Security problems API - GET list remediation items

Lists all remediation items of a security problem.

The request produces an application/json payload.

Early Adopter

This request is an Early Adopter release and may be changed in non-compatible way.

GET
  • Managed https://{your-domain}/e/{your-environment-id}/api/v2/securityProblems/{id}/remediationItems
  • SaaS https://{your-environment-id}.live.dynatrace.com/api/v2/securityProblems/{id}/remediationItems
  • Environment ActiveGate https://{your-activegate-domain}/e/{your-environment-id}/api/v2/securityProblems/{id}/remediationItems

Authentication

To execute this request, you need the Read security problems (securityProblems.read) permission assigned to your API token. To learn how to obtain and use it, see Tokens and authentication.

 

Parameters

Parameter Type Description In Required
id string

The ID of the required security problem.

path required
remediationItemSelector string

Defines the scope of the query. Only remediable entities matching the specified criteria are included in the response.

You can add one or more of the following criteria. Values are not case-sensitive and the EQUALS operator is used unless otherwise specified.

  • Vulnerability State: vulnerabilityState("value"). Find the possible values in the description of the vulnerabilityState field of the response. If not set, all entities are returned.
  • Muted: muted("value"). Possible values are TRUE or FALSE.
  • Entity name contains: entityNameContains("value-1"). The CONTAINS operator is used.

To set several criteria, separate them with a comma (,). Only results matching (all criteria are included in the response.

Specify the value of a criterion as a quoted string. The following special characters must be escaped with a tilde (~) inside quotes:

  • Tilde ~
  • Quote "
query optional

Response

Response codes

Code Description
200

Success

Response body

The RemediationItemList object

A list of remediation items.

Element Type Description
remediationItems RemediationItem[]

A list of remediation items.

The RemediationItem object

Context of a possible remediation for a security problem.

Element Type Description
id string

The ID of the remediation item.

entityIds string[]

The IDs that represent the related entity.

name string

The name of the entity.

firstAffectedTimestamp integer

The timestamp when the entity has first been related to the vulnerability.

assessment RemediationAssessment
resolvedTimestamp integer

The timestamp when the vulnerability has been resolved for the related entity.

vulnerabilityState string

The current state of the entity regarding the related vulnerability.

muteState RemediationItemMuteStateDto
vulnerableComponents VulnerableComponent[]

A list of vulnerable components of the remediation item.

A vulnerable component is what causes the security problem.

remediationProgress RemediationProgressDto

The RemediationProgressDto object

Remediation progress of this remediation item, containing affected and unaffected entities.

Element Type Description
affectedEntities string[]

Entities related to the remediation item, that are affected by the security problem.

unaffectedEntities string[]

Entities related to the remediation item, that are not affected by the security problem.

The VulnerableComponent object

Vulnerable component of a security problem.

Element Type Description
id string

The Dynatrace entity ID of the vulnerable component.

displayName string

The display name of the vulnerable component.

fileName string

The file name of the vulnerable component.

numberOfAffectedEntities integer

The number of affected entities.

affectedEntities string[]

The list of affected entities.

The RemediationItemMuteStateDto object

Information about the mute state of a remediation item of a security problem.

Element Type Description
muted boolean

Whether the remediation item is currently muted.

user string

The user who last changed the mute state.

lastUpdatedTimestamp integer

The timestamp when the mute state was last updated.

reason string

The reason provided with the most recent mute state change.

comment string

The optional comment provided with the most recent mute state change.

The RemediationAssessment object

Assessment of the remediation item.

Element Type Description
exposure string

The level of exposure of affected entities.

dataAssets string

The reachability of related data assets by affected entities.

Example

In this example, the request lists remediation items of the security problem with the ID of 3_SNYK-JAVA-IONETTY-1042268. The response is truncated to two entries.

The API token is passed in the Authorization header.

Curl

curl --request GET \
  --url https://mySampleEnv.live.dynatrace.com/api/v2/securityProblems/3_SNYK-JAVA-IONETTY-1042268/remediationItems \
  --header 'Authorization: Api-Token dt0c01.abc123.abcdefjhij1234567890'

Request URL

https://mySampleEnv.live.dynatrace.com/api/v2/securityProblems/3_SNYK-JAVA-IONETTY-1042268/remediationItems

Response body

{
  "remediationItems": [
    {
      "id": "PROCESS_GROUP-70DF2C1374244F5A",
      "entityIds": [
        "PROCESS_GROUP-70DF2C1374244F5A"
      ],
      "name": "KpiTomcatBackEnd-CWS-1-IG-144-HG",
      "firstAffectedTimestamp": 1633531037359,
      "assessment": {
        "exposure": "NOT_DETECTED",
        "dataAssets": "REACHABLE"
      },
      "vulnerabilityState": "VULNERABLE",
      "muteState": {
        "muted": false,
        "user": "unknown",
        "reason": "INITIAL_STATE"
      },
      "vulnerableComponents": [
        {
          "id": "SOFTWARE_COMPONENT-2559CD116033C217",
          "displayName": "io.software.component.1.1",
          "fileName": "io.software.component.1.1.jar",
          "numberOfAffectedEntities": 2,
          "affectedEntities": [
            "PROCESS_GROUP_INSTANCE-3684888745E180D5",
            "PROCESS_GROUP_INSTANCE-8F100796B9296962"
          ]
        },
        {
          "id": "SOFTWARE_COMPONENT-0A679AA673B2B525",
          "displayName": "io.software.component.loader.2.0.Final",
          "fileName": "io.software.component.loader.2.0.jar",
          "numberOfAffectedEntities": 4,
          "affectedEntities": [
            "PROCESS_GROUP_INSTANCE-0D133F13A28B477A",
            "PROCESS_GROUP_INSTANCE-258962DC804FEDBC",
            "PROCESS_GROUP_INSTANCE-3684888745E180D5",
            "PROCESS_GROUP_INSTANCE-B79C2594071FBF6C"
          ]
        }
      ],
      "remediationProgress": {
        "affectedEntities": [
          "PROCESS_GROUP_INSTANCE-0D133F13A28B477A",
          "PROCESS_GROUP_INSTANCE-258962DC804FEDBC",
          "PROCESS_GROUP_INSTANCE-3684888745E180D5",
          "PROCESS_GROUP_INSTANCE-8F100796B9296962",
          "PROCESS_GROUP_INSTANCE-B79C2594071FBF6C"
        ],
        "unaffectedEntities": [
          "PROCESS_GROUP_INSTANCE-63AD33941D667CAC",
          "PROCESS_GROUP_INSTANCE-E20A5DDF167AF3B8",
          "PROCESS_GROUP_INSTANCE-F1166B3AB1F4312D",
          "PROCESS_GROUP_INSTANCE-F9D0250A7432521D",
          "PROCESS_GROUP_INSTANCE-FF1B355E4E252FA1"
        ]
      }
    },
    {
      "id": "PROCESS_GROUP-18407614632D87A6",
      "entityIds": [
        "PROCESS_GROUP-18407614632D87A6"
      ],
      "name": "KpiTomcatFrontEnd-CWS-1-IG-67-HG",
      "firstAffectedTimestamp": 1633531037359,
      "assessment": {
        "exposure": "PUBLIC_NETWORK",
        "dataAssets": "NOT_DETECTED"
      },
      "resolvedTimestamp": 1636096094323,
      "vulnerabilityState": "RESOLVED",
      "muteState": {
        "muted": false,
        "user": "unknown",
        "reason": "INITIAL_STATE"
      },
      "vulnerableComponents": [
        {
          "id": "SOFTWARE_COMPONENT-2559CD116033C217",
          "displayName": "io.software.component.1.1.Final",
          "fileName": "io.software.component.1.1.jar",
          "numberOfAffectedEntities": 1,
          "affectedEntities": [
            "PROCESS_GROUP_INSTANCE-41115D4B6F8BFEEC"
          ]
        }
      ],
      "remediationProgress": {
        "affectedEntities": [
          "PROCESS_GROUP_INSTANCE-41115D4B6F8BFEEC"
        ],
        "unaffectedEntities": [
          "PROCESS_GROUP_INSTANCE-0189CF4780B4B872",
          "PROCESS_GROUP_INSTANCE-2D54D85C45C0BA57",
          "PROCESS_GROUP_INSTANCE-3E6373ACEA9DE722",
          "PROCESS_GROUP_INSTANCE-47BCF72F93FF9528",
          "PROCESS_GROUP_INSTANCE-6B5EF5C1A5ED42D0",
          "PROCESS_GROUP_INSTANCE-BA18DB16A7A28A04",
          "PROCESS_GROUP_INSTANCE-BCAECCB29AB12462",
          "PROCESS_GROUP_INSTANCE-DD3CD2024A06BB5B",
          "PROCESS_GROUP_INSTANCE-DE5B280889AC6569"
        ]
      }
    }      
  ]
}

Response code

200