Create scan
POST https://daas.digicert.com/apicontroller/v1/scan/create
Use this endpoint to create a scan and get certificates and vulnerabilities.
Related topic
For more information on discovery scan and its details, see Set up and run a scan.
Example requests and responses
Request parameters
Name | Req/Opt | Type | Description |
---|---|---|---|
surveyName | required | string | Friendly name provided for the scan. Max length: 80 characters. |
frequencyType | required | string | How often the scan will run. Allowed values: |
surveyConfigDTO | required | object | Object container for scan configuration details. |
.. sensorWithIpPortDTO | required | array | Array of objects with IP/port configuration details. |
.. .. portSelectionChoice | required | string | Select the default port or choose from all/custom ports. |
.. .. ipInclusionList | required | string | IPs to include in the scan. Supported formats are individual IPs, IP range, CIDR, and FQDNs. Example for IP format: Example for FQDN format: Note: Loopback IP "127.0.0.1" is not allowed to scan. |
.. .. ipExclusionList | optional | string | IPs to exclude in the scan. Supported formats are individual IPs, IP range, CIDR, and FQDNs. |
.. .. includedPorts | required | array | Ports to include in the scan. It can be individual ports or port range. |
.. .. licenseKey | required | string | Sensor license key to create scan. |
.. .. name | required | string | Name of the sensor selected. |
.. .. includeAllSubdomains | required | array | List of domains to scan all subdomains for. If a domain is in this list, the scan includes all subdomains of that domain. |
.. .. selectedSubdomains | required | array | List of objects that define which subdomains of a given domain are included in the scan. |
.. .. .. domain | required | string | Name of the domain. |
.. .. .. subdomains | required | array | List of subdomains included in the scan for the given domain. |
.. .. isIPv4Sensor | required | boolean | Use |
.. .. openPorts | required | array | A list of the open ports scanned. Used in scenarios where the host is unresponsive to ping. |
.. startTime | optional | integer | Start time for the scheduled scan. Format: epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: Note: |
.. timeToComplete | optional | integer | Wait time to complete the scan. 0 implies no timeout. |
.. timezone | optional | string | Time zone for the scan. Format: GMT + your timezone offset. Example: |
.. monthRecType | optional | string | Day of the month specified for recurring scan. Allowed values: Note: |
.. speed | optional | string | How fast the scan completes. Default: Allowed values: |
.. refreshHPSInventory | required | string | How often the host inventory will refresh. |
.. isCreateFlow | required | boolean | Use |
.. scanOption | optional | string | Configure the scan settings either to |
.. tls13 | optional | boolean | Enable scan of TLS v1.3 protocol. Default: |
.. sshDiscovery | optional | boolean | Enable SSH key to be discovered. Default: |
.. sni | optional | boolean | Enable the Server Name Indication (SNI) for your scan. |
.. vulnerabilityList | required | string | This is a comma separated list of the vulnerabilities to scan for. Allowed values: |
.. isOsDiscoverable | optional | boolean | Include or exclude OS information. Default: |
.. isServiceDiscoverable | required | boolean | Include or exclude server application information. Default: |
.. extraTlsProtocolsDiscovery | optional | boolean | Enable discovery of extra TLS protocol. Default: |
.. ipv6 | optional | boolean | Use true if IPv6 addresses are used. Default: |
.. disablePing | optional | boolean | Enable hosts discovery that do not respond to ping. Note: If |
.. emulationScans | optional | boolean | If |
accountId | required | string | Account ID. |
divisionId | required | long | Division ID. |
cipherScan | optional | boolean | Enable scan for ciphers configured on server. Default: |
emailAddress | optional | string | Email address for the contact associated with the scan. |
vulnerabilityScanOption | optional | string | Setting that defines which vulnerabilities to scan for. Allowed values: |
listFilteredPorts | optional | boolean | If enabled, scan will list all the closed and filtered ports. Default: |
tags | optional | string | Add tags to the scan. Tags can be a combination of letters (a-z or A-Z), numbers (0-9), number signs (#), or spaces. Entries must be comma-separated. (Maximum 512 characters). Note: Alphanumeric characters like #, @ and _ are allowed. |
Response parameters
Name | Type | Description |
---|---|---|
error | object | Includes the error code if any. |
data | object | Object container for response. |
.. accountId | string | Account ID. |
.. divisionId | integer | Division ID. |
.. surveyName | string | Friendly name provided for the scan. Max length: 80 characters. |
.. message | string | Updated message for scan creation. |