List Scan Alert Findings

Get the specific scan findings associated with this scan and plugin.

This endpoint reports details of the Alert that was triggered from a scan, with details on how to address it and the scanned application paths that triggered the alert.

Scan Alerts by plugin return paginated results of the applicationScanAlertUri.

Alert Response

Calling this endpoint with a given scanId and pluginId returns an alertResponse object. This alert contains the paginated applicationAlertUris, identifying each path in the scanned host that triggered this alert.

Paginated response of the scan alert and paths associated with this finding.

alert{}The meaningful scan alert finding.
category""The category of this finding.
applicationScanAlertUris[]Path uris that triggered this alert.
cheetsheet""external url to an OWASP cheatsheet for reference.
appHost""The host URI this alert was triggered for.
isEachRuleLockedfalseif the scan alert and uris cannot be triaged within the StackHawk Platform.
nextPageToken""pageToken to provide for the next page of results.
totalCount0total number of results.

Application Alert Uri

Represents a meaningful path-level finding in a scanned application.

scan{}The underlying scan this application alert URI was found in.
pluginId""The id of the StackHawk/ZAP plugin that triggered this alert application alert URI.
uri""The URI of the path in the scanned application.
msgId""A unique identifier of the individual request/response pair that triggered this Alert.
requestMethod""The HTTP method used to find this path.
status"UNKNOWN"The Triaged status of this application alert.
matchedRuleNote""Message from the last time this alert was triaged.
matchedRuleLastUpdated0Timestamp of the last time this alert was updated.
appUriId""Unique identifier for this app x uri
alertUriId""Unique identifier for this alert x uri
matchedRuleUserId""The last user who triaged this alert.
ruleHistories[]The triage history of this application alert.
statusLink""Optional URL of external promotion tool linked to triaged alert.

See the Scan Results Analysis guide for further details on how to use these endpoints.

Click Try It! to start a request and see the response here!