Scanner Endpoints
Use the references for REST API V9.0 scanner endpoints.
GET /scanner/profiles
Retrieves all of the currently created scan profiles.
No parameters are required and the following information should be retrieved for each scan profile.
scanProfileId
scanProfileName
description
scanType
scannerName
Table 1: GET /scanner/profiles Resource Details
MIME Type |
|---|
application/json |
There are no parameters for this endpoint.
Table 2: GET /scanner/profiles Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
200 | The list of scan profiles was successfully returned | |
500 | 1030 | Occurs when an attempt is made to list scan profiles when certain conditions are not met, or when too many scan requests have been made |
Response Description
The list of scan profiles currently configured in QVM
Response Sample
POST /scanner/profiles/create
Initiates a request to create a new Scan Profile.
The request takes one parameter - createScanRequest, which is just a POJO. To create the scan, you will need to build up a JSON object that contains the Scan Profile name and IP addresses to scan. For example:
{'name':'New Scan Profile', 'ips':['10.100.85.135']}
Table 3: POST /scanner/profiles/create Resource Details
MIME Type |
|---|
text/plain |
Table 4: POST /scanner/profiles/create Request Body Details
Parameter | Data Type | MIME Type | Description | Sample |
|---|---|---|---|---|
scanProfile | JSON | application/json | null | null |
Table 5: POST /scanner/profiles/create Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
200 | The scan has been successfully created | |
419 | 9101 | Occurs when a parameter is missing or invalid |
500 | 1030 | Occurs when an attempt is made to create a scan when certain conditions are not met, or when too many scan requests have been made |
Response Description
An indicator of whether the scan has been created successfully or not.
Response Sample
String
POST /scanner/profiles/start
Initiates a request to start an already created scanProfile.
The request takes one parameter - scanProfileId. To get a list of scanProfileIds, get a list of the current scan profiles by initiating a 'profiles' request on the scanner endpoint. The scanProfileId is validated and an appropriate message is returned.
Table 6: POST /scanner/profiles/start Resource Details
MIME Type |
|---|
text/plain |
Table 7: POST /scanner/profiles/start Request Parameter Details
Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
scanProfileId | query | Required | String | text/plain | The unique id of the scan profile we want to start |
Table 8: POST /scanner/profiles/start Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
200 | The scan has been successfully started | |
403 | 1000 | Occurs if the user does not have permission to start a scan, or the scan is in progress |
500 | 1030 | Occurs when an attempt is made to start a scan when certain conditions are not met, or when too many scan requests have been made |
Response Description
An indicator of whether the scan has been started successfully or not.
Response Sample
String
GET /scanner/scanprofiles
Retrieves all of the currently created scan profiles.
No parameters are required and the following information should be retrieved for each scan profile.
scanProfileId
scanProfileName
description
scanType
scannerName
schedule
status
progress
endTime
duration
Table 9: GET /scanner/scanprofiles Resource Details
MIME Type |
|---|
application/json |
Table 10: GET /scanner/scanprofiles Request Parameter Details
Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
fields | query | Optional | String | text/plain | Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
filter | query | Optional | String | text/plain | Optional - This parameter is used to restrict the elements in a list base on the contents of various fields. |
Range | header | Optional | String | text/plain | Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero. |
Table 11: GET /scanner/scanprofiles Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
200 | The list of scan profiles was successfully returned | |
500 | 1030 | Occurs when an attempt is made to list scan profiles when certain conditions are not met, or when too many scan requests have been made |
Response Description
The list of scan profiles currently configured in QVM
Response Sample
[ { "description": "String", "duration": { "days": 42, "hours": 42, "minutes": 42, "months": 42, "seconds": 42.5, "type": "String", "value": "String", "years": 42 }, "endTime": { "date": 42, "day": 42, "hours": 42, "minutes": 42, "month": 42, "seconds": 42, "time": 42, "timezoneOffset": 42, "year": 42 }, "progress": 42, "scanProfileId": 42, "scanProfileName": "String", "scanType": "String", "scannerName": "String", "schedule": "String", "status": "String" } ]
POST /scanner/scanprofiles
Initiates a request to create a new scanProfile.
The request takes one parameter - createScanRequest, which is just a POJO. To create the scan, you will need to build up a JSON object that contains the Scan Profile name and hosts to scan. For example:
{'name':'New Scan Profile', 'hosts':['10.100.85.135']}
Table 12: POST /scanner/scanprofiles Resource Details
MIME Type |
|---|
text/plain |
Table 13: POST /scanner/scanprofiles Request Body Details
Parameter | Data Type | MIME Type | Description | Sample |
|---|---|---|---|---|
scanProfile | Object | application/json | null | { "description": "String", "hosts": [ "String" ], "name": "String" } |
Table 14: POST /scanner/scanprofiles Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
200 | The scan has been successfully created | |
500 | 1030 | Occurs when an attempt is made to create a scan when certain conditions are not met, or when too many scan requests have been made |
Response Description
An indicator of whether the scan has been created successfully or not.
Response Sample
String
GET /scanner/scanprofiles/{profileid}
Retrieves a scan profile for a given Scan Profile ID.
No parameters are required and the following information should be retrieved for each scan profile.
scanProfileId
name
description
scanType
scannerName
schedule
status
progress
endTime
duration
Table 15: GET /scanner/scanprofiles/{profileid} Resource Details
MIME Type |
|---|
application/json |
Table 16: GET /scanner/scanprofiles/{profileid} Request Parameter Details
Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
profileid | path | Required | String | text/plain | The unique id of the scan profile we need to retrieve information for |
fields | query | Optional | String | text/plain | Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
filter | query | Optional | String | text/plain | Optional - This parameter is used to restrict the elements in a list base on the contents of various fields. |
Range | header | Optional | String | text/plain | Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero. |
Table 17: GET /scanner/scanprofiles/{profileid} Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
200 | The scan profile was successfully returned | |
500 | 1030 | Occurs when an attempt is made to list a scan profile when certain conditions are not met, or when too many scan requests have been made |
Response Description
The list of scan profiles currently configured in QVM
Response Sample
[ { "description": "String", "duration": { "days": 42, "hours": 42, "minutes": 42, "months": 42, "seconds": 42.5, "type": "String", "value": "String", "years": 42 }, "endTime": { "date": 42, "day": 42, "hours": 42, "minutes": 42, "month": 42, "seconds": 42, "time": 42, "timezoneOffset": 42, "year": 42 }, "progress": 42, "scanProfileId": 42, "scanProfileName": "String", "scanType": "String", "scannerName": "String", "schedule": "String", "status": "String" } ]
POST /scanner/scanprofiles/{profileid}
Update a scan profile. The Scan Profile ID is required.
The following information on a scan profile can be updated:
name
description
IP addresses
For example:
{'name':'Updated Scan Profile', 'ips':['10.100.85.135']}
Table 18: POST /scanner/scanprofiles/{profileid} Resource Details
MIME Type |
|---|
application/json |
Table 19: POST /scanner/scanprofiles/{profileid} Request Parameter Details
Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
profileid | path | Required | String | text/plain | The unique id of the scan profile used to update |
Table 20: POST /scanner/scanprofiles/{profileid} Request Body Details
Parameter | Data Type | MIME Type | Description | Sample |
|---|---|---|---|---|
scanProfile | JSON | application/json | null | null |
Table 21: POST /scanner/scanprofiles/{profileid} Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
202 | The scan profile was successfully updated | |
500 | 1030 | Occurs when an attempt is made to update a scan profile when certain conditions are not met, or when too many scan requests have been made |
Response Description
A message to indicate whether the scan profile has updated or not.
Response Sample
DELETE /scanner/scanprofiles/{profileid}
Initiates a request to delete a scanProfile.
The request takes one parameter - the Scan Profile ID.
Table 22: DELETE /scanner/scanprofiles/{profileid} Resource Details
MIME Type |
|---|
text/plain |
Table 23: DELETE /scanner/scanprofiles/{profileid} Request Parameter Details
Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
profileid | path | Required | String | text/plain | null |
Table 24: DELETE /scanner/scanprofiles/{profileid} Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
204 | The scan has been successfully deleted | |
500 | 1030 | Occurs when an attempt is made to delete a scan when certain conditions are not met, or when too many scan requests have been made |
Response Description
An indicator of whether the scan has been deleted successfully or not.
Response Sample
String
GET /scanner/scanprofiles/{profileid}/runs
Table 25: GET /scanner/scanprofiles/{profileid}/runs Resource Details
MIME Type |
|---|
application/json |
Table 26: GET /scanner/scanprofiles/{profileid}/runs Request Parameter Details
Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
profileid | path | Required | Number (Integer) | text/plain | null |
Range | header | Optional | String | text/plain | Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero. |
fields | query | Optional | String | text/plain | Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
Table 27: GET /scanner/scanprofiles/{profileid}/runs Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
404 | 1002 | null |
422 | 1005 | null |
500 | 1030 | null |
Response Description
Response Sample
[ { "end_time": 42, "id": 42, "scan_profile_id": 42, "start_time": 42 } ]
GET /scanner/scanprofiles/{profileid}/runs/{run_id}
Table 28: GET /scanner/scanprofiles/{profileid}/runs/{run_id} Resource Details
MIME Type |
|---|
application/json |
Table 29: GET /scanner/scanprofiles/{profileid}/runs/{run_id} Request Parameter Details
Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
profileid | path | Required | Number (Integer) | text/plain | null |
run_id | path | Required | Number (Integer) | text/plain | null |
fields | query | Optional | String | text/plain | Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
Table 30: GET /scanner/scanprofiles/{profileid}/runs/{run_id} Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
404 | 1002 | null |
500 | 1030 | null |
Response Description
Response Sample
{ "end_time": 42, "id": 42, "scan_profile_id": 42, "start_time": 42 }
GET /scanner/scanprofiles/{profileid}/runs/{run_id}/results
Table 31: GET /scanner/scanprofiles/{profileid}/runs/{run_id}/results Resource Details
MIME Type |
|---|
application/json |
Table 32: GET /scanner/scanprofiles/{profileid}/runs/{run_id}/results Request Parameter Details
Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
profileid | path | Required | Number (Integer) | text/plain | null |
run_id | path | Required | Number (Integer) | text/plain | null |
Range | header | Optional | String | text/plain | Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero. |
fields | query | Optional | String | text/plain | Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
Table 33: GET /scanner/scanprofiles/{profileid}/runs/{run_id}/results Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
404 | 1002 | null |
422 | 1005 | null |
500 | 1030 | null |
Response Description
Response Sample
[ { "base_score": 42, "critical_details": "String", "cve_ids": [ "String" ], "hostname": "String", "informative_details": "String", "ip_address": "String", "open_services": [ "String" ], "port": 42, "temporal_score": 42, "vulnerability": "String" } ]
POST /scanner/scanprofiles/{profileid}/start
Initiates a request to start an already created scanProfile.
The request takes one parameter, scanProfileId, and one optional parameter, ips. To get a list of scanProfileIds, simply get a list of the current scan profiles by initiating a 'profiles' request on the scanner endpoint. The scanProfileId, is validated and an appropriate message returned.
Table 34: POST /scanner/scanprofiles/{profileid}/start Resource Details
MIME Type |
|---|
text/plain |
Table 35: POST /scanner/scanprofiles/{profileid}/start Request Parameter Details
Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
profileid | path | Required | String | text/plain | The unique id of the scan profile we want to start |
Table 36: POST /scanner/scanprofiles/{profileid}/start Request Body Details
Parameter | Data Type | MIME Type | Description | Sample |
|---|---|---|---|---|
ips | JSON | application/json | null | null |
Table 37: POST /scanner/scanprofiles/{profileid}/start Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
202 | The scan has been successfully started | |
403 | 1000 | Occurs if the user does not have permission to start a scan, or the scan is in progress |
500 | 1030 | Occurs when an attempt is made to start a scan when certain conditions are not met, or when too many scan requests have been made |
Response Description
An indicator of whether the scan has been started successfully or not.
Response Sample
String