Watch List List
For information on the Watch List List, see the following URL:
https://api.app.secunia.com/api/asset-lists/
Watch Lists represent a combination of vendors, products and product versions that you want to track advisories for. Disabled Watch Lists are not taken into consideration by the rule system.
API Supported Endpoint Actions and Available Methods for Watch List List APIs include:
| • | Available Methods for Watch List List |
| • | Available Filters on Watch List List |
| • | Watch List List Fields for Create/Edit |
| • | Watch List List Threshold Choices |
Available Methods for Watch List List
The following methods are available for the Watch List List.
|
Method |
Description |
|
get list |
GET <URL> |
|
get instance details |
GET <URL><id>/ |
|
create instance |
POST <URL> |
|
edit instance |
PUT <URL><id>/ |
|
delete instance |
DELETE <URL><id>/ |
|
vendors |
Gets the paginated list of vendors for an watch list: GET <URL><id>/vendors/ |
|
products |
Gets the paginated list of products for an watch list: GET <URL><id>/products/ |
|
product-releases |
Gets the paginated list of product releases/versions for an watch list: GET <URL><id>/product-releases/ |
Available Filters on Watch List List
The following filters are available for the Watch List List:
|
Filter |
Description |
|
name (string) |
Invariant case search by term in name. |
|
group__name (string) |
Invariant case search by term in name. |
|
group_id (int) |
Exact search for watch lists in group. |
|
enabled (bool) |
Searched for enabled /disabled Watch lists. |
|
created_by_id (int) |
Owner. |
|
created_gte |
Unix timestamp for the watch list create date, filter type greater than or equal (seconds). |
|
created_lt |
Unix timestamp for the watch list create date, filter type less than (seconds). |
Watch List List Fields for Create/Edit
The following are Watch List List List fields for Create/Edit:
|
File |
Description |
|
name (string) |
The Watch list name visible in the interface |
|
group (id) |
The group id in which the Watch list should be included |
|
group_name (string) |
The group name if the group does not exist; the group will be created and the Watch list will be assigned to that group |
|
advisories_need_approval (bool) |
Means that the matched advisories for the Watch list generate only some alerts for the user. If those advisories are approved, they transform into tickets. Otherwise, they are dismissed by the system. This gives you an extra method to filter only advisories relevant to your organizational needs. |
|
enabled (bool) |
If the Watch list is disabled, new advisories released will not be matched against it |
|
vendors (list of int) |
Vendor ids list that you want to track, the ids can be taken from the vendors api |
|
products (list of int) |
Products ids list that you want to track, the ids can be taken from the products api |
|
product_releases (list of int) |
Product specific versions ids list that you want tracked, the ids can be taken from the product versions api |
|
ticket_notification_threshold (int) |
Used in generating tickets / alerts for approval. If an advisory has the criticality below this threshold, the advisory is dismissed for the Watch list and no notifications are generated (notification, emails, sms). Note:See Watch List List Threshold Choices for integer choices. |
|
notification_level_email (int) |
Used for sending emails. If the ticket is generated, you will be notified only if the advisory criticality level is over the “notification_level_email”. Note:See Watch List List Threshold Choices for integer choices. |
|
notification_level_sms (int) |
Used for sending sms when an advisory is released that matches your Watch list, the ticket was created and the advisory criticality is over this threshold. We highly recommend a value of “Extremely critical” for this value. Note:See Watch List List Threshold Choices for integer choices. |
Watch List List Threshold Choices
The following threshold choices are available.
|
Integer |
Description |
|
0 |
None (not available for ticket_notification_threshold) |
|
1 |
Extremely critical |
|
2 |
Highly critical and above |
|
3 |
Moderately critical and above |
|
4 |
Less critical and above |
|
5 |
Not critical and above |
|
"custom_cr" (string) |
Confidentiality Requirement Note:See Custom Requirements. |
|
"custom_ir" (string) |
Integrity Requirement Note:See Custom Requirements. |
|
"custom_ar" (string) |
Availability Requirement Note:See Custom Requirements. |
The custom requirements are used to override the environmental metrics of the CVSS vector for the advisories. They may have one of the following values or be left undefined:
| • | ND—Not defined |
| • | L—Low |
| • | M—Medium |
| • | H—High |
If you choose to set these values, the CVSS vector and Score for the advisories that match the Watch list will take into consideration the defined values.