List Scan Alert Findings
Get the specific scan findings associated with this scan and plugin.
This endpoint reports details of the Alert that was triggered from a scan, with details on how to address it and the scanned application paths that triggered the alert.
Scan Alerts by plugin return paginated results of the applicationScanAlertUri.
Alert Response
Calling this endpoint with a given scanId and pluginId returns an alertResponse object. This alert contains the paginated applicationAlertUris, identifying each path in the scanned host that triggered this alert.
Paginated response of the scan alert and paths associated with this finding.
| Parameter | Default | Description |
|---|---|---|
| alert | {} | The meaningful scan alert finding. |
| category | "" | The category of this finding. |
| applicationScanAlertUris | [] | Path uris that triggered this alert. |
| cheetsheet | "" | external url to an OWASP cheatsheet for reference. |
| appHost | "" | The host URI this alert was triggered for. |
| isEachRuleLocked | false | if the scan alert and uris cannot be triaged within the StackHawk Platform. |
| nextPageToken | "" | pageToken to provide for the next page of results. |
| totalCount | 0 | total number of results. |
Application Alert Uri
Represents a meaningful path-level finding in a scanned application.
| Parameter | Default | Description |
|---|---|---|
| scan | {} | The underlying scan this application alert URI was found in. |
| pluginId | "" | The id of the StackHawk/ZAP plugin that triggered this alert application alert URI. |
| uri | "" | The URI of the path in the scanned application. |
| msgId | "" | A unique identifier of the individual request/response pair that triggered this Alert. |
| requestMethod | "" | The HTTP method used to find this path. |
| status | "UNKNOWN" | The Triaged status of this application alert. |
| matchedRuleNote | "" | Message from the last time this alert was triaged. |
| matchedRuleLastUpdated | 0 | Timestamp of the last time this alert was updated. |
| appUriId | "" | Unique identifier for this app x uri |
| alertUriId | "" | Unique identifier for this alert x uri |
| matchedRuleUserId | "" | The last user who triaged this alert. |
| ruleHistories | [] | The triage history of this application alert. |
| statusLink | "" | Optional URL of external promotion tool linked to triaged alert. |
See the Scan Results Analysis guide for further details on how to use these endpoints.