Vigiles API Manual

Folders module¶


Route: /v1/vigiles/folders Methods: "GET"¶

Prime  Get an array of folder information that can be filtered by product token

If no product token is given, all folders that the user owns will be returned.

Parameters:	request_data (JSON object) – Data sent with request with keys: "email" Email of user sending the request "product_token", optional Token of the product to get folders from
Returns:	folder_tokens – Array of folder information objects with keys: “folder_token”, “folder_name”, “folder_description”, “creation_date”, “product_token”
Return type:	array(object)

Manifests module¶


Route: /v1/vigiles/manifests/<token> Methods: "DELETE"¶

Prime  Delete a manifest with a given token

Parameters:	token (str) – The token of the manifest to delete request_data ("JSON object") – Data sent with request with keys: "email" Email of user sending the request
Returns:	response – Results with keys: "success" True if successful, False otherwise "message" Message describing response
Return type:	JSON object


Route: /v1/vigiles/manifests/<token>/reports/latest Methods: "GET"¶

Prime  Get the latest CVE report results from a given manifest token

Parameters:	token (str) – The token of the manifest to get the latest scan results from request_data ("JSON object") – Data sent with request with keys: "email" Email of user sending the request "filtered" True to apply all configured filters to scan results, False to apply only kernel and uboot config filters. Default: False "with_field" Optionally extend CVE data included in report with one of the following fields (parameter can be repeated): ”assigner”, “description”, “impact”, “modified”, “problem_types”, “published”, “references”
Returns:	scan_results – Results of scan with keys: "manifest_token" Token of the manifest "product_token" Token of the product that the manifest belongs to "folder_token" Token of the folder that the manifest is in "cves" Array of objects containing information about CVEs found in the scan "counts" Object containing counts with keys: fixed, kernel, toolchain, unapplied, unfixed, upgradable, whitelisted "date" Date of the scan "report_path" URL where the report can be viewed
Return type:	JSON object


Route: /v1/vigiles/manifests/<token> Methods: "GET"¶

Prime  Get information about a manifest with a given token

Parameters:	request_data (JSON object) – Data sent with request with keys: "email" Email of the user sending the request "send_file" If true, a manifest file will be sent "sbom_format" convert manifest to this format before returning. acceptable formats are: ”spdx”
Returns:	manifest_info (array(object) or file) Array of manifest information objects with keys – “manifest_token”, “manifest_name”, “folder_token”, “product_token”, “upload_date”, “manifest_data”


Route: /v1/vigiles/manifests Methods: "GET"¶

Prime  Get an array of manifests information from a product or folder.

Only either a product token or folder token should be given. If neither are given, all manifests that the user owns will be returned including manifests in shared products

Parameters:	request_data (JSON object ['str', 'str']) – Data sent with request with keys: "email" Email of user sending the request "product_token", optional Token of the product to get manifests from "folder_token", optional Token of the folder to get manifests from
Returns:	manifests – Array of product information objects with keys: “manifest_name”, “manifest_token”, “product_token”, “folder_token”, “upload_date”
Return type:	array(object)


Route: /v1/vigiles/manifests/<token>/reports Methods: "GET"¶

Prime  Get an array of CVE Reports available for a given manifest

Parameters:	token (str) – The token of the manifest to list reports for request_data – Query parameters sent with the request: "email" Email of user sending the request
Returns:	result – Object containing the manifest info and array of available reports "manifest_name" The name of the manifest for which these reports were requested "manifest_token" Token of the manifest for which these reports were requested "product_token" Token for the Product this manifest belongs to "folder_token" Token for the Folder this manifest belongs to, if any "upload_date" Date of upload for the manifest these reports are for "reports" : array(object) Array of report information objects, sorted by “created_date”, with keys: "created_date" Date this scan was performed "report_token" Token for this report "manifest_token" Token of the specific version of the manifest for which this report was genereated” "manifest_version" Version of the manifest for which this report was generated
Return type:	object


Route: /v1/vigiles/manifests/<token>/reports Methods: "POST"¶

Prime  Rescan a manifest with a given token

Parameters:	token (str) – The token of the manifest to get the latest scan results from request_data (JSON object ['str', 'str']) – Data sent with request with keys: "email" Email of user sending the request "filtered" True to apply all configured filters to scan results, False to apply only kernel and uboot config filters. Default: False "rescan_only" Anything other than “false” or “f” to only rescan the manifest "with_field" Optionally extend CVE data included in returned report with one of the following fields (parameter can be repeated): ”assigner”, “description”, “impact”, “modified”, “problem_types”, “published”, “references”
Returns:	scan_results – Results of scan with keys: "cves" Array of objects containing information about CVEs found in the scan "counts" Object containing counts with keys: fixed, kernel, toolchain, unapplied, unfixed, upgradable, whitelisted "date" Date of the scan "product_name" Name of the product that the manifest belongs to "product_path" URL where the product can be viewed "report_path" URL where the report can be viewed
Return type:	JSON object


Routes: /v1/vigiles/manifests Methods: "POST"¶

Routes: /v1/vigiles/manifests/demo Methods: "POST"¶

Upload manifest and return scan results

Parameters:	request_data (JSON object) – post data with keys: "manifest" Manifest data to scan "email" Email of user sending the request "kernel_config" Kernel config data "uboot_config" Uboot config data "manifest_name" Name to give the new manifest "product_token" Token of the product the manifest should belong to "folder_token" Token of the folder where the manifest should be stored "subfolder_name" Name of subfolder to upload manifest to "filter_results" True to apply all configured filters to scan results, False to apply only kernel and uboot config filters. Default: False "with_field" Optionally extend CVE data included in report with one of the following fields (parameter can be repeated): ”assigner”, “description”, “impact”, “modified”, “problem_types”, “published”, “references” "include_sbom" Type of exported manifest that should be included in response Default: spdx
Returns:	scan_results – Results of scan with keys: "manifest_token" Token of the manifest "product_token" Token of the product that the manifest belongs to "folder_token" Token of the folder that the manifest is in "cves" Array of dictionaries containing information about CVEs found in the scan "counts" Dictionary containing counts with keys: fixed, kernel, toolchain, unapplied, unfixed, upgradable, whitelisted "date" Date of the scan "report_path" URL where the report can be viewed "exported_manifest" Exported manifest data
Return type:	JSON object


Route: /v1/vigiles/manifests/demo Methods: "POST"¶

Upload manifest in demo mode and return scan results

Parameters:	request_data (JSON object) – post data with keys: "manifest" Manifest data to scan "kernel_config" Kernel config data "uboot_config" Uboot config data
Returns:	Results of scan with keys: "cves" dict containing counts of unfixed, fixed and un-applied CVEs found in the scan "date" Date of the scan "report_path" URL where the report can be viewed "demo" Is manifest uploaded in demo mode "subscribed" Is user subscribed
Return type:	JSON object

Products module¶


Route: /v1/vigiles/products Methods: "POST"¶

Prime  Create a new product for a user

Parameters:	product_token (str) – the token of a product request_data (JSON object) – Data sent with request with keys: "email" Email of the user sending the request "name" Name for the new product "desc", optional Description for the new product
Returns:	product_info – Results of comparison with keys: "name" Name of product "description" Description of product "token" Token for the product
Return type:	JSON object


Route: /v1/vigiles/products/<product_token> Methods: "GET"¶

Prime  Get information about a product from a given token

Parameters:	product_token (str) – Token of the product request_data (JSON object) – Data sent with request with keys: "email" Email of user sending the request
Returns:	product_info – Results of comparison with keys: "name" Name of product "description" Description of product "token" Token for the product "is_default" True if product is default product for user, otherwise False "created" Date that the product was created
Return type:	JSON object


Route: /v1/vigiles/products Methods: "GET"¶

Prime  Get information about all products for a user

Parameters:	request_data (JSON object) – Data sent with request with keys: "email" Email of the user sending the request
Returns:	product_info – Array of product information objects with keys: “name”, “description”, “token”
Return type:	list(object)

Reports module¶


Route: /v1/vigiles/reports/compare Methods: "GET"¶

Prime  Compare two CVE reports with given tokens

Parameters:	request_data (JSON object) – Data sent with request with keys: "token_one" Token for the first CVE report to compare "token_two" Token for the second CVE report to compare "filtered" True to apply all configured filters to both reports, False to apply only kernel and uboot config filters. Default: False
Returns:	compare_results – Results of comparison with keys: "resolved" List of CVEs resolved between the reports "new" List new CVEs between the reports
Return type:	JSON object


Route: /v1/vigiles/reports/<token> Methods: "GET"¶

Prime  Get a CVE report with the given token

Parameters:	token (str) – The token of the CVE report to get request_data – Query parameters sent with the request: "email" Email of user sending the request "format" What file format to return from the following: ”pdf”, “pdfsummary”, “xlsx”, “csv” "filtered" True to apply all configured filters to scan results, False to apply only kernel and uboot config filters. Default: False
Returns:	scan_results – CVE Report data as the requested file type
Return type:	file

Stats module¶


Route: /v1/heartbeat Methods: "GET", "POST"¶

This function makes a simple GET request to the LinuxLink server to ensure that the server is available, and that HMAC authentication is working properly.

Returns:	"ok" True if successful, False otherwise.
Return type:	JSON object ['str', 'bool']