• Home
  • Dynatrace API
  • Environment
  • Application Security
  • Security problems
  • GET list remediation items

Security problems API - GET list remediation items

Lists all remediation items of a security problem.

The request produces an application/json payload.

GETManagedDynatrace for Governmenthttps://{your-domain}/e/{your-environment-id}/api/v2/securityProblems/{id}/remediationItems
SaaShttps://{your-environment-id}.live.dynatrace.com/api/v2/securityProblems/{id}/remediationItems
Environment ActiveGatehttps://{your-activegate-domain}/e/{your-environment-id}/api/v2/securityProblems/{id}/remediationItems

Authentication

To execute this request, you need an access token with securityProblems.read scope.

To learn how to obtain and use it, see Tokens and authentication.

Parameters

ParameterTypeDescriptionInRequired
idstring

The ID of the required third-party security problem.

pathrequired
remediationItemSelectorstring

Defines the scope of the query. Only remediable entities matching the specified criteria are included in the response.

You can add one or more of the following criteria. Values are not case-sensitive and the EQUALS operator is used unless otherwise specified.

  • Vulnerability state: vulnerabilityState("value"). Find the possible values in the description of the vulnerabilityState field of the response. If not set, all entities are returned.
  • Muted: muted("value"). Possible values are TRUE or FALSE.
  • Reachable data asset assessment: assessment.dataAssets("value") Possible values are REACHABLE, and NOT_DETECTED.
  • Network exposure assessment: assessment.exposure("value") Possible values are PUBLIC_NETWORK, and NOT_DETECTED.
  • Vulnerable function usage assessment: assessment.vulnerableFunctionUsage("value") Possible values are IN_USE, and NOT_IN_USE.
  • Vulnerable function in use contains: assessment.vulnerableFunctionInUseContains("value"). Possible values are class::function, class:: and function. The CONTAINS operator is used. Only vulnerable functions in use are considered.
  • Assessment accuracy: assessment.accuracy("value") Possible values are FULL and REDUCED.
  • Entity name contains: entityNameContains("value-1"). The CONTAINS operator is used.

To set several criteria, separate them with a comma (,). Only results matching all criteria are included in the response.

Specify the value of a criterion as a quoted string. The following special characters must be escaped with a tilde (~) inside quotes:

  • Tilde ~
  • Quote "
queryoptional

Response

Response codes

CodeTypeDescription
200RemediationItemList

Success. The response contains the list of remediation items of a problem.

Response body objects

The RemediationItemList object

A list of remediation items.

ElementTypeDescription
remediationItemsRemediationItem[]

A list of remediation items.

The RemediationItem object

A possible remediation for a security problem.

ElementTypeDescription
idstring

The ID of the remediation item.

entityIdsstring[]

A list of related entities, represented by entity IDs.

namestring

The name of the entity.

firstAffectedTimestampinteger

The timestamp when the entity has first been related to the vulnerability.

assessmentRemediationAssessment

Assessment of the remediation item.

resolvedTimestampinteger

The timestamp (UTC milliseconds) when the vulnerability has been resolved for related entities.

vulnerabilityStatestring

The current state of related entities for the vulnerability.

The element can hold these values
  • RESOLVED
  • VULNERABLE
muteStateRemediationItemMuteState

The mute state of a remediation item of a security problem.

vulnerableComponentsVulnerableComponent[]

A list of vulnerable components of the remediation item.

A vulnerable component is what causes the security problem.

remediationProgressRemediationProgress

The progress of this remediation item. It contains affected and unaffected entities.

The RemediationAssessment object

Assessment of the remediation item.

ElementTypeDescription
exposurestring

The level of exposure of affected entities.

The element can hold these values
  • NOT_AVAILABLE
  • NOT_DETECTED
  • PUBLIC_NETWORK
dataAssetsstring

The reachability of related data assets by affected entities.

The element can hold these values
  • NOT_AVAILABLE
  • NOT_DETECTED
  • REACHABLE
numberOfDataAssetsinteger

The number of related data assets.

vulnerableFunctionUsagestring

The usage of vulnerable functions

The element can hold these values
  • IN_USE
  • NOT_AVAILABLE
  • NOT_IN_USE
vulnerableFunctionsInUseVulnerableFunction[]

A list of vulnerable functions that are in use.

vulnerableFunctionsNotInUseVulnerableFunction[]

A list of vulnerable functions that are not in use.

vulnerableFunctionsNotAvailableVulnerableFunction[]

A list of vulnerable functions that are not available.

The VulnerableFunction object

Defines an vulnerable function.

ElementTypeDescription
classNamestring

The class name of the vulnerable function.

filePathstring

The file path of the vulnerable function.

functionNamestring

The function name of the vulnerable function.

The RemediationItemMuteState object

The mute state of a remediation item of a security problem.

ElementTypeDescription
mutedboolean

The remediation is (true) or is not (false) muted.

userstring

The user who last changed the mute state.

lastUpdatedTimestampinteger

The timestamp (UTC milliseconds) of the last update of the mute state.

reasonstring

The reason for the most recent mute state change.

The element can hold these values
  • AFFECTED
  • CONFIGURATION_NOT_AFFECTED
  • FALSE_POSITIVE
  • IGNORE
  • INITIAL_STATE
  • OTHER
  • VULNERABLE_CODE_NOT_IN_USE
commentstring

A short comment about the most recent mute state change.

The VulnerableComponent object

Vulnerable component of a security problem.

ElementTypeDescription
idstring

The Dynatrace entity ID of the vulnerable component.

displayNamestring

The display name of the vulnerable component.

shortNamestring

The short, component-only name of the vulnerable component.

fileNamestring

The file name of the vulnerable component.

numberOfAffectedEntitiesinteger

The number of affected entities.

affectedEntitiesstring[]

A list of affected entities.

The RemediationProgress object

The progress of this remediation item. It contains affected and unaffected entities.

ElementTypeDescription
affectedEntitiesstring[]

A list of related entities that are affected by the security problem.

unaffectedEntitiesstring[]

A list of related entities that are affected by the security problem.

Response body JSON model

json
{ "remediationItems": [ { "id": "string", "entityIds": [ "string" ], "name": "string", "firstAffectedTimestamp": 1, "assessment": { "exposure": "NOT_AVAILABLE", "dataAssets": "NOT_AVAILABLE", "numberOfDataAssets": 1, "vulnerableFunctionUsage": "IN_USE", "vulnerableFunctionsInUse": [ { "className": "string", "filePath": "string", "functionName": "string" } ], "vulnerableFunctionsNotInUse": [ {} ], "vulnerableFunctionsNotAvailable": [ {} ] }, "resolvedTimestamp": 1, "vulnerabilityState": "RESOLVED", "muteState": { "muted": true, "user": "string", "lastUpdatedTimestamp": 1, "reason": "AFFECTED", "comment": "string" }, "vulnerableComponents": [ { "id": "string", "displayName": "string", "shortName": "string", "fileName": "string", "numberOfAffectedEntities": 1, "affectedEntities": [ "string" ] } ], "remediationProgress": { "affectedEntities": [ "string" ], "unaffectedEntities": [ "string" ] } } ] }

Example

In this example, the request lists remediation items of the security problem with the ID of 3_SNYK-JAVA-IONETTY-1042268. The response is truncated to two entries.

The API token is passed in the Authorization header.

Curl

bash
curl --request GET \ --url https://mySampleEnv.live.dynatrace.com/api/v2/securityProblems/3_SNYK-JAVA-IONETTY-1042268/remediationItems \ --header 'Authorization: Api-Token dt0c01.abc123.abcdefjhij1234567890'

Request URL

plaintext
https://mySampleEnv.live.dynatrace.com/api/v2/securityProblems/3_SNYK-JAVA-IONETTY-1042268/remediationItems

Response body

json
{ "remediationItems": [ { "id": "PROCESS_GROUP-70DF2C1374244F5A", "entityIds": [ "PROCESS_GROUP-70DF2C1374244F5A" ], "name": "KpiTomcatBackEnd-CWS-1-IG-144-HG", "firstAffectedTimestamp": 1633531037359, "assessment": { "exposure": "NOT_DETECTED", "dataAssets": "REACHABLE" }, "vulnerabilityState": "VULNERABLE", "muteState": { "muted": false, "user": "unknown", "reason": "INITIAL_STATE" }, "vulnerableComponents": [ { "id": "SOFTWARE_COMPONENT-2559CD116033C217", "displayName": "io.software.component.1.1", "fileName": "io.software.component.1.1.jar", "numberOfAffectedEntities": 2, "affectedEntities": [ "PROCESS_GROUP_INSTANCE-3684888745E180D5", "PROCESS_GROUP_INSTANCE-8F100796B9296962" ] }, { "id": "SOFTWARE_COMPONENT-0A679AA673B2B525", "displayName": "io.software.component.loader.2.0.Final", "fileName": "io.software.component.loader.2.0.jar", "numberOfAffectedEntities": 4, "affectedEntities": [ "PROCESS_GROUP_INSTANCE-0D133F13A28B477A", "PROCESS_GROUP_INSTANCE-258962DC804FEDBC", "PROCESS_GROUP_INSTANCE-3684888745E180D5", "PROCESS_GROUP_INSTANCE-B79C2594071FBF6C" ] } ], "remediationProgress": { "affectedEntities": [ "PROCESS_GROUP_INSTANCE-0D133F13A28B477A", "PROCESS_GROUP_INSTANCE-258962DC804FEDBC", "PROCESS_GROUP_INSTANCE-3684888745E180D5", "PROCESS_GROUP_INSTANCE-8F100796B9296962", "PROCESS_GROUP_INSTANCE-B79C2594071FBF6C" ], "unaffectedEntities": [ "PROCESS_GROUP_INSTANCE-63AD33941D667CAC", "PROCESS_GROUP_INSTANCE-E20A5DDF167AF3B8", "PROCESS_GROUP_INSTANCE-F1166B3AB1F4312D", "PROCESS_GROUP_INSTANCE-F9D0250A7432521D", "PROCESS_GROUP_INSTANCE-FF1B355E4E252FA1" ] } }, { "id": "PROCESS_GROUP-18407614632D87A6", "entityIds": [ "PROCESS_GROUP-18407614632D87A6" ], "name": "KpiTomcatFrontEnd-CWS-1-IG-67-HG", "firstAffectedTimestamp": 1633531037359, "assessment": { "exposure": "PUBLIC_NETWORK", "dataAssets": "NOT_DETECTED" }, "resolvedTimestamp": 1636096094323, "vulnerabilityState": "RESOLVED", "muteState": { "muted": false, "user": "unknown", "reason": "INITIAL_STATE" }, "vulnerableComponents": [ { "id": "SOFTWARE_COMPONENT-2559CD116033C217", "displayName": "io.software.component.1.1.Final", "fileName": "io.software.component.1.1.jar", "numberOfAffectedEntities": 1, "affectedEntities": [ "PROCESS_GROUP_INSTANCE-41115D4B6F8BFEEC" ] } ], "remediationProgress": { "affectedEntities": [ "PROCESS_GROUP_INSTANCE-41115D4B6F8BFEEC" ], "unaffectedEntities": [ "PROCESS_GROUP_INSTANCE-0189CF4780B4B872", "PROCESS_GROUP_INSTANCE-2D54D85C45C0BA57", "PROCESS_GROUP_INSTANCE-3E6373ACEA9DE722", "PROCESS_GROUP_INSTANCE-47BCF72F93FF9528", "PROCESS_GROUP_INSTANCE-6B5EF5C1A5ED42D0", "PROCESS_GROUP_INSTANCE-BA18DB16A7A28A04", "PROCESS_GROUP_INSTANCE-BCAECCB29AB12462", "PROCESS_GROUP_INSTANCE-DD3CD2024A06BB5B", "PROCESS_GROUP_INSTANCE-DE5B280889AC6569" ] } } ] }

Response code

200

Related topics
  • Application Security

    Detect, monitor, remediate vulnerabilities at runtime, and block attacks on your applications.

  • Davis security advisor API

    Find out what the Dynatrace Davis security advisor API offers.