Skip to main content

Update scan

POST https://daas.digicert.com/apicontroller/v1/scan/update

Use this endpoint to update or modify the scan settings.

Related topic

For more information on discovery scan and its details, see Edit a scan.

Example requests and responses

Request parameters

Name

Req/Opt

Type

Description

surveyConfigDTO

required

object

Object container for scan configuration details.

.. disablePing

optional

boolean

Enable hosts discovery that do not respond to ping.

Note: If true, openPorts should be provided.

.. sensorWithIpPortDTO

required

array

Array of objects with IP/port configuration details.

.. .. portSelectionChoice

required

string

Select the default port or choose from all/custom ports.

.. .. ipInclusionList

required

string

IPs to include in the scan. Supported formats are individual IPs, IP range, CIDR, and FQDNs.

Example for IP format: 104.20.67.46

Example for FQDN format: digicert.com

Note: Loopback IP "127.0.0.1" is not allowed to scan.

.. .. ipExclusionList

optional

string

IPs to exclude in the scan. Supported formats are individual IPs, IP range, CIDR, and FQDNs.

.. .. includedPorts

required

array

Ports to include in the scan. It can be individual ports or port range.

.. .. licenseKey

required

string

Sensor license key to create scan.

.. .. includeAllSubdomains

required

array

List of domains to scan all subdomains for. If a domain is in this list, the scan includes all subdomains of that domain.

.. .. selectedSubdomains

required

array

List of objects that define which subdomains of a given domain are included in the scan.

.. .. .. domain

required

string

Name of the domain.

.. .. .. subdomains

required

array

List of subdomains included in the scan for the given domain.

.. .. isIPv4Sensor

required

boolean

Use true if the operating system of the installed sensor runs on IPv4.

.. .. openPorts

required

array

A list of the open ports scanned. Used in scenarios where the host is unresponsive to ping.

.. startTime

optional

integer

Start time for the scheduled scan.

Format: epoch in millisecond.

Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system.

Example: 1596781119

Note: startTime value should be 0 when the frequencytype is onetime

.. timeToComplete

optional

integer

Wait time to complete the scan. 0 implies no timeout.

.. timezone

optional

string

Time zone for the scan.

Format: GMT + your timezone offset.

Example: -8#pacifictime

.. monthlyRecurrenceType

optional

string

Day of the month specified for recurring scan.

Allowed values: 1st, 2nd, 3rd, 4th, 5th

Note: 1st being the first day of the month.

.. speed

optional

string

How fast the scan completes.

Default: medium

Allowed values: slow, medium, fast

.. refreshHPSInventory

required

string

How often the host inventory will refresh. 1 - always, 2 - monthly, 0 - never

.. isCreateFlow

required

boolean

Use true when creating a new scan, and false when updating an existing scan.

.. scanOption

optional

string

Configure the scan settings either to custom / optimize.

.. sni

optional

boolean

Enable the Server Name Indication (SNI) for your scan.

.. sshDiscovery

optional

boolean

Enable SSH key to be discovered.

Default: false

.. vulnerabilityList

required

string

This is a comma separated list of the vulnerabilities to scan for.

Allowed values: Heartbleed, POODLE(SSLv3), FREAK, LogJam, DROWN, RC4, POODLE(TLS), BEAST, CRIME, BREACH, SWEET32.

.. isOsDiscoverable

optional

boolean

Include or exclude OS information.

Default: false

.. isServiceDiscoverable

required

boolean

Include or exclude server application information.

Default: false

.. extraTlsProtocolsDiscovery

optional

boolean

Enable discovery of extra TLS protocol.

Default: false

.. ipv6

optional

boolean

Use true if IPv6 addresses are used.

Default: false

.. emulationScans

optional

boolean

If true, it will exclude Heartbleed and POODLE (TLS) from vulnerability discovery.

accountId

required

string

Account ID.

divisionId

required

long

Division ID.

surveyName

required

string

Friendly name provided for the scan.

Max length: 80 characters.

id

required

integer

ID associated with the scan, also known as  surveydefid.

frequencyType

required

string

How often the scan will run.

Allowed values: One Time, Daily, Weekly, Monthly, CloudAccount ID.

emailAddress

optional

string

Email address for the contact associated with the scan.

listFilteredPorts

optional

boolean

If enabled, scan will list all the closed and filtered ports.

Default: false

vulnerabilityScanOption

optional

string

Setting that defines which vulnerabilities to scan for.

Allowed values: all, critical.

tags

optional

string

Add tags to the scan. Tags can be a combination of letters (a-z or A-Z), numbers (0-9), number signs (#), or spaces. Entries must be comma-separated. (Maximum 512 characters).

Note: Alphanumeric characters like #, @ and _ are allowed.

cipherScan

optional

boolean

Enable scan for ciphers configured on server.

Default: false

action

required

string

The action performed to update the scan.

Allowed values: saveAndSchedule, save, saveAndRunNow.

Response parameters

Name

Type

Description

error

object

Includes the error code if any.

data

string

Message for scan updated with the next scheduled run.