Our next-gen architecture is built to help you make sense of your ever-growing data Watch a 4-min demo video!

Back to All Docs

Downloading Your Security Report Downloading Your Security Report

Last Updated: Jan. 20, 2023

This guide demonstrates how to download your Coralogix security report via an API using the https://ng-api-http.coralogix.com/xdr/get-report endpoint for production.


1. Sign up for a Coralogix account. Set up your account on the Coralogix domain corresponding to the region within which you would like your data stored.

2. Set up cloud security posture management (CSPM).


STEP 1. Access your API URL based on the domain associated with your account.

.usUnited Statesng-api-http.coralogix.us

STEP 2. Access your Coralogix Logs Query Key.

  • On your Coralogix dashboard, click Data Flow > select API Keys.
Data Flow > API Keys
  • Copy your Logs Query Key.
Logs Query Key

STEP 3. Create the API.

URLhttps:// {{Coralogix domain}}/xdr/get-report
Content Typeapplication/json
AuthorizationBearer {{Logs Query key}}

STEP 4. Schema

Request schema.

	"executionId": string(uuid), // in case it's not provided using the last scan id
	"filter": {
		"region": string[],
		"account": string[],
		"complianceFramework": string[],
		"provider": string[], // "aws", "gcp", "azure", "github", etc...
    "service": string[], // "RDS", "BIG QUERY", "S3", etc
		"testName": string[], // sort name of the security rule (testIdentity)
		"result": string[] // (enum) "Passed", "Failed"
		"severity": int[], // (enum) 1 - Low, 2 - Medium, 3 - High, 4 - Critical 
		"active": string[] // (enum): "Enabled", "Disabled"

Note: Every field in the request payload is optional. Passing a null value or ignoring that field is the same as passing an empty list.

Compliance frameworks and short names:

CIS AWS 1.4.0cis_aws
PCI DSS 3.1.0pci_dss
SOC 2soc2

Response schema:

	"executionId": string // uuid v4 format
      "region": string,
      "account": string,
      "complianceFrameworks": string[],
      "provider": string,
			"category": string, // From the category view eg: "Database", "Storage", "Identity Management", etc
      "service": string, // "RDS", "BIG QUERY", "S3", etc
      "testName": string,
      "severity": int, // enum: 1 - Low, 2 - Medium, 3 - High, 4 - Critical 
      "resourceName": string,
      "resourceId": string,
      "passed": boolean,
      "active": boolean

Additional Resources


Need help?

Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.

Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].

On this page