Follow

Scan Creation API

In order to automatically trigger new vulnerability scans from change management or continuous integration systems, such as Jenkins, NormShield provides scan creation API when called creates a new one-time scan configuration with the given parameters, such as assets, scanner and scan policy names, etc.

Scan Creation API

https://nsserver/api/scan/create?token=[TOKEN]

Here's an example JSON HTTP POST call with example scans body;

[
  {
    token: "5947A8A3-2FE8-4CB3-B236-28928D98AA33", 
asset:["10.10.13.4"],
scanner: "nessus",
policy: "Default",
scan_name: "scan_test",
asset_label:[],
asset_type_for_new_asset: "ip" }, { token: "5947A8A3-2FE8-4CB3-B236-28928D98AA33",
asset:["sophomore.encomp.corp"],
scanner: "nessus",
policy: "FULL_SCAN",
scan_name: "scan_test2",
asset_label:["linux"],
asset_type_for_new_asset: "hostname" } ]

The request and JSON parameter names and their explanation are shown in Table 1.

 Content-Type HTTP header of the requests should be application/json

Parameter Name

Detail

token

 NormShield company based security token created from Admin -> Security Tokens  page. [REQUIRED if url token field is empty]

asset

 one or more asset values such as IP, URL, Hostname [asset or asset_label must be given]

scanner

 Scanner name such as Nessus, Acunetix... [REQUIRED]

policy

 Selected policy for scanner [REQUIRED]

scan_name

 Scan name [Optional]

asset_label

 One or more labels given to asset [asset or asset_label must be given]

asset_type_for_new_asset

One of ip, url, hostname or other [REQUIRED if asset is new]

Table 1 - The HTTP request and JSON parameter names for scan creation API

 If the asset to be scanned is new, the type of the asset should be noted via asset_type_for_new_asset key as one of ip, hostname or url

When successful created scan ids will be returned;

Created Scan Id List: 2999,3000

 

Possible error messages include:

ERR:Company not found from token:XXXX maintoken:XXXX for scan:scan_test
ERR:Cannot find policy by scanner-policy duo:nessus-test
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk