API Secure: search policy violations by asset tags
This page provides an example of how to search policy violations using Data Theorem’s API. Full description of the Data Theorem’s results API can be found at: https://datatheorem.github.io/PortalApi/api_security_results/overview.html#/
Authentication
Retrieve an API Key that has the permission to start API Secure scans; API keys are available in the Data Theorem portal at https://pr-1593.demotheorem.com/mobile/sdlc/results_api_access .
How to use filter_by_asset_tags on the policy violations list endpoint
The API endpoint to get policy violations is:GET https://api.securetheorem.com/apis/api_security/results/v1beta1/policy_violations
Optionally, filter_by_asset_tags can be specified as a query parameter. If used, the expected format is a JSON string containing a dictionary with asset tag key names as dictionary keys and lists of asset tag values as dictionary values.
Example search
filter_by_asset_tags: '{"key_name_1": ["key_value_1", "key_value_2"], "key_value_2": null}'
This example will get policy violations related to assets that have asset tag key/values matching:
key =
key_name_1and value=key_value_1key =
key_name_1and value=key_value_2key =
key_value_2and any value
Example with curl:
curl -g \
--header 'Authorization: APIKey 1234567890abcdefgh=' \
'https://api.securetheorem.com/apis/api_security/results/v1beta1/policy_violations?filter_by_asset_tags={%22key_name_1%22:%20[%22key_value_1%22,%20%22key_value_2%22],%20%22test-vw%22:%20null}'Example with Python requests:
import requests
response = requests.request(
"GET",
url="https://api.securetheorem.com/apis/api_security/results/v1beta1/policy_violations",
headers={"Authorization": "APIKey 1234567890abcdefgh="},
params={"filter_by_asset_tags": '{"key_name_1": ["key_value_1", "key_value_2"], "key_value_2": null}'},
)
print(response.text)