Skip to Content

Missing Patches APIs

This topic describes the REST APIs for missing patches (violations).

The base URL for the API is: https://<serverName>/api/v1/violations

GET/api/v1/violations

Retrieves the details of all violations.

Parameters:

Name

Description

limit

Specifies the numbers of items to return.

pagesize

Specifies the number of items to skip before starting to collect the result set. The value starts from 0.

policy-id

Specifies the policy ID to filter the asset violations.

state

Specifies the state to filter the asset violations.

asset-name

Specifies the asset name to filter the asset violations.

Responses

Code

Description

200

OK

204

Content not found

401

Unauthorized

500

Internal Server Error

Sample response

[
  {
   "id": "cd41cedbb-a981-4a46-b658-29a5a3837077",
   "name": "Red Hat Update for procmail (RHSA-2014-1172)",
   "state": "CREATED",
   "type": "patch",
   "classification": "security",
   "asset_name": "clm-pun-01234",
   "asset_id": "cd41cedbb-a981-4a46-b658-29a5a38370c9",
   "source_type": "scanner / tssa",
   "patch_policies": [
     "d41cedbb-a981-4a46-b658-29a5a38370c1",
     "scan/1439551232.23995"
    ]
  }
]

GET/api/v1/violations/{id}

Retrieves the details for a specific violation ID.

Parameters:

Name

Description

id

Specifies the violation ID.

Use the GET /api/v1/violations API to obtain the violation ID.

Responses

Code

Description

200

OK

401

Unauthorized

500

Internal Server Error

Sample response

{
 "id": "cd41cedbb-a981-4a46-b658-29a5a3837077",
 "name": "Red Hat Update for procmail (RHSA-2014-1172)",
 "state": 3,
 "vuln_external_id": "122652",
 "type": "patch",
 "severity": "4",
 "cveids": [
   "CVE-2014-3596",
   "CVE-2014-3593"
  ],
 "classification": "security",
 "properties": {
   "os": "windows",
   "arch": "X_64",
   "bulletin_id": "MS12-004",
   "qnumbers": [
     "q29a5a38370c1",
     "q9aa38370c1"
    ]
  },
 "asset_name": "clm-pun-01234",
 "asset_id": "cd41cedbb-a981-4a46-b658-29a5a38370c9",
 "source_type": "scanner / tssa",
 "patch_policies": [
   "d41cedbb-a981-4a46-b658-29a5a38370c1",
   "scan/1439551232.23995"
  ]
}

GET/api/v1/violations/cveid

Retrieves all distinct CVE IDs.

Parameters:

Name

Description

type

Specifies the type of the violation.

Valid values: patch, vulnerability

Responses

Code

Description

200

OK

204

Content not found

401

Unauthorized

500

Internal Server Error

Sample response

[
 "CVE-2014-3596",
 "CVE-2014-3593"
]

POST /api/v1/violations

Creates violations for a specific asset.

Request body: No parameters

Sample request

[
  {
   "asset_name": "clm-pun-01234",
   "asset_id": "d41cedbb-a981-4a46-b658-29a5a38370c9",
   "source_type": "scanner / tssa",
   "security_groups": [
     "Admins"
    ],
   "patch_policies": [
     "d41cedbb-a981-4a46-b658-29a5a38370c1",
     "scan/1439551232.23995"
    ],
   "violations": [
      {
       "name": "Red Hat Update for procmail (RHSA-2014-1172)",
       "vuln_external_id": "122652",
       "type": "patch",
       "severity": "4",
       "release_date": {},
       "cveids": [
         "CVE-2014-3596",
         "CVE-2014-3593"
        ],
       "classification": "security",
       "properties": {
         "os": "windows",
         "arch": "X_64",
         "bulletin_id": "MS12-004",
         "qnumbers": [
           "q29a5a38370c1",
           "q9aa38370c1"
          ]
        }
      }
    ]
  }
]

Responses

Code

Description

201

Created

401

Unauthorized

500

Internal Server Error


Sample response

[
  [
    {
     "id": "8ca3c66b-f9f7-4b1d-bbda-c988fc101c0b"
    },
    {
     "id": "51e6f0e0-ba10-4f0f-9036-209e5f47c2ed"
    },
    {
     "id": "386d806f-d87d-466e-81e4-d9aa6c3475c5"
    }
  ],
  [
    {
     "assetName": "Testing4",
     "message": "Failed to save in DB, please trigger POST for the failed assets."
    }
  ]
]

POST/api/v1/violations/search

    • ==

Searches for violations based on the filters that you provide and displays the details of the unique missing patches by age.

Request body: No parameters

Sample request

{
 "filters": {
   "policy": "d41cedbb-a981-4a46-b658-test",
   "os_type": [
     "Window",
     "Linux"
    ],
   "asset_name": [
     "Asset Test 1",
     "Asset Test 2"
    ],
   "violation_name": "Violation Test 1",
   "violation_type": [
     "patch",
     "vulnerability"
    ],
   "cve_ids": [
     "CVE-2014-3596",
     "CVE-2014-3593"
    ],
   "severity": [
     "1",
     "2",
     "3",
     "4",
     "5"
    ],
   "age_days": {
     "start": 0,
     "end": 30
    },
   "sla": {
     "sla_config": [
        {
         "deadline": 30,
         "threshold": 24,
         "severity": "Valid values 5,4,3,2,1"
        }
      ],
     "sla_type": "Valid values exceeding, within, approaching"
    },
   "classification": [
     "security",
     "non-security"
    ]
  },
 "pagesize": 0,
 "limit": 0
}

Responses

Code

Description

200

OK

204

Content not found

401

Unauthorized

500

Internal Server Error


Sample response

{
 "violations_summary": [
    {
     "id": "cd41cedbb-a981-4a46-b658-29a5a3837077",
     "name": "Red Hat Update for procmail (RHSA-2014-1172)",
     "impacted_targets": "40",
     "cve_ids": "CVE-2014-3596, CVE-2014-3593",
     "severity": "CRITICAL,HIGH,MEDIUM or LOW",
     "classification": "security",
     "violation_age": "30",
     "os_type": "windows|linux",
     "bulletin_id": "MS14-057",
     "qnumber": "q29a5a38370c1",
     "policies": "window servers scan"
    }
  ],
 "total_record": "1000"
}

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

Helix Automation Console 19.11