Settings API - Vulnerability Analytics- Monitoring rules for code-level vulnerabilities schema table
Vulnerability Analytics: Monitoring rules for code-level vulnerabilities (builtin:appsec.code-level-vulnerability-rule-settings)
The global code-level vulnerability detection control defines the default per technology for all process groups. To override the default, define custom monitoring rules here. Note that the monitoring rules are ordered; the first matching rule will be applied.
builtin:appsec.code-level-vulnerability-rule-settingsgroup:appsec.vulnerability-analyticsgroup:appsec
environment| GET | Managed | https://{your-domain}/e/{your-environment-id}/api/v2/settings/schemas/builtin:appsec.code-level-vulnerability-rule-settings |
| SaaS | https://{your-environment-id}.live.dynatrace.com/api/v2/settings/schemas/builtin:appsec.code-level-vulnerability-rule-settings | |
| Environment ActiveGate | https://{your-activegate-domain}/e/{your-environment-id}/api/v2/settings/schemas/builtin:appsec.code-level-vulnerability-rule-settings |
Authentication
To execute this request, you need an access token with Read settings (settings.read) scope. To learn how to obtain and use it, see Tokens and authentication.
Parameters
enabledruleNamevulnerabilityDetectionControlresourceAttributeConditionsIf you add more than one condition, note that all conditions must be true simultaneously for the rule to apply.
We provide suggestions for resource attribute keys and values based on what we currently see in your environment. You can also enter any value not currently seen in the list. Resource attributes come out of the box from the OneAgent, and you can set them up from data enrichment.
The VulnerabilityDetectionControl object
monitoringModeMONITORING_OFFMONITORING_ON
The ResourceAttributeCondition object
resourceAttributeKeymatcherEQUALSNOT_EQUALSCONTAINSDOES_NOT_CONTAINSTARTS_WITHDOES_NOT_START_WITHENDS_WITHDOES_NOT_END_WITHEXISTSDOES_NOT_EXIST
resourceAttributeValueThe Metadata object
comment