Skip to main content

Update scan

POST https://daas.digicert.com/apicontroller/v1/scan/update

Use this endpoint to update or modify the scan settings.

Related topic

For more information on discovery scan and its details, see Edit a scan.

Example requests and responses

Example 1. cURL

curl --location --request POST 'https://daas.digicert.com/apicontroller/v1/scan/update' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw '{
    "surveyConfigDTO": {
        "disablePing":false,
        "sensorWithIpPortDTO": [
            {
                "portSelectionChoice": "default",
                "ipInclusionList": "www.digicert.com",
                "ipExclusionList": "10.198.219.33",
                "includedPorts": [
                    "80","443","389","636","22","143","110","465","8443","3389"
                ],
                "licenseKey": "A79683A885D9967C",
                "includeAllSubdomains": ["www.digicert.com"],
                "selectedSubdomains": [{
				"domain": "www.yahoo.com",
				"subdomains": ["accountlink.www.yahoo.com",                         
    						"secure.www.yahoo.com"]
	       }, {
				"domain": "www.google.com",
				"subdomains": ["www.google.com----------------- 
						r.reflectiz.com"]
	       }],
                "isIPv4Sensor": true,
                "openPorts": null
            }
        ],
        "daysToRun": [],
        "startTime": 0,
        "timeToComplete": 0,
        "timezone": "5:30#chennai",
        "monthlyRecurrenceType": "1st",
        "speed": "medium",
        "refreshHPSInventory": "always",
        "isCreateFlow": true,
        "scanOption": "optimize",
        "vulnerabilityList": "Heartbleed,POODLE (SSLv3),BEAST,FREAK,LogJam,DROWN,RC4,POODLE (TLS)",
        "sni": false,
        "sshDiscovery": false,
        "isOsDiscoverable": false,
        "isServiceDiscoverable": false,
        "extraTlsProtocolsDiscovery": false,
        "ipv6": false,
        "emulationScans": false
    },
    "accountId": "5153184",
    "divisionId": 677793,
    "surveyName": "ed34a1d0-1829-49e5-afb4-12fc1eb18192",
    "id": 293514,
    "frequencyType": "onetime",
    "emailAddresses": "cc.admin@cert-testing.com",
    "listFilteredPorts": false,
    "vulnerabilityScanOption": "critical",
    "tags": ""
    "cipherScan": false,
    "action": "saveAndRunNow"
}'

Request parameters

Name	Req/Opt	Type	Description
surveyConfigDTO	required	object	Object container for scan configuration details.
.. disablePing	optional	boolean	Enable hosts discovery that do not respond to ping. Note: If `true`, `openPorts` should be provided.
.. sensorWithIpPortDTO	required	array	Array of objects with IP/port configuration details.
.. .. portSelectionChoice	required	string	Select the default port or choose from all/custom ports.
.. .. ipInclusionList	required	string	IPs to include in the scan. Supported formats are individual IPs, IP range, CIDR, and FQDNs. Example for IP format: `104.20.67.46` Example for FQDN format: `digicert.com` Note: Loopback IP "127.0.0.1" is not allowed to scan.
.. .. ipExclusionList	optional	string	IPs to exclude in the scan. Supported formats are individual IPs, IP range, CIDR, and FQDNs.
.. .. includedPorts	required	array	Ports to include in the scan. It can be individual ports or port range.
.. .. licenseKey	required	string	Sensor license key to create scan.
.. .. includeAllSubdomains	required	array	List of domains to scan all subdomains for. If a domain is in this list, the scan includes all subdomains of that domain.
.. .. selectedSubdomains	required	array	List of objects that define which subdomains of a given domain are included in the scan.
.. .. .. domain	required	string	Name of the domain.
.. .. .. subdomains	required	array	List of subdomains included in the scan for the given domain.
.. .. isIPv4Sensor	required	boolean	Use `true` if the operating system of the installed sensor runs on IPv4.
.. .. openPorts	required	array	A list of the open ports scanned. Used in scenarios where the host is unresponsive to ping.
.. startTime	optional	integer	Start time for the scheduled scan. Format: epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: `1596781119` Note: `startTime` value should be `0` when the `frequencytype` is `onetime`
.. timeToComplete	optional	integer	Wait time to complete the scan. 0 implies no timeout.
.. timezone	optional	string	Time zone for the scan. Format: GMT + your timezone offset. Example: `-8#pacifictime`
.. monthlyRecurrenceType	optional	string	Day of the month specified for recurring scan. Allowed values: `1st`, `2nd`, `3rd`, `4th`, `5th` Note: `1st` being the first day of the month.
.. speed	optional	string	How fast the scan completes. Default: `medium` Allowed values: `slow`, `medium`, `fast`
.. refreshHPSInventory	required	string	How often the host inventory will refresh. `1` - always, `2` - monthly, `0` - never
.. isCreateFlow	required	boolean	Use `true` when creating a new scan, and `false` when updating an existing scan.
.. scanOption	optional	string	Configure the scan settings either to `custom` / `optimize`.
.. sni	optional	boolean	Enable the Server Name Indication (SNI) for your scan.
.. sshDiscovery	optional	boolean	Enable SSH key to be discovered. Default: `false`
.. vulnerabilityList	required	string	This is a comma separated list of the vulnerabilities to scan for. Allowed values: `Heartbleed`, `POODLE(SSLv3)`, `FREAK`, `LogJam`, `DROWN`, `RC4`, `POODLE(TLS)`, `BEAST`, `CRIME`, `BREACH`, `SWEET32`.
.. isOsDiscoverable	optional	boolean	Include or exclude OS information. Default: `false`
.. isServiceDiscoverable	required	boolean	Include or exclude server application information. Default: `false`
.. extraTlsProtocolsDiscovery	optional	boolean	Enable discovery of extra TLS protocol. Default: `false`
.. ipv6	optional	boolean	Use true if IPv6 addresses are used. Default: `false`
.. emulationScans	optional	boolean	If `true`, it will exclude `Heartbleed` and `POODLE (TLS)` from vulnerability discovery.
accountId	required	string	Account ID.
divisionId	required	long	Division ID.
surveyName	required	string	Friendly name provided for the scan. Max length: 80 characters.
id	required	integer	ID associated with the scan, also known as `surveydefid.`
frequencyType	required	string	How often the scan will run. Allowed values: `One Time`, `Daily`, `Weekly`, `Monthly`, `Cloud`Account ID.
emailAddress	optional	string	Email address for the contact associated with the scan.
listFilteredPorts	optional	boolean	If enabled, scan will list all the closed and filtered ports. Default: `false`
vulnerabilityScanOption	optional	string	Setting that defines which vulnerabilities to scan for. Allowed values: `all`, `critical`.
tags	optional	string	Add tags to the scan. Tags can be a combination of letters (a-z or A-Z), numbers (0-9), number signs (#), or spaces. Entries must be comma-separated. (Maximum 512 characters). Note: Alphanumeric characters like #, @ and _ are allowed.
cipherScan	optional	boolean	Enable scan for ciphers configured on server. Default: `false`
action	required	string	The action performed to update the scan. Allowed values: `saveAndSchedule`, `save`, `saveAndRunNow.`

Response parameters

Name	Type	Description
error	object	Includes the error code if any.
data	string	Message for scan updated with the next scheduled run.

In this section:

Was this page helpful?

Provide feedback