Anyone using the API must have graphQL expertise. With a minimum level of knowledge in graphQL and the use of the documentation Explorer in the graphQL playground all of the queries, mutations and syntax is exposed.
The below is a query is an example that a client is using to feed Splunk. The query provides in JSON results for the tenant and scan performed:
- Repository URL
- Branch scanned
- When the scan started
- When the scan completed
- Was the scan a success or failure
- Error codes if any that can be reference in CLi documentation
- Number of low, medium, high and critical vulnerabilities
- Number of blank, code, comments and the full lines of code
- List of languages
- Number of total Vulnerabilities, Code and Dependency vulnerabilities
- What the vulnerability is, references about the vulnerability and where it can be found in the code locations
query name {
tenant(id:"") {
scan(id:"") {
id
repository {
url
}
branch
startedAt
completedAt
resultStatus
errors {
code
message
}
severitySummary {
low
medium
high
critical
}
statsSummary {
blankLines
codeLines
commentLines
lines
}
languages
vulnerabilityCount
vulnerabilityTypes {
code {
count
ids
}
dependency {
count
ids
}
}
vulnerabilities {
id
type
severity
title
cves
cwes
locationCount
locations {
... on DependencyLocation {
type
hierarchy {
name
version
}
}
... on FileLocation {
path
line
}
}
}
}
}
}