specified user is not logged in


403

Forbidden: Not allowed to modify the security vulnerability importer


404

Not found: No single matching security vulnerability importer found


500

Internal server error: Unexpected exception occurred



Object Definitions

Object

Schema

DynamicFieldValueDTO


 A dynamic field value


{
    id: string
    The database key of the dynamic field whose value this is (read-only)
 
    name: string
    The name of the dynamic field (read-only)
 
    values: [
      The value(s) for the dynamic field; for a single-value field, only the first entry is relevant; read-only for Auto Derived and Configuration Profiled types
 
      string
    ]
 
    dynamicFieldDetailsLink: string
    Link to get more detailed information about the dynamic field (read-only)
}

EndorsedProgramBasedTransformerDTO


 A program or executable script for converting a source file as provided by the vendor into the internal XML format (which is then imported)

Discriminator: "@class" : "com.bmc.bcan.rest.services.v3_0.SecurityVulnerabilityImporterService$EndorsedProgramBasedTransformerDTO"

{
    programName: string*
    Name of the executable in the endorsed directory; it is passed one input argument containing the name of the input file (containing the data to be transformed); the program should exit with status of 0 on success and should output XML data in the internal format on its stdout; if it exits with status other than 0 or prints nothing, that is treated as an error and the import will fail
}

JsonPatch


 A list of JSON Patch operations


[
    A list of JSON Patch operations
 
     #JsonPatch.OneOperation
  ]

JsonPatch.OneOperation

JsonPatch.Pointer


 Pointer or path to an element or property


string
  Pointer or path to an element or property

JsonPatch.Add


 Add a value to an object or inserts it into an array. In the case of an array, the value is inserted before the given index. The - character can be used instead of an index to insert at the end of an array. The value can be any JSON value.


{
    op: string*
    Enum: [
      "add"
    ]
    value: any*
    path: #JsonPatch.Pointer *
}

JsonPatch.Remove


 Remove a value from an object or array.


{
    op: string*
    Enum: [
      "remove"
    ]
    path: #JsonPatch.Pointer *
}

JsonPatch.Replace


 Replace an existing value. THe value can be any JSON value.


{
    op: string*
    Enum: [
      "replace"
    ]
    value: any*
    path: #JsonPatch.Pointer *
}

JsonPatch.Move


 Move a value from one location to the other. "path" is the destination.


{
    op: string*
    Enum: [
      "move"
    ]
    path: #JsonPatch.Pointer *
    from: #JsonPatch.Pointer *
}

JsonPatch.Copy


 Copy a value from one location to another. "path" is the destination.


{
    op: string*
    Enum: [
      "copy"
    ]
    path: #JsonPatch.Pointer *
    from: #JsonPatch.Pointer *
}

JsonPatch.Test


 Test that the specified value is set in the document at the specified path. If the test fails, then the patch as a whole is not applied. The Value can be any JSON value.


{
    op: string*
    Enum: [
      "test"
    ]
    value: any*
    path: #JsonPatch.Pointer *
}

OsVersionConverterDTO


 Defines how to change from an OS image string formatted one way into an OS image string formatted in another way


{
    annotation: string
    Explanation, notes, description, or whatever else helps to understand how the OS image string is being changed
 
    inputMatch: string*
    Regular expression with capture groups for finding inputs that need to be converted
 
    outputResultFormat: string*
    Message format for producing the converted result; only the simplest syntax of the java MessageFormat class is supported; you may use hard-coded strings combined with text extracted from the matched input strings via parenthesized capture groups; you may use 'FormatElement' syntax of {#} where # is the capture group number, starting with 0, pulled from the input parsed string; no other type of FormatElement is supported
}

SecurityVulnerabilityImporterDTO


 Information about a security vulnerability importer, which defines how an input file from a vendor is parsed and then stored as a security vulnerability


{
    id: string
    The security vulnerability importer's unique database key (read-only)
 
    name: string*
    The security vulnerability importer's unique display name
 
    applicableOsImagePatternGenerators: [
      How to convert the security vulnerability's affected OS version strings into the applicable OS image name-matching patterns in a compliance rule created from the security vulnerability
 
       #OsVersionConverterDTO
    ]
 
    filterInputByInitialRelease: #TimePeriodDTO
    Import only vulnerabilities whose initial release date and time fall within this time period; when null, no filtering is done
 
    filterInputByLastModifiedAtSource: #TimePeriodDTO
    Import only vulnerabilities whose most recent modification date and time fall within this time period; when null, no filtering is done
 
    osImageNameConversions: [
      How to convert a raw <affectedOsVersion> string into a string that closely resembles the discovered device OS image names, so that the affected OS versions displayed in the security vulnerability are the same as the OS image names displayed with devices and their configurations
 
       #OsVersionConverterDTO
    ]
 
    transformFileUsing: #TransformerDTO
    How the source file from the vendor is converted to the internal XML format (which is then parsed and imported into security vulnerabilities)
 
    dynamicFields: [
      The dynamic fields
 
       #DynamicFieldValueDTO
    ]
}

StylesheetBasedTransformerDTO


 An XSL stylesheet for converting a source file as provided by the vendor into the internal XML format (which is then imported)

Discriminator: "@class" : "com.bmc.bcan.rest.services.v3_0.SecurityVulnerabilityImporterService$StylesheetBasedTransformerDTO"

{
    stylesheetContent: string*
    The XSL stylesheet, containing XSLT 2.0 syntax to transform the input XML string into an XML string in the internal XML format
 
    stylesheetFilename: string*
    The name of the file that contains the XSL stylesheet, for use when exporting the stylesheet
}

TimePeriodDTO


 Identifies a date/time range


{
    timePeriodTypeId: integer*
    What sort of time period this is
 
    timePeriodTypeName: string
    The meaning of the numeric timePeriodTypeId (read-only)
 
    startTimestamp: date-time
    The start date/time. Required only for certain user-defined time period types of After and Range
    Example: 2017-01-31T13:45:00.000+0000
 
    endTimestamp: date-time
    The end date/time. Required only for certain user-defined time period types of Before and Range
    Example: 2017-01-31T13:45:00.000+0000
}

TransformerDTO


 Defines how an input security vulnerability is to be converted into the internal XML format that can then be imported
Was this page helpful? Yes No Submitting... Thank you

Comments