Return Servers' public ips for completed scans with SL API

0
votes

Normally I use object masks to set what i require only, is there a problem nowadays with masks?, I need to get all the Server that were Completely scanned using the Nessus vuln., I need only the ids of the Server, public ips as most important, and also when did the scan took place for each.

here is the full request I used

https://api.softlayer.com/rest/v3/SoftLayer_Account/getSecurityScanRequests?objectMask=mask[id,ipAddresses,createDate,virtualGuest[id],hardware[id],createdate, hostId, guestid, hardwareId] Method: GET, is there something wrong?

1
ibm-cloud-infrastructure
It will be useful if you can provide the code or rest calls you are using. - Albert Camacho
Are you just looking to parse a log file? - icirellik

1 Answers

0
votes

There are some improvements I've made in your code, see below:

https://[username]:[apiKey]@api.softlayer.com/rest/v3/SoftLayer_Account/getSecurityScanRequests?objectMask=mask[id,ipAddress,createDate, status[name],guest[id, primaryBackendIpAddress],hardware[id, primaryBackendIpAddress], hostId, guestId, hardwareId]&objectFilter={"securityScanRequests":{"status":{"id":{"operation":[statusId]}}}}

Besides using masks to retrieve the server ids, you required to make use of Object Filters to return only the vulnerability scans, like in this example you should change the value [statusId] for 103 to return the "Scan Complete" objects, don't forget to change username and apiKey values for valid credentials.

Notice that each message status for vulnerability scann has a name, for example The status messages are as follows:

*Scan Pending

*Scan Processing

*Scan Complete (103)

*Scan Cancelled

*Generating Report.

For more information, see below:

https://sldn.softlayer.com/article/object-filters

https://sldn.softlayer.com/article/object-masks

http://sldn.softlayer.com/reference/datatypes/SoftLayer_Network_Security_Scanner_Request_Status