Skip to main content
GET
/
List Scan Results
curl --request GET \
  --url https://api.altostrat.io/scans/cve/ \
  --header 'Authorization: Bearer <token>'
[
  {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "scan_schedule_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "scan_id": "XYZ-123-RTY",
    "targets": [
      "3c90c3cc-0d44-4b50-8888-8dd25736052a"
    ],
    "started_at": "2023-11-07T05:31:56Z",
    "finished_at": "2023-11-07T05:31:56Z",
    "runtime": "2 hours 15 minutes",
    "running": true,
    "duration_cumulative": 123,
    "duration_absolute": 123,
    "average_score": 123,
    "highest_score": 123,
    "cve_count": 123,
    "cve_repeat_ratio": 123,
    "unique_cves": 123,
    "open_ports": 123,
    "percentage_done": 123,
    "percentage_failed": 123,
    "hosts_scanned": 123,
    "unique_ports": 123,
    "hosts_with_cves": 123,
    "sites_with_cves": 123,
    "json_url": "<string>",
    "log_url": "/logs?group=cve-scan-log&streams=...&start=...&end=...&filter=...",
    "pdf_url": "<string>"
  }
]

Authorizations

Authorization
string
header
required

Authentication token obtained via Altostrat platform login.

Response

A list of scan result summaries.

id
string<uuid>

The unique identifier (database UUID) for this scan instance.

scan_schedule_id
string<uuid>

The UUID of the schedule that triggered this scan.

scan_id
string

User-friendly identifier for the scan instance (e.g., ABC-DEF-GHI).

Example:

"XYZ-123-RTY"

targets
string<uuid>[]

List of Site UUIDs that were targeted in this scan run.

started_at
string<date-time>

Timestamp when the scan instance started.

finished_at
string<date-time> | null

Timestamp when the scan instance finished (null if running or failed before completion).

runtime
string

Human-readable duration of the scan (approximate).

Example:

"2 hours 15 minutes"

running
boolean

Indicates if the scan is currently considered running (based on S3 metadata, may have latency).

duration_cumulative
integer

Total scan time in minutes across all sites (sum of individual site scan times).

duration_absolute
integer

Wall-clock duration in minutes from start to finish of the entire scan instance.

average_score
number

Average CVSS score of all vulnerabilities found.

highest_score
number

Highest CVSS score among all vulnerabilities found.

cve_count
integer

Total number of CVE instances found across all hosts.

cve_repeat_ratio
number

Ratio of total CVE instances to unique CVE IDs (cve_count / unique_cves).

unique_cves
integer

Number of unique CVE IDs found.

open_ports
integer

Total number of open ports discovered across all hosts.

percentage_done
number

Percentage of targeted sites that completed scanning (successfully or failed).

percentage_failed
number

Percentage of targeted sites that failed during the scan.

hosts_scanned
integer

Number of unique hosts (IP addresses) identified during the scan.

unique_ports
integer

Number of unique service ports (port-protocol combination) found open.

hosts_with_cves
integer

Number of unique hosts found with at least one CVE.

sites_with_cves
integer

Number of sites where at least one host had a CVE.

json_url
string<url>

Pre-signed URL to download the full JSON report from S3.

log_url
string

Relative URL fragment to access CloudWatch logs for this scan instance within the Altostrat UI.

Example:

"/logs?group=cve-scan-log&streams=...&start=...&end=...&filter=..."

pdf_url
string<url>

Pre-signed URL to download a PDF summary report from S3.

I