Downloading Your Security Report
This guide demonstrates how to download your Coralogix security report via API.
Prerequisites
Configuration
Access your API URL based on the domain associated with your account.
.com | Ireland | ng-api-http.coralogix.com |
---|---|---|
.app.eu2.coralogix.com | Stockholm | ng-api-http.eu2.coralogix.com |
.app.coralogixsg.com | Singapore | ng-api-http.coralogixsg.com |
.in | Mumbai | ng-api-http.app.coralogix.in |
.us | United States | ng-api-http.coralogix.us |
To use this API you need to create a personal or team API key. It’s recommended to use permission presets, as they are automatically updated with all relevant permissions. Alternatively, you can manually add individual permissions.
Preset | Action | Description |
---|---|---|
DataQuerying | LEGACY-ARCHIVE-QUERIES:EXECUTE LOGS.DATA-API#HIGH:READDATA LOGS.DATA-API#LOW:READDATA METRICS.DATA-API#HIGH:READDATA SPANS.DATA-API#HIGH:READDATA SPANS.DATA-API#LOW:READDATA |
Query Data from the Archive Query Frequent Search Logs Query Monitoring & Compliance Logs Query Metrics Query Frequent Search Spans Query Monitoring & Compliance Spans |
Create the API.
URL | https://<coralogix_domain>/xdr/get-report |
---|---|
HTTP Method | POST |
Content Type | application/json |
Authorization | Bearer {{Logs Query key}} |
Schema
Request schema.
{
"executionId": string(uuid), // in case it's not provided using the last scan id
"filter": {
"region": string[],
"account": string[],
"complianceFramework": string[],
"provider": string[], // "aws", "gcp", "azure", "github", etc...
"service": string[], // "RDS", "BIG QUERY", "S3", etc
"testName": string[], // sort name of the security rule (testIdentity)
"result": string[] // (enum) "Passed", "Failed"
"severity": int[], // (enum) 1 - Low, 2 - Medium, 3 - High, 4 - Critical
"active": string[] // (enum): "Enabled", "Disabled"
}
}
Note: Every field in the request payload is optional. Passing a null
value or ignoring that field is the same as passing an empty list.
Compliance frameworks and short names:
Snowbit | snowbit |
---|---|
CIS AWS 1.4.0 | cis_aws |
HIPAA | hipaa |
ISO-27001 | iso_27001 |
PCI DSS 3.1.0 | pci_dss |
SOC 2 | soc2 |
Response schema:
{
"executionId": string // uuid v4 format
"data":[
{
"region": string,
"account": string,
"complianceFrameworks": string[],
"provider": string,
"category": string, // From the category view eg: "Database", "Storage", "Identity Management", etc
"service": string, // "RDS", "BIG QUERY", "S3", etc
"testName": string,
"severity": int, // enum: 1 - Low, 2 - Medium, 3 - High, 4 - Critical
"resourceName": string,
"resourceId": string,
"passed": boolean,
"active": boolean
}
]
}
Additional Resources
Documentation | Cloud Security Posture Management (CSPM) |
Support
Need help?
Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.
Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].