Create scan

POST
https://daas.digicert.com/apicontroller/v1/scan/create

Use this endpoint to create a scan and get certificates and vulnerabilities.

For more information about adding a scan, see Set up and run a scan.

cURL
curl --location --request POST 'https://daas.digicert.com/apicontroller/v1/scan/create' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw '{
    "surveyName": "testingscan",
    "frequencyType": "onetime",
    "surveyConfigDTO": {
        "sensorWithIpPortDTO": [
            {
                "portSelectionChoice": "default",
                "ipInclusionList": "www.digicert.com",
                "ipExclusionList": "",
                "includedPorts": [
                    "80",
                    "443",
                    "389",
                    "636",
                    "22",
                    "143",
                    "110",
                    "465",
                    "8443",
                    "3389"
                ],
                "licenseKey": "9E205E8B61130C32",
                "name": "14MaySensor Proxy3810 (Error)",
                "openPorts": null
            }
        ],
        "startTime": 0,
        "timeToComplete": 0,
        "timezone": "5:30#chennai",
        "monthRecType": "1st",
        "speed": "medium",
        "refreshHPSInventory": "always",
        "isCreateFlow": true,
        "scanOption": "optimize",
        "sni": false,
        "vulnerabilityList": "Heartbleed,POODLE (SSLv3),FREAK,LogJam,DROWN,RC4,POODLE (TLS)",
        "isOsDiscoverable": false,
        "isServiceDiscoverable": false,
        "disablePing": false,
        "emulationScans": false,
        "extraTlsProtocolsDiscovery": false
    },
    "accountId": 5153184,
    "cipherScan": false,
    "divisionId": 677793,
    "emailAddresses": "cc.admin@cert-testing.com",
    "vulnerabilityScanOption": "critical"
}'
200 OK
{
    "error": null,
    "data": {
        "accountId": "5153184",
        "divisionId": 677793,
        "surveyDefId": 294291,
        "surveyName": "testingscan",
        "message": "Scan created successfully"
    }
}

Request parameters

Name Req/Opt Type Description
surveyName required string Friendly name provided for the scan.
Max length: 80 characters.
frequencyType required string How often the scan will run.
Allowed values: onetime, daily, weekly, monthly
surveyConfigDTO required object Object container for scan configuration details.
.. sensorWithIpPortDTO required array Array of objects with IP/port configuration details.
.. .. portSelectionChoice required string Select the default port or choose from all/custom ports.
.. .. ipInclusionList required string IPs to include in the scan.
Supported formats are individual IPs, IP range, CIDR, and FQDNs.
Example for IP format: 104.20.67.46
Example for FQDN format: digicert.com
Note: Loopback IP "127.0.0.1" is not allowed to scan.
.. .. ipExclusionList optional string IPs to exclude in the scan.
Supported formats are individual IPs, IP range, CIDR, and FQDNs.
Example for IP format: 104.20.67.46
Example for FQDN format: digicert.com
Note: Loopback IP "127.0.0.1" is not allowed to scan.
.. .. includedPorts required array Ports to include in the scan.
It can be individual ports or port range.
.. .. licenseKey required string Sensor license key to create scan.
.. .. name required string Name of the sensor selected.
.. .. openPorts required array A list of the open ports scanned.
Used in scenarios where the host is unresponsive to ping.
.. startTime required integer Start time for the scheduled scan.
Format: epoch in millisecond.
Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system.
Example: 1596781119
Note: startTime value should be 0 when the frequencytype is onetime
.. timeToComplete optional integer Wait time to complete the scan. " 0 " implies no timeout.
.. timezone optional string Time zone for the scan.
Format: GMT + your timezone offset.
Example: -8#pacifictime
.. monthRecType optional string Day of the month specified for recurring scan.
Allowed values: 1st, 2nd, 3rd, 4th, 5th
Note: 1st being the first day of the month.
.. speed optional string How fast the scan completes.
Default: medium
Allowed values: slow, medium, fast
.. refreshHPSInventory required string How often the host inventory will refresh.
1 - always, 2 - monthly, 0 - never
.. isCreateFlow required boolean Use true when creating a new scan, and false when updating an existing scan.
.. scanOption optional string Configure the scan settings either to custom / optimize.
.. sni optional boolean Enable the Server Name Indication (SNI) for your scan.
.. vulnerabilityList required string This is a comma separated list of the vulnerabilities to scan for.
Allowed values: Heartbleed, POODLE(SSLv3), FREAK, LogJam, DROWN, RC4, POODLE(TLS), BEAST, CRIME, BREACH, SWEET32.
.. isOsDiscoverable optional boolean Include or exclude OS information.
Default: false
.. isServiceDiscoverable required boolean Include or exclude server application information.
Default: false
.. disablePing optional boolean Enable hosts discovery that do not respond to ping.
Note: : If true, openPorts should be provided.
.. emulationScans optional boolean If true, it will exclude Heartbleed and POODLE (TLS) from vulnerability discovery.
.. extraTlsProtocolsDiscovery optional boolean If true, the protocols discovery will be enabled for SSLv2, SSLv3 and TLSv1.1.
If false, default protocols discovery will be enabled.
Default protocols discovery are TLSv1.3, TLSv1.2 and TLSv1.
accountId required string Account ID.
divisionId required long Division ID.
cipherScan optional boolean Enable scan for ciphers configured on server.
Default: false
emailAddress optional string Email address for the contact associated with the scan.
vulnerabilityScanOption optional string Scan for any vulnerabilities.
Default : critical
Allowed values: all, critical

Response parameters

Name Type Description
error object Includes the error code, if any.
data object Object container for response.
.. accountId string Account ID.
.. divisionId integer Division ID.
.. surveyDefId integer Survey definition ID of the scan.
To get a list of surveyDefId values for your scans, use the scan list endpoint.
.. surveyName string Friendly name provided for the scan.
Max length: 80 characters.
.. message string Updated message for scan creation.