Skip to main content
GET
/
{scan_id}
Get Scan Result Details
curl --request GET \
  --url https://api.altostrat.io/scans/cve/{scan_id} \
  --header 'Authorization: Bearer <token>'
{
  "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "scan_schedule_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "scan_id": "XYZ-123-RTY",
  "targets": [
    "3c90c3cc-0d44-4b50-8888-8dd25736052a"
  ],
  "started_at": "2023-11-07T05:31:56Z",
  "finished_at": "2023-11-07T05:31:56Z",
  "runtime": "2 hours 15 minutes",
  "running": true,
  "duration_cumulative": 123,
  "duration_absolute": 123,
  "average_score": 123,
  "highest_score": 123,
  "cve_count": 123,
  "cve_repeat_ratio": 123,
  "unique_cves": 123,
  "open_ports": 123,
  "percentage_done": 123,
  "percentage_failed": 123,
  "hosts_scanned": 123,
  "unique_ports": 123,
  "hosts_with_cves": 123,
  "sites_with_cves": 123,
  "json_url": "<string>",
  "log_url": "/logs?group=cve-scan-log&streams=...&start=...&end=...&filter=...",
  "pdf_url": "<string>"
}

Authorizations

Authorization
string
header
required

Authentication token obtained via Altostrat platform login.

Path Parameters

scan_id
string<uuid>
required

The UUID (database ID / S3 key) of the specific scan instance.

Response

Scan result summary details.

Summary information about a completed or running scan instance. Data primarily derived from S3 object metadata.

id
string<uuid>

The unique identifier (database UUID) for this scan instance.

scan_schedule_id
string<uuid>

The UUID of the schedule that triggered this scan.

scan_id
string

User-friendly identifier for the scan instance (e.g., ABC-DEF-GHI).

Example:

"XYZ-123-RTY"

targets
string<uuid>[]

List of Site UUIDs that were targeted in this scan run.

started_at
string<date-time>

Timestamp when the scan instance started.

finished_at
string<date-time> | null

Timestamp when the scan instance finished (null if running or failed before completion).

runtime
string

Human-readable duration of the scan (approximate).

Example:

"2 hours 15 minutes"

running
boolean

Indicates if the scan is currently considered running (based on S3 metadata, may have latency).

duration_cumulative
integer

Total scan time in minutes across all sites (sum of individual site scan times).

duration_absolute
integer

Wall-clock duration in minutes from start to finish of the entire scan instance.

average_score
number

Average CVSS score of all vulnerabilities found.

highest_score
number

Highest CVSS score among all vulnerabilities found.

cve_count
integer

Total number of CVE instances found across all hosts.

cve_repeat_ratio
number

Ratio of total CVE instances to unique CVE IDs (cve_count / unique_cves).

unique_cves
integer

Number of unique CVE IDs found.

open_ports
integer

Total number of open ports discovered across all hosts.

percentage_done
number

Percentage of targeted sites that completed scanning (successfully or failed).

percentage_failed
number

Percentage of targeted sites that failed during the scan.

hosts_scanned
integer

Number of unique hosts (IP addresses) identified during the scan.

unique_ports
integer

Number of unique service ports (port-protocol combination) found open.

hosts_with_cves
integer

Number of unique hosts found with at least one CVE.

sites_with_cves
integer

Number of sites where at least one host had a CVE.

json_url
string<url>

Pre-signed URL to download the full JSON report from S3.

log_url
string

Relative URL fragment to access CloudWatch logs for this scan instance within the Altostrat UI.

Example:

"/logs?group=cve-scan-log&streams=...&start=...&end=...&filter=..."

pdf_url
string<url>

Pre-signed URL to download a PDF summary report from S3.

I