List Scan Alert Findings
Get the specific scan findings associated with this scan and plugin.
This endpoint reports details of the Alert that was triggered from a scan, with details on how to address it and the scanned application paths that triggered the alert.
Scan Alerts by plugin return paginated results of the applicationScanAlertUri
.
Alert Response
Calling this endpoint with a given scanId
and pluginId
returns an alertResponse
object. This alert contains the paginated applicationAlertUris
, identifying each path in the scanned host that triggered this alert.
Paginated response of the scan alert and paths associated with this finding.
Parameter | Default | Description |
---|---|---|
alert | {} | The meaningful scan alert finding. |
category | "" | The category of this finding. |
applicationScanAlertUris | [] | Path uris that triggered this alert. |
cheetsheet | "" | external url to an OWASP cheatsheet for reference. |
appHost | "" | The host URI this alert was triggered for. |
isEachRuleLocked | false | if the scan alert and uris cannot be triaged within the StackHawk Platform. |
nextPageToken | "" | pageToken to provide for the next page of results. |
totalCount | 0 | total number of results. |
Application Alert Uri
Represents a meaningful path-level finding in a scanned application.
Parameter | Default | Description |
---|---|---|
scan | {} | The underlying scan this application alert URI was found in. |
pluginId | "" | The id of the StackHawk/ZAP plugin that triggered this alert application alert URI. |
uri | "" | The URI of the path in the scanned application. |
msgId | "" | A unique identifier of the individual request/response pair that triggered this Alert. |
requestMethod | "" | The HTTP method used to find this path. |
status | "UNKNOWN" | The Triaged status of this application alert. |
matchedRuleNote | "" | Message from the last time this alert was triaged. |
matchedRuleLastUpdated | 0 | Timestamp of the last time this alert was updated. |
appUriId | "" | Unique identifier for this app x uri |
alertUriId | "" | Unique identifier for this alert x uri |
matchedRuleUserId | "" | The last user who triaged this alert. |
ruleHistories | [] | The triage history of this application alert. |
statusLink | "" | Optional URL of external promotion tool linked to triaged alert. |
See the Scan Results Analysis guide for further details on how to use these endpoints.