Using REST APIs

BMC Helix Automation Console

 provides REST API endpoints to perform all tasks that are currently supported by the application. These REST API endpoints are documented in the Swagger UI.

The API follows the REST architectural style and uses resources, HTTP verbs, and status codes. JavaScript Object Notation (JSON) is used to represent data structures in request and response bodies. All endpoints (except the Login API) use the OAuth 2.0 protocol for authentication. For more information, see General principles for using the REST API.

Important

  • BMC Helix Automation Console uses the JSON Web Token (JWT) that is generated from the BMC Helix Portal. The JWT is an access token that enables users to make authenticated calls to secured API endpoints. For more information, see Access and authentication for the REST API.

  • You can generate the JSON Web Token (JWT) using access and secret keys generated in the BMC Helix Portal. For more information on creating access keys, see Setting up access keys for programmatic access.

  • Users can make authenticated calls to secured API endpoints as per the permissions granted to the associated access key. If the user lacks the required permission, a 403 Forbidden status code is returned from the endpoint.

Accessing the Swagger host for API documentation

 

From a supported browser, enter the API base URL to access the API documentation in Swagger:  <Scheme>://<Your BMC Helix Portal URL>/automation-console/apidocs

Important

You can see the APIs supported by the application on the Swagger UI. However, to execute REST APIs, you must use tools such as Postman.

 

Command to import a scan file in Helix endpoint
curl --location '<customerprefix>/automation-console/api/v1/policies/import-scan' \
--header 'X-Security-Group: <security_group>' \
--header 'hac-context: ADE' \
--header 'Authorization: Bearer eyJ...' \
--form 'scanFile=@"<location_of_scanfile>/<scanfile_name>"' \
--form 'os="Linux,Windows,Others"' \
--form 'severities="3,4,5,1,2"' \
--form 'vendor="Qualys"' \
--form 'cidrs="0.0.0.0/0"'
Command to get all vulnerabilities in Helix endpoint
curl --location '<customerprefix>/automation-console/api/v1/policies/search?filter=policy_type%3D%22vulnerability%22' \
--header 'X-Security-Group: <security_group>' \
--header 'hac-context: ADE' \
--header 'Authorization: Bearer eyJ...' \
Command to import a scan file in TSSA endpoint
curl --location '<customerprefix>/automation-console/api/v1/policies/import-scan' \
--header 'X-Security-Group: <security_group>' \
--header 'hac-context: TSSA' \
--header 'hsso-token: <tssa_session_id>' \
--header 'Authorization: Bearer eyJr...' \
--form 'scanFile=@"<location_of_scanfile>/<scanfile_name>"' \
--form 'os="Linux,Windows,Others"' \
--form 'severities="3,4,5,1,2"' \
--form 'vendor="Qualys"' \
--form 'cidrs="0.0.0.0/0"'
Command to get all vulnerabilities in TSSA endpoint
curl --location '<customerprefix>/automation-console/api/v1/policies/search?filter=policy_type%3D%22vulnerability%22' \
--header 'X-Security-Group: <security_group>' \
--header 'hac-context: TSSA' \
--header 'hsso-token: <tssa_session_id>' \
--header 'Authorization: Bearer eyJr...' \

Example: To trigger an API workflow for BMC Helix Automation Console - Helix endpoint

  1. Generate the access key and secret key from BMC Helix portal.
    For more information, see https://docs.bmc.com/docs/helixportal/234/setting-up-access-keys-for-programmatic-access-1246178307.html
  2. Assign the generated key to the Administrator role in BMC Helix Portal.
  3. Authenticate the Helix access key and secret key at https://<customerURL>/ims/api/v1/access_keys/login.
    For more information, see https://docs.bmc.com/docs/helixportal/234/access-and-authentication-for-the-rest-api-1246178334.html
  4. Copy the <json_web_token> from the API response.
  5. Perform the GET call (https://<customerURL>/automation-console/api/v1/policies/search?filter=policy_type%3D%22vulnerability%22') with the following headers populated:
    1. Authorization (Bearer Token): <json_web_token> (received in step 4) 
    2. hac-context: ADE
    3. X-SECURITY-GROUP: Administrator

Example: To trigger an API workflow for BMC Helix Automation Console - TrueSight Server Automation (TSSA) endpoint

  1. Generate the access key and secret key from BMC Helix portal.
    For more information, see https://docs.bmc.com/docs/helixportal/234/setting-up-access-keys-for-programmatic-access-1246178307.html
  2. Assign the generated key to the BLAdmins role in BMC Helix Portal.
  3. Authenticate the Helix access key and secret key at https://<customerURL>/ims/api/v1/access_keys/login.
    For more information, see https://docs.bmc.com/docs/helixportal/234/access-and-authentication-for-the-rest-api-1246178334.html
  4. Copy the <json_web_token> from the API response.
  5. Generate a <tssa_session_id> for the TrueSight Server Automation server which is used in the TSSA endpoint and save it. For more information, see TSSA Session ID API.
  6. Perform the GET call (https://<customerURL>/automation-console/api/v1/policies/search?filter=policy_type%3D%22vulnerability%22') with the following headers populated:
    1. Authorization (Bearer Token): <json_web_token> (received in step 4)
    2. hac-context: TSSA
    3. X-SECURITY-GROUP: BLAdmins
    4. hsso-token: <tssa_session_id> (saved in step 5)

Login APIs

Contains APIs that support functions related to session management. 

API call

Description

TSSA Session ID API

post/rest/api/v1/sessions payload

Generates the TSSA session ID.

Request Body: 

{
  "authentication_type": "SRP",
  "password": "password",
  "role_name": "BLAdmins",
  "user_name": "BLAdmin"
}

The TSSA session ID is required to execute any API in the TSSA endpoint.

Important:

  • You must execute the TSSA Session ID API through a TSSA server.
  • You must generate the TSSA session ID by using the Hostname or the IP Address used to configure the TSSA server.
    For example, if you have configured the TSSA connector with a TSSA Hostname, you must use https://<TSSA Hostname>:<TSSAREST PORT>/rest/api/v1/sessions to generate the TSSA session ID, and if you have configured the TSSA connector with a TSSA IP address, you must use https://<TSSA IPAddress>:<TSSAREST PORT>/rest/api/v1/sessions to generate the TSSA session ID.

Configuration Service APIs

Contains APIs that support functions related to Service Level Agreements, security groups, and BMC Remedy Single Sign-On. 

API call

Description

SLA API

get/api/v1/config/slas

Retrieves the service level agreements defined in the Automation Console.

PUT/api/v1/config/slas

Updates the deadline and warning threshold for SLA severity levels.

Security Groups API

post/api/v1/config/securitygroups

Creates a new security group.

get/api/v1/config/securitygroups

Retrieves a list of security groups with details such as the group ID, role, name, description, creation date, and default job path, default depot path, and site details.

get/api/v1/config/securitygroups/{id}

Retrieves details about a security group as per the specified group ID.

PUT/api/v1/config/securitygroups/{id}

Updates a specified security group by using the group ID.

get/api/v1/config/tssa/roles

Retrieves all roles created in TrueSight Server Automation.

get/api/v1/config/tssa/groups/{type}

Retrieves security group profile by group type.

Support API

delete/api/v1/config/securitygroups/{id}

Deletes the specified security group.

Important

BMC recommends that you do not use this API call. This API call is only made available to the BMC Customer Support team for debugging or recovering from problems.

Connectors Service APIs

Contains API calls for working with all the connectors in Automation Console. 

API call

Description

Connectors API

post

/api/v1/connectordefinitions/search
 

Searches for a connector definition, which includes information about the connector name, type, and so on.

get/api/v1/connectors/{id}/getConfigurations

Retrieves configurations for a connector instance.

post/api/v1/connectors/{id}/updateConfigurations

Updates a connector configuration.

post/api/v1/connectors/search

Searches for a connector.

post/api/v1/connectorservice/connectors/{ConnectorId}/activate

Activates a connector.

post/api/v1/connectorservice/connectors/{ConnectorId}/deactivate

Deactivates a connector.

Exceptions Service APIs

Contains APIs for creating, updating, deleting, and searching exceptions in the Automation Console.

API call

Description

post/api/v1/exceptions

Creates one or more exceptions.

patch/api/v1/exceptions/{exceptionId}/status

Updates the status of an exception. (Enable or Disable)

delete/api/v1/exceptions/{exceptionId}

Deletes an exception.

patch/api/v1/exceptions/{exceptionId}

Updates the end date of an exception.

post/api/v1/exceptions/search

Searches for an exception.

Support API

post/api/v1/exceptions/sync

Exceptions that are in an enabled or active state move to an Active or Expired state based on their scheduled date, which runs at 12:00 AM UTC. If the scheduler does not work as expected, this API call forcefully executes active or enabled exceptions.

Important

BMC recommends that you do not use this API call. This API call is only made available to the BMC Customer Support team for debugging or recovering from problems.

Patch Catalog Service APIs

Contains APIs for working with catalogs and patches in Automation Console. 

API call

Description

Catalogs API

get/api/v2/catalogs

Retrieves all catalogs imported inAutomation Console.

post/api/v2/catalogs

 

Imports a new catalog from Server Automation.

get/api/v1/catalogs/tssa

Retrieves all Microsoft Windows, Red Hat Linux, SUSE Linux, OEL, and CentOS catalogs available in Server Automation.

get/api/v1/catalogs/tssa/{catalogId}

Retrieves details for a catalog created in Server Automation for a specified catalog ID.

get/api/v2/catalogs/{catalogId}

Retrieves details for a catalog imported in  Automation Console for a specified catalog ID.

PUT/api/v2/catalogs/{catalogId}

 

Updates schedule for a specified catalog ID.

delete/api/v2/catalogs/{catalogId}

Deletes the specified catalog from Automation Console.

PUT/api/v2/catalogs/{catalogId}/enable

Enables automatic synchronization for a catalog.

PUT/api/v2/catalogs/{catalogId}/disable

Disables automatic synchronization for a catalog.

Patches API

PUT/api/v1/catalogs/patch

Retrieves all patches based on the patch IDs.

PUT/api/v1/catalogs/{catalogId}/patch/search

Retrieves all patches of the specified catalog (that match the filters) from Automation Console

POST/api/v1/catalogs/patch/search

Retrieves patches based on the specified CVE IDs.

POST/api/v2/catalogs/patch/search

Retrieves patches based on CVE IDs.

PUT

/api/v2/catalogs/patch/{patchId}/cve-ids

Maps the CVE IDs to the specified patch.

Support API

post/api/v2/catalogs/{catalogId}/sync

Performs a force sync of the catalog details from TrueSight Server Automation.

Important

BMC recommends that you do not use this API call. This API call is only made available to the BMC Customer Support team for debugging or recovering from problems.

Patch Policy and Operations APIs

Contains the APIs for working with remediation jobs, patch policies, compliance scan policies, vulnerability scans, and so on. 

API call

Description

JobRun API

 

get/api/v1/policies/job/{jobRunId}/summary

 

Retrieves summary for the specified job run ID.

get/api/v1/policies/job/{jobRunId}/target

Retrieves summary for the specified job run ID and target.

get/api/v1/policies/job/{jobRunId}/target/{targetId}

Retrieves summary for the specified job run ID and target ID.

get/api/v1/policies/policy/{policyId}/jobRuns

Retrieves job runs for the specified policy ID.

get/api/v1/policies/{policyId}/runs/{runId}/logs

Retrieves event logs for a specified policy scan run.

get/api/v2/policies/operations/{operation_id}/jobs/{job_id}/runs/{job_run_id}/summary

Retrieves the job run summary for the specified operation ID, job ID, job run ID, and sequence ID.

get

/api/v2/policies/operations/{operation_id}/jobs/{job_id}/runs/{job_run_id}/target

 

Retrieves target wise job runs from TrueSight Server Automation for the specified operation ID, job ID, job run ID, and sequence ID.

get/api/v2/policies/operations/{operation_id}/jobs/{job_id}/runs

Retrieves all the job runs for the specified policy ID, job ID, and sequence ID.

Patch Policy API

Description

post/api/v1/policies

Creates a new patch policy.

get/api/v1/policies/tssa/groups/{type}

Retrieves all static groups created in Server Automation.

post/api/v1/policies/tssa/groups/{type}

Creates a static group in Server Automation.

get/api/v1/policies/tssa/smart-groups/{type}

Retrieves all dynamic groups created in Server Automation.

post/api/v1/policies/policy/{policyId}/jobruns

Executes a patch policy associated with specified policy ID immediately.

get/api/v1/policies/search

Retrieves a list of policies created in the Automation Console.

get/api/v2/policies

Retrieves a list of policies created in the Automation Console.

patch/api/v2/policies/{policyId}/bookmark

Bookmarks an existing policy.

This API call is applicable for operation templates only.

post/api/v1/policies/reports/patch-compliance

Retrieves patch compliance results for a policy.

post/api/v1/policies/reports/patch-compliance/detail

Retrieves patch compliance details for a policy.

get/api/v1/policies/{policy_id}

Retrieves information for a specified policy ID.

put/api/v1/policies/{policy_id}

Updates the existing policy.

patch/api/v2/policies/{policy_id}/share 

Shares the policy (imported vulnerabilities) with additional security groups.

Vulnerability scan API

post/api/v1/policies/import-scan

Imports a vulnerability scan.

post/api/v2/policies/vulnerability-scans 

Creates a new vulnerability scan policy request.

PUT/api/v2/policies/vulnerability-scans/{policy_id} 

Updates the vulnerability scan policy request.

post/api/v2/policies/vulnerability-scans/{policy_id}/vulnerabilities 

Creates vulnerabilities for the specified vulnerability scan policy.

TrueSight Server Automation API

get/api/v1/policies/tssa/nshscripts

 

Retrieves all NSH Scripts defined in Server Automation.

get/api/v1/policies/tssa/bl-packages

Retrieves all BLPackages defined in Server Automation.

get/api/v1/policies/tssa/nshscripts/{scriptId}

Retrieves NSH Script details from Server Automation.

post/api/v1/policies/tssa/depots/search

 

Search depot object based on given condition.

get/api/v1/policies/tssa/jobs/{type}

Retrieves all the jobs defined in Server Automation.

get/api/v1/policies/tssa/jobs/{type}/{jobId}

Retrieves information for a specified job ID from Server Automation.

Operations API

post/api/v1/policies/operations

Creates a remediation operation in Automation Console.

post/api/v1/policies/operations/search

Retrieves all operations in Automation Console.

post/api/v1/policies/operations/prepare-list

Prepares an operation list.

patch/api/v1/policies/operations/execute/{operationId}

 

Executes an operation for a specified ID.

get/api/v1/policies/operations/{operationId}/suboperations

Retrieves child operations of a parent operation.

delete/api/v1/policies/operations/{operation_id}

Deletes a specified operation.

get /api/v2/policies/operations/{operation_id}/jobs

Retrieves the jobs of the specified Batch job operation.

Operation Template API

post/api/v2/policies/operation-templates

Creates an operation template in Automation Console.

post/api/v2/policies/operation-templates/search

Retrieves an operation template based on the specified search filters.

get/api/v2/policies/operation-templates/{operation_template_id}

Retrieves an operation template.

delete/api/v2/policies/operation-templates/{operation_template_id}

Deletes an operation template.

patch/api/v2/policies/operation-templates/{operation_template_id}

Shares an operation template with the specified security groups.

PUT/api/v2/policies/operation-templates/{operation_template_id}

Updates an operation template.

Compliance Policy API

post/api/v2/policies/compliance-scans

Creates a new compliance policy.

PUT/api/v2/policies/compliance-scans/{policyId}/enable

Enables a compliance scan policy.

PUT/api/v2/policies/compliance-scans/{policyId}/disable

Disables a compliance scan policy.

delete/api/v2/policies/compliance-scans/{policyId}

Deletes a compliance scan policy.

POST/api/v2/policies/compliance-scans/{policyId}/jobruns

Executes the compliance scan policy associated with specified policy ID immediately.

Compliance Job Run API

get/api/v2/policies/compliance-scans/{complianceScanPolicyId}/runs

Retrieves job runs for the specified compliance scan policy ID.

get/api/v2/policies/compliance-scans/runs/{runId}/summary

Retrieves an overall summary for the specified compliance scan policy ID and job run ID.

get/api/v2/policies/compliance-scans/runs/{runId}/targets

Retrieves a summary of the job runs for the specified compliance scan policy ID and job run ID.

get/api/v2/policies/compliance-scans/runs/{runId}/targets/{targetId}

Retrieves job runs target details for the specified compliance scan policy ID, job run ID, and target ID

ITIL API

get/api/v1/policies/itil/configurations

Retrieves IT Service Management configuration.

get/api/v1/policies/itil/status/{changeId}

Retrieves the status of the change request created in the ITSM system.

Status Count

get/api/v1/policies/operations/status/summary

Retrieves operations count by status.

Patch Policy API

post/api/v2/policies/patch-policies

Creates a new patch policy.

get/api/v2/policies/patch-policies

Retrieves all patch policies.

get/api/v2/policies/patch-policies/{policy_id}

Retrieves information for a specified patch policy ID.

PUT/api/v2/policies/patch-policies/{policy_id}

 

Updates an existing patch policy.

delete/api/v2/policies/patch-policies/{policy_id}

Deletes a patch policy.

PUT/api/v2/policies/patch-policies/{policy_id}/enable

Enables the patch policy for a specified policy ID.

PUT/api/v2/policies/patch-policies/{policy_id}/disable

Disables the patch policy for a specified policy ID.

post/api/v2/policies/patch-policies/{policyId}/jobruns

Immediately executes the scan policy associated with the specified patch policy ID.

get/api/v2/policies/patch-policies/summary

Retrieves a count of policies group by operating system and its vendor.

Templates API

get/api/v2/policies/tssa/templates

Retrieves all TrueSight Server Automation compliance templates.

Important

You can provide a detection date in vulnerability scan APIs and vulnerability operation APIs.

  • If you do not specify the vulnerability detection date and time, the current UTC date and time will be used for new installations.
  • For upgrades, a detection date in an API indicates when a vulnerability is posted in TrueSight Automation Console.

Violations and Dashboard Service APIs

Contains APIs for the Dashboard, Missing Patches (referred as Violations in the API), Activities, Custom tags, and  Assets.

API call

Description

Activities API

GET/api/v1/activities/{id}

Retrieves the details for an activity such as the status.

PUT/api/v1/activities/cancel

Cancels an activity and marks it as Failed.

Assets

post/api/v1/violations/reports/targets/{type}

Retrieves all assets based on the asset type.

PUT/api/v1/violations/asset/manual-map/{resourceId}

Maps scanner asset to endpoint targets manually.

PUT/api/v1/violations/asset/unmap

Unmaps scanned assets with the endpoints in the endpoint manager.

GET/api/v1/assets/metadata/business-services

Retrieves a list of unique business services.

GET/api/v1/assets/metadata/os/{type}

Retrieves a list of unique operating systems and vendors.

post/api/v1/violations/assets

Retrieves details of all the assets for a specified given patch policy.

Custom Tags

post/api/v2/violations/tags/search

Retrieves unique risk tags.

post/api/v1/violations/tags

Creates custom tags.

Important

You must have administrator permissions to use this API call.

GET/api/v1/violations/tags

Retrieves all custom tags.

PUT/api/v1/violations/tags/{id}

Updates the custom tag for the specified tag ID.

Important

You must have administrator permissions to use this API call.

delete/api/v1/violations/tags/{id}

Deletes the custom tag for a specified ID.

patch/api/v1/violations/{id}/notes

Update notes for vulnerability record

Dashboard API

post/api/v1/violations/reports/targets/severity/summary

Generates data for the Impacted Assets by Severity widget on the dashboard.

post/api/v1/violations/reports/targets/severity/detail

Generates asset details by severity levels.

post/api/v1/violations/reports/targets/patch-compliance/summary

Generates data for the Patch Compliance widget on the dashboard.

post/api/v1/violations/reports/targets/patch-compliance/detail

Generates patch compliance details such as the number of installed and missing patches on assets according to the policy on the dashboard.

post/api/v1/violations/reports/{type}/summary

Generates data for the Impacted Assets by SLA and Unique Missing Patches by Age widgets on the dashboard.

post/api/v1/violations/reports/sla/detail

Generates details for the assets and missing patches based on their SLA levels.

post/api/v1/violations/reports/trends/weeks

Generates data for the Remediation Trend graph on the dashboard.

post/api/v1/violations/reports/trends/weeks/detail

Generates details such as the missing and remediated patches in the Remediation Trend graph.

post/api/v1/violations/reports/states/average-days/weeks

Gets the average time for a state change in the current week.

post/api/v1/violations/reports/rank/violations

Generates data for the Top 10 Missing Patches widget.

post/api/v1/violations/reports/states/summary

Generates data for the violations based on stage.

post/api/v1/violations/reports/rank/violations/detail

Generates asset details for the Top 10 Missing Patches widget.

post/api/v1/violations/reports/violations/severity/summary

Fetches violations count by severity.

post/api/v1/violations/reports/violations/sla/summary

Fetches violations count by SLA.

post/api/v1/violations/reports/services/summary

Retrieves the list of objects with details such as business service name, violation and assets count associated with that particular business service.

GET/api/v1/violations/reports/targets/discovery/mapped/{sourcetype}

Retrieves the count of targets mapped to discovery based on selected source.

post/api/v1/violations/reports/services/summary/{types}

Retrieves the list of object having violation name and severity or asset name and operating system platform based on the request type.

post/api/v1/violations/reports/rank/owner

Fetches data for the Top 10 Missing Patches by Owner widget.

post/api/v1/violations/reports/rank/owner/details/{type}

Fetches asset details for the Top 10 Missing Patches by Owner widget.

post
/api/v2/violations/reports/patch-compliance/summary

Retrieves the list of objects with the operating system and its missing count.

post/api/v2/violations/reports/policies/summary

Retrieves the list of objects with policy ID and rules and assets associated with that policy ID along with state wise distribution of vulnerability and assets.

post/api/v2/violations/reports/policies/details/{policy_id}

Retrieves the details for the given policy ID along with rules and assets associated with that policy id along with state wise distribution of vulnerability and assets.

post/api/v2/violations/reports/policies/violations/summary

Retrieves the list of objects with details such as the violation name, assets count, policy details and SLA type.

post/api/v2/violations/reports/states/summary

Retrieves the summary for different compliance states for vulnerability and assets.

Risk Tags API

patch/api/v1/violations

Updates violation fields like risk score, SLA, risk owner, and risk tags based on the given filter criteria.

post/api/v1/violations/upload-tags

Imports tags in a CSV file. Tags such as the risk score, owner, SLA deadlines and warnings can be updated.

Violations API

post/api/v1/violations

Creates violations for a specified asset.

get/api/v1/violations

Retrieves details of the violations.

get/api/v1/violations/{id}

Retrieves details of the violations based on the ID.

post/api/v2/violations/search/{type}

Retrieves all vulnerabilities or missing patches.

post/api/v1/violations/reports/patch

Exports the patch report in .csv format.

get/api/v1/violations/metadata/search/{type}/cveids

Retrieves all distinct CVE IDs for the specified type.

post/api/v1/violations/riskscore

Retrieves all risk scores.

post/api/v1/violations/owner

Gets all risk owners.

Vulnerability API

post/api/v1/violations/reports/vulnerability

Exports the vulnerability report in the CSV format.

post/api/v2/violations/search/{type}

Retrieves all vulnerabilities or missing patches.

post/api/v1/violations/search/vulnerabilities

Retrieves all vulnerabilities.

post/api/v2/violations/search/vats

Retrieves all assets with actionable vulnerabilities.

post/api/v2/violations/close/vats

Closes the vulnerabilities for assets. 

post/api/v2/violations/close/auto-closure/vats/preview

Retrieves all the assets for which vulnerabilities can be closed.

post/api/v3/violations/close/auto-closure/vats

Closes the vulnerabilities for assets based on the Last Observed Date.

post/api/v2/violations/close/auto-closure/vats

Closes vulnerabilities for the assets.

Important: We recommend not using the Close and Auto-close APIs for data retrieved from the Tenable.sc connector. Vendor-specific APIs are used to auto-close VATs retrieved from the Tenable.sc scanner connector.

PUT/api/v1/violations/manual-map/{id}

Maps remediation content with the given vulnerability manually.

delete/api/v1/violations/unmap/{id}

Removes the mapped remediation contents for a vulnerability.

post/api/v1/violations/auto-map

Maps vulnerabilities with the remediation content for all the given CVE IDs.

Tagging API

post/api/v1/assets/search/{type}/tags

Searches for scanned and managed asset tags.

Support API

Important

BMC recommends that you do not use these API calls. These APIs are only made available to the BMC Customer Support team for debugging or recovering from problems.

get/api/v1/activities/{id}

Retrieves details of an activity.

PUT/api/v1/activities/cancel

Cancels an activity and marks it as FAILED.

post/api/v1/violations/poolsync

Retrieves all the resources from the resource service and sync it to asset state service database.

PUT/api/v1/violations/refresh-views

Refreshes all the PostgreSQL materalized views concurrently.

Clean up API

Important

These APIs can be used only by users having the Admin group privileges.

Default retention for data is configured as 180 days. User can configure it from application.properties / config.json based on service.

To keep the data consistent after clean up, it is recommended to execute all the APIs in below sequence.

delete/api/v1/policies/cleanup/jobruns

Clean up the job runs and its referred objects from Truesight Automation Console.

delete/api/v1/policies/cleanup/operations

Clean up the operations and its referred objects from Truesight Automation Console.

get/api/v1/policies/cleanup/import-scans/preview

Returns all eligible vulnerability policies for cleanup.

delete/api/v1/policies/cleanup/import-scans

Clean up the import-scan files and its referred objects from Truesight Automation Console.

delete/api/v1/violations/cleanup/vats/{type}

Clean up the VATs from Truesight Automation Console.

Activity Logs Service APIs

Contains APIs for the Activity logs.

Activity logs API

 

post/api/v1/activitylogs/search

Search an activity log for an corresponding event in Truesight Automation console.

post/api/v1/activitylogs/cleanup

Deletes all the activity logs before the prior date in Truesight Automation console.

 

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*