Lists the events of a specific vulnerability.
The request produces an application/json
payload.
GET | SaaS | https://{your-environment-id}.live.dynatrace.com/api/v2/securityProblems/{id}/events |
Environment ActiveGateCluster ActiveGate | https://{your-activegate-domain}:9999/e/{your-environment-id}/api/v2/securityProblems/{id}/events |
To execute this request, you need an access token with securityProblems.read
scope.
To learn how to obtain and use it, see Tokens and authentication.
Parameter | Type | Description | In | Required |
---|---|---|---|---|
id | string | The ID of the requested security problem. | path | required |
from | string | The start of the requested timeframe. You can use one of the following formats:
If not set, the relative timeframe of thirty days is used ( | query | optional |
to | string | The end of the requested timeframe. You can use one of the following formats:
If not set, the current timestamp is used. | query | optional |
Code | Type | Description |
---|---|---|
200 | Security | Success. The response contains the list of security problem events. |
4XX | Error | Client side error. |
5XX | Error | Server side error. |
SecurityProblemEventsList
objectA list of events for a security problem.
Element | Type | Description |
---|---|---|
events | Security | A list of events for a security problem. |
nextPageKey | string | The cursor for the next page of results. Has the value of Use it in the nextPageKey query parameter to obtain subsequent pages of the result. |
pageSize | integer | The number of entries per page. |
totalCount | integer | The total number of entries in the result. |
SecurityProblemEvent
objectThe event of a security problem.
Element | Type | Description |
---|---|---|
muteState | Mute | Metadata of the muted state of a security problem in relation to an event. |
reason | string | The reason of the event creation.
|
riskAssessmentSnapshot | Risk | A snapshot of the risk assessment of a security problem. |
timestamp | integer | The timestamp when the event occurred. |
MuteState
objectMetadata of the muted state of a security problem in relation to an event.
Element | Type | Description |
---|---|---|
comment | string | A user's comment. |
reason | string | The reason for the mute state change.
|
user | string | The user who has muted or unmuted the problem. |
RiskAssessmentSnapshot
objectA snapshot of the risk assessment of a security problem.
Element | Type | Description |
---|---|---|
baseRiskScore | number | The risk score (1-10) from the CVSS score. |
changes | Risk | All changes of the risk assessment. |
exposure | string | The level of exposure of affected entities.
|
numberOfAffectedEntities | integer | The number of currently affected entities. |
numberOfAffectedNodes | integer | The number of currently affected nodes. |
numberOfAffectedProcessGroups | integer | The number of currently affected process groups. |
numberOfReachableDataAssets | integer | The number of data assets that are currently reachable by affected entities. |
numberOfRelatedAttacks | integer | The number of related attacks. |
publicExploit | string | The availability status of public exploits.
|
riskLevel | string | The Davis risk level. It is calculated by Dynatrace on the basis of CVSS score.
|
riskScore | number | The Davis risk score (1-10). It is calculated by Dynatrace on the basis of CVSS score. |
vulnerableFunctionUsage | string | The state of vulnerable code execution.
|
RiskAssessmentChanges
objectAll changes of the risk assessment.
Element | Type | Description |
---|---|---|
deltaBaseRiskScore | number | The delta of the risk score. |
deltaNumberOfAffectedNodes | integer | The delta of the number of currently affected nodes. |
deltaNumberOfAffectedProcessGroups | integer | The delta of the number of currently affected process groups. |
deltaNumberOfReachableDataAssets | integer | The delta of the number of data assets that are currently reachable by affected entities. |
deltaNumberOfRelatedAttacks | integer | The delta of the number of related attacks. |
deltaRiskScore | number | The delta of the Davis risk score. |
previousExposure | string | The previous level of exposure of affected entities.
|
previousPublicExploit | string | The previous availability status of public exploits.
|
previousVulnerableFunctionUsage | string | The previous state of vulnerable code execution.
|
{"events": [{"muteState": {"comment": "string","reason": "AFFECTED","user": "string"},"reason": "ASSESSMENT_CHANGED","riskAssessmentSnapshot": {"baseRiskScore": 1,"changes": {"deltaBaseRiskScore": 1,"deltaNumberOfAffectedNodes": 1,"deltaNumberOfAffectedProcessGroups": 1,"deltaNumberOfReachableDataAssets": 1,"deltaNumberOfRelatedAttacks": 1,"deltaRiskScore": 1,"previousExposure": "NOT_AVAILABLE","previousPublicExploit": "AVAILABLE","previousVulnerableFunctionUsage": "IN_USE"},"exposure": "NOT_AVAILABLE","numberOfAffectedEntities": 1,"numberOfAffectedNodes": 1,"numberOfAffectedProcessGroups": 1,"numberOfReachableDataAssets": 1,"numberOfRelatedAttacks": 1,"publicExploit": "AVAILABLE","riskLevel": "CRITICAL","riskScore": 1,"vulnerableFunctionUsage": "IN_USE"},"timestamp": 1}],"nextPageKey": "AQAAABQBAAAABQ==","pageSize": 1,"totalCount": 1}
Query global vulnerability events.
Required filter: securityProblemId
.
curl -X 'GET' 'https://mySampleEnv.live.dynatrace.com/api/v2/securityProblems/7412525767433554374/events' \-H 'accept: application/json; charset=utf-8' \-H 'Authorization: Api-Token [your_token]'
https://mySampleEnv.live.dynatracelabs.com/api/v2/securityProblems/7412525767433554374/events
{"events": [{"timestamp": 1726497793191,"reason": "SECURITY_PROBLEM_REOPENED","riskAssessmentSnapshot": {"baseRiskScore": 5.3,"exposure": "PUBLIC_NETWORK","numberOfAffectedEntities": 2,"numberOfAffectedNodes": 0,"numberOfAffectedProcessGroups": 2,"numberOfReachableDataAssets": 1,"numberOfRelatedAttacks": 0,"publicExploit": "NOT_AVAILABLE","riskLevel": "MEDIUM","riskScore": 5.3,"vulnerableFunctionUsage": "NOT_AVAILABLE"}},{"timestamp": 1726496886335,"reason": "SECURITY_PROBLEM_RESOLVED","riskAssessmentSnapshot": {"baseRiskScore": 5.3,"exposure": "NOT_DETECTED","numberOfAffectedEntities": 0,"numberOfAffectedNodes": 0,"numberOfAffectedProcessGroups": 0,"numberOfReachableDataAssets": 0,"numberOfRelatedAttacks": 0,"publicExploit": "NOT_AVAILABLE","riskLevel": "MEDIUM","riskScore": 5.3,"vulnerableFunctionUsage": "NOT_AVAILABLE"}},{"timestamp": 1726495992217,"reason": "SECURITY_PROBLEM_REOPENED","riskAssessmentSnapshot": {"baseRiskScore": 5.3,"exposure": "PUBLIC_NETWORK","numberOfAffectedEntities": 2,"numberOfAffectedNodes": 0,"numberOfAffectedProcessGroups": 2,"numberOfReachableDataAssets": 1,"numberOfRelatedAttacks": 0,"publicExploit": "NOT_AVAILABLE","riskLevel": "MEDIUM","riskScore": 5.3,"vulnerableFunctionUsage": "NOT_AVAILABLE"}},{"timestamp": 1726495086473,"reason": "SECURITY_PROBLEM_RESOLVED","riskAssessmentSnapshot": {"baseRiskScore": 5.3,"exposure": "NOT_DETECTED","numberOfAffectedEntities": 0,"numberOfAffectedNodes": 0,"numberOfAffectedProcessGroups": 0,"numberOfReachableDataAssets": 0,"numberOfRelatedAttacks": 0,"publicExploit": "NOT_AVAILABLE","riskLevel": "MEDIUM","riskScore": 5.3,"vulnerableFunctionUsage": "NOT_AVAILABLE"}},{"timestamp": 1726121661376,"reason": "ASSESSMENT_CHANGED","riskAssessmentSnapshot": {"baseRiskScore": 5.3,"changes": {"deltaRiskScore": 1,"previousExposure": "NOT_DETECTED"},"exposure": "PUBLIC_NETWORK","numberOfAffectedEntities": 2,"numberOfAffectedNodes": 0,"numberOfAffectedProcessGroups": 2,"numberOfReachableDataAssets": 1,"numberOfRelatedAttacks": 0,"publicExploit": "NOT_AVAILABLE","riskLevel": "MEDIUM","riskScore": 5.3,"vulnerableFunctionUsage": "NOT_AVAILABLE"}},{"timestamp": 1725894871382,"reason": "ASSESSMENT_CHANGED","riskAssessmentSnapshot": {"baseRiskScore": 5.3,"changes": {"deltaNumberOfAffectedProcessGroups": 1},"exposure": "NOT_DETECTED","numberOfAffectedEntities": 2,"numberOfAffectedNodes": 0,"numberOfAffectedProcessGroups": 2,"numberOfReachableDataAssets": 1,"numberOfRelatedAttacks": 0,"publicExploit": "NOT_AVAILABLE","riskLevel": "MEDIUM","riskScore": 4.3,"vulnerableFunctionUsage": "NOT_AVAILABLE"}}],"pageSize": 1,"totalCount": 6}