Security problems API - GET problem events
Lists events of a security problem
The request produces an application/json
payload.
GET | ManagedDynatrace for Government | https://{your-domain}/e/{your-environment-id}/api/v2/securityProblems/{id}/events |
SaaS | https://{your-environment-id}.live.dynatrace.com/api/v2/securityProblems/{id}/events | |
Environment ActiveGate | https://{your-activegate-domain}/e/{your-environment-id}/api/v2/securityProblems/{id}/events |
Authentication
To execute this request, you need an access token with securityProblems.read
scope.
To learn how to obtain and use it, see Tokens and authentication.
Parameters
Parameter | Type | Description | In | Required |
---|---|---|---|---|
id | string | The ID of the required security problem. | path | required |
from | string | The start of the requested timeframe. You can use one of the following formats:
If not set, the relative timeframe of thirty days is used ( | query | optional |
to | string | The end of the requested timeframe. You can use one of the following formats:
If not set, the current timestamp is used. | query | optional |
Response
Response codes
Code | Type | Description |
---|---|---|
200 | Security | Success. The response contains the list of security problem events. |
Response body objects
The SecurityProblemEventsList
object
A list of events for a security problem.
Element | Type | Description |
---|---|---|
events | Security | A list of events for a security problem. |
totalCount | integer | The total number of entries in the result. |
pageSize | integer | The number of entries per page. |
nextPageKey | string | The cursor for the next page of results. Has the value of Use it in the nextPageKey query parameter to obtain subsequent pages of the result. |
The SecurityProblemEvent
object
The event of a security problem.
Element | Type | Description |
---|---|---|
timestamp | integer | The timestamp when the event occurred. |
reason | string | The reason of the event creation. |
riskAssessmentSnapshot | Risk | A snapshot of the risk assessment of a security problem. |
muteState | Mute | Metadata of the muted state of a security problem in relation to an event. |
The RiskAssessmentSnapshot
object
A snapshot of the risk assessment of a security problem.
Element | Type | Description |
---|---|---|
exposure | string | The level of exposure of affected entities. |
numberOfAffectedEntities | integer | The number of currently affected entities. |
numberOfReachableDataAssets | integer | The number of data assets that are currently reachable by affected entities. |
publicExploit | string | The availability status of public exploits. |
riskLevel | string | The Davis risk level. It is calculated by Dynatrace on the basis of CVSS score. |
riskScore | number | The Davis risk score (1-10). It is calculated by Dynatrace on the basis of CVSS score. |
vulnerableFunctionUsage | string | The state of vulnerable code execution. |
The MuteState
object
Metadata of the muted state of a security problem in relation to an event.
Element | Type | Description |
---|---|---|
user | string | The user who has muted or unmuted the problem. |
reason | string | The reason for the mute state change. |
comment | string | A user's comment. |
Response body JSON model
{
"events": [
{
"timestamp": 1,
"reason": "SECURITY_PROBLEM_CREATED",
"riskAssessmentSnapshot": {
"exposure": "NOT_AVAILABLE",
"numberOfAffectedEntities": 1,
"numberOfReachableDataAssets": 1,
"publicExploit": "AVAILABLE",
"riskLevel": "CRITICAL",
"riskScore": 1,
"vulnerableFunctionUsage": "IN_USE"
},
"muteState": {
"user": "string",
"reason": "AFFECTED",
"comment": "string"
}
}
],
"totalCount": 1,
"pageSize": 1,
"nextPageKey": "AQAAABQBAAAABQ=="
}