• Home
  • Dynatrace API
  • Environment
  • Application Security
  • Security problems
  • GET list remediation items

Security problems API - GET list remediation items

Lists all remediation items of a security problem.

The request produces an application/json payload.

Early Adopter

This request is an Early Adopter release and may be changed in non-compatible way.

GETManaged https://{your-domain}/e/{your-environment-id}/api/v2/securityProblems/{id}/remediationItems
SaaS https://{your-environment-id}.live.dynatrace.com/api/v2/securityProblems/{id}/remediationItems
Environment ActiveGate https://{your-activegate-domain}/e/{your-environment-id}/api/v2/securityProblems/{id}/remediationItems

Authentication

To execute this request, you need an access token with Read security problems (securityProblems.read) scope. To learn how to obtain and use it, see Tokens and authentication.

Parameters

ParameterTypeDescriptionInRequired
idstring

The ID of the required security problem.

pathrequired
remediationItemSelectorstring

Defines the scope of the query. Only remediable entities matching the specified criteria are included in the response.

You can add one or more of the following criteria. Values are not case-sensitive and the EQUALS operator is used unless otherwise specified.

  • Vulnerability state: vulnerabilityState("value"). Find the possible values in the description of the vulnerabilityState field of the response. If not set, all entities are returned.
  • Muted: muted("value"). Possible values are TRUE or FALSE.
  • Sensitive data asset assessment: assessment.dataAssets("value") Possible values are REACHABLE, and NOT_DETECTED.
  • Network exposure assessment: assessment.exposure("value") Possible values are PUBLIC_NETWORK, and NOT_DETECTED.
  • Vulnerable function usage assessment: assessment.vulnerableFunctionUsage("value") Possible values are IN_USE, and NOT_IN_USE.
  • Vulnerable function in use contains: assessment.vulnerableFunctionInUseContains("value"). Possible values are class::function, class:: and function. The CONTAINS operator is used. Only vulnerable functions in use are considered.
  • Entity name contains: entityNameContains("value-1"). The CONTAINS operator is used.

To set several criteria, separate them with a comma (,). Only results matching all criteria are included in the response.

Specify the value of a criterion as a quoted string. The following special characters must be escaped with a tilde (~) inside quotes:

  • Tilde ~
  • Quote "
queryoptional

Response

Response codes

CodeTypeDescription
200RemediationItemList

Success. The response contains the list of remediation items of a problem.

Response body objects

The RemediationItemList object

A list of remediation items.

ElementTypeDescription
remediationItemsRemediationItem[]

A list of remediation items.

Can be null.

The RemediationItem object

A possible remediation for a security problem.

ElementTypeDescription
idstring

The ID of the remediation item.

Can be null.

entityIdsstring[]

A list of related entities, represented by entity IDs.

Can be null.

namestring

The name of the entity.

Can be null.

firstAffectedTimestampinteger

The timestamp when the entity has first been related to the vulnerability.

Can be null.

assessmentRemediationAssessment

Assessment of the remediation item.

Can be null.

resolvedTimestampinteger

The timestamp (UTC milliseconds) when the vulnerability has been resolved for related entities.

Can be null.

vulnerabilityStatestring

The current state of related entities for the vulnerability.

The element can hold these values
  • RESOLVED
  • VULNERABLE

Can be null.

muteStateRemediationItemMuteState

The mute state of a remediation item of a security problem.

Can be null.

vulnerableComponentsVulnerableComponent[]

A list of vulnerable components of the remediation item.

A vulnerable component is what causes the security problem.

Can be null.

remediationProgressRemediationProgress

The progress of this remediation item. It contains affected and unaffected entities.

Can be null.

The RemediationAssessment object

Assessment of the remediation item.

ElementTypeDescription
exposurestring

The level of exposure of affected entities.

The element can hold these values
  • NOT_AVAILABLE
  • NOT_DETECTED
  • PUBLIC_NETWORK

Can be null.

dataAssetsstring

The reachability of related data assets by affected entities.

The element can hold these values
  • NOT_AVAILABLE
  • NOT_DETECTED
  • REACHABLE

Can be null.

numberOfDataAssetsinteger

The number of related data assets.

Can be null.

vulnerableFunctionUsagestring

The usage of vulnerable functions

The element can hold these values
  • IN_USE
  • NOT_AVAILABLE
  • NOT_IN_USE

Can be null.

vulnerableFunctionsInUseVulnerableFunction[]

A list of vulnerable functions that are in use.

Can be null.

vulnerableFunctionsNotInUseVulnerableFunction[]

A list of vulnerable functions that are not in use.

Can be null.

vulnerableFunctionsNotAvailableVulnerableFunction[]

A list of vulnerable functions that are not available.

Can be null.

The VulnerableFunction object

Defines an vulnerable function.

ElementTypeDescription
classNamestring

The class name of the vulnerable function.

Can be null.

filePathstring

The file path of the vulnerable function.

Can be null.

functionNamestring

The function name of the vulnerable function.

Can be null.

The RemediationItemMuteState object

The mute state of a remediation item of a security problem.

ElementTypeDescription
mutedboolean

The remediation is (true) or is not (false) muted.

Can be null.

userstring

The user who last changed the mute state.

Can be null.

lastUpdatedTimestampinteger

The timestamp (UTC milliseconds) of the last update of the mute state.

Can be null.

reasonstring

The reason for the most recent mute state change.

The element can hold these values
  • AFFECTED
  • CONFIGURATION_NOT_AFFECTED
  • FALSE_POSITIVE
  • IGNORE
  • INITIAL_STATE
  • OTHER
  • VULNERABLE_CODE_NOT_IN_USE

Can be null.

commentstring

A short comment about the most recent mute state change.

Can be null.

The VulnerableComponent object

Vulnerable component of a security problem.

ElementTypeDescription
idstring

The Dynatrace entity ID of the vulnerable component.

Can be null.

displayNamestring

The display name of the vulnerable component.

Can be null.

fileNamestring

The file name of the vulnerable component.

Can be null.

numberOfAffectedEntitiesinteger

The number of affected entities.

Can be null.

affectedEntitiesstring[]

A list of affected entities.

Can be null.

The RemediationProgress object

The progress of this remediation item. It contains affected and unaffected entities.

ElementTypeDescription
affectedEntitiesstring[]

A list of related entities that are affected by the security problem.

Can be null.

unaffectedEntitiesstring[]

A list of related entities that are affected by the security problem.

Can be null.

Response body JSON model

json
{ "remediationItems": [ { "id": "string", "entityIds": [ "string" ], "name": "string", "firstAffectedTimestamp": 1, "assessment": { "exposure": "NOT_AVAILABLE", "dataAssets": "NOT_AVAILABLE", "numberOfDataAssets": 1, "vulnerableFunctionUsage": "IN_USE", "vulnerableFunctionsInUse": [ { "className": "string", "filePath": "string", "functionName": "string" } ], "vulnerableFunctionsNotInUse": [ {} ], "vulnerableFunctionsNotAvailable": [ {} ] }, "resolvedTimestamp": 1, "vulnerabilityState": "RESOLVED", "muteState": { "muted": true, "user": "string", "lastUpdatedTimestamp": 1, "reason": "AFFECTED", "comment": "string" }, "vulnerableComponents": [ { "id": "string", "displayName": "string", "fileName": "string", "numberOfAffectedEntities": 1, "affectedEntities": [ "string" ] } ], "remediationProgress": { "affectedEntities": [ "string" ], "unaffectedEntities": [ "string" ] } } ] }

Example

In this example, the request lists remediation items of the security problem with the ID of 3_SNYK-JAVA-IONETTY-1042268. The response is truncated to two entries.

The API token is passed in the Authorization header.

Curl

bash
curl --request GET \ --url https://mySampleEnv.live.dynatrace.com/api/v2/securityProblems/3_SNYK-JAVA-IONETTY-1042268/remediationItems \ --header 'Authorization: Api-Token dt0c01.abc123.abcdefjhij1234567890'

Request URL

http
https://mySampleEnv.live.dynatrace.com/api/v2/securityProblems/3_SNYK-JAVA-IONETTY-1042268/remediationItems

Response body

json
{ "remediationItems": [ { "id": "PROCESS_GROUP-70DF2C1374244F5A", "entityIds": [ "PROCESS_GROUP-70DF2C1374244F5A" ], "name": "KpiTomcatBackEnd-CWS-1-IG-144-HG", "firstAffectedTimestamp": 1633531037359, "assessment": { "exposure": "NOT_DETECTED", "dataAssets": "REACHABLE" }, "vulnerabilityState": "VULNERABLE", "muteState": { "muted": false, "user": "unknown", "reason": "INITIAL_STATE" }, "vulnerableComponents": [ { "id": "SOFTWARE_COMPONENT-2559CD116033C217", "displayName": "io.software.component.1.1", "fileName": "io.software.component.1.1.jar", "numberOfAffectedEntities": 2, "affectedEntities": [ "PROCESS_GROUP_INSTANCE-3684888745E180D5", "PROCESS_GROUP_INSTANCE-8F100796B9296962" ] }, { "id": "SOFTWARE_COMPONENT-0A679AA673B2B525", "displayName": "io.software.component.loader.2.0.Final", "fileName": "io.software.component.loader.2.0.jar", "numberOfAffectedEntities": 4, "affectedEntities": [ "PROCESS_GROUP_INSTANCE-0D133F13A28B477A", "PROCESS_GROUP_INSTANCE-258962DC804FEDBC", "PROCESS_GROUP_INSTANCE-3684888745E180D5", "PROCESS_GROUP_INSTANCE-B79C2594071FBF6C" ] } ], "remediationProgress": { "affectedEntities": [ "PROCESS_GROUP_INSTANCE-0D133F13A28B477A", "PROCESS_GROUP_INSTANCE-258962DC804FEDBC", "PROCESS_GROUP_INSTANCE-3684888745E180D5", "PROCESS_GROUP_INSTANCE-8F100796B9296962", "PROCESS_GROUP_INSTANCE-B79C2594071FBF6C" ], "unaffectedEntities": [ "PROCESS_GROUP_INSTANCE-63AD33941D667CAC", "PROCESS_GROUP_INSTANCE-E20A5DDF167AF3B8", "PROCESS_GROUP_INSTANCE-F1166B3AB1F4312D", "PROCESS_GROUP_INSTANCE-F9D0250A7432521D", "PROCESS_GROUP_INSTANCE-FF1B355E4E252FA1" ] } }, { "id": "PROCESS_GROUP-18407614632D87A6", "entityIds": [ "PROCESS_GROUP-18407614632D87A6" ], "name": "KpiTomcatFrontEnd-CWS-1-IG-67-HG", "firstAffectedTimestamp": 1633531037359, "assessment": { "exposure": "PUBLIC_NETWORK", "dataAssets": "NOT_DETECTED" }, "resolvedTimestamp": 1636096094323, "vulnerabilityState": "RESOLVED", "muteState": { "muted": false, "user": "unknown", "reason": "INITIAL_STATE" }, "vulnerableComponents": [ { "id": "SOFTWARE_COMPONENT-2559CD116033C217", "displayName": "io.software.component.1.1.Final", "fileName": "io.software.component.1.1.jar", "numberOfAffectedEntities": 1, "affectedEntities": [ "PROCESS_GROUP_INSTANCE-41115D4B6F8BFEEC" ] } ], "remediationProgress": { "affectedEntities": [ "PROCESS_GROUP_INSTANCE-41115D4B6F8BFEEC" ], "unaffectedEntities": [ "PROCESS_GROUP_INSTANCE-0189CF4780B4B872", "PROCESS_GROUP_INSTANCE-2D54D85C45C0BA57", "PROCESS_GROUP_INSTANCE-3E6373ACEA9DE722", "PROCESS_GROUP_INSTANCE-47BCF72F93FF9528", "PROCESS_GROUP_INSTANCE-6B5EF5C1A5ED42D0", "PROCESS_GROUP_INSTANCE-BA18DB16A7A28A04", "PROCESS_GROUP_INSTANCE-BCAECCB29AB12462", "PROCESS_GROUP_INSTANCE-DD3CD2024A06BB5B", "PROCESS_GROUP_INSTANCE-DE5B280889AC6569" ] } } ] }

Response code

200

Related topics
  • Application Security

    Detect, monitor, and remediate open-source and third-party vulnerabilities at runtime.

  • Davis security advisor API

    Find out what the Dynatrace Davis security advisor API offers.