> ## Documentation Index > Fetch the complete documentation index at: https://altostrat.io/docs/llms.txt > Use this file to discover all available pages before exploring further. # Create Scan Schedule > Creates a new recurring CVE scan schedule. You must define the timing, frequency, target sites and subnets, and notification settings. A successful creation returns the full schedule object. ## OpenAPI ````yaml /api/en/cve-scans.yaml post /scans/cve/scheduled openapi: 3.0.3 info: title: Altostrat CVE Scans API version: 1.0.0 description: >- The Altostrat CVE Scans API is the microservice responsible for scheduling, executing, and reporting on network vulnerability scans. It is a core component of the Altostrat SDX platform's security posture management, providing deep insights into potential vulnerabilities across MikroTik networks to complement the platform's automation and AI capabilities. This API allows you to programmatically manage: - **Scan Schedules:** Define recurring vulnerability scans for specific network sites, including frequency, timing, and vulnerability thresholds. - **Scan Results:** Access detailed historical and in-progress scan reports, including discovered CVEs, affected hosts, and severity scores. - **Vulnerability Management:** Query specific CVEs by device (MAC address) and manage their lifecycle by marking them as accepted or mitigated. Developers use this API to integrate automated vulnerability scanning and reporting into their network management workflows and security dashboards. servers: - url: https://v1.api.altostrat.io description: Altostrat Production API Server security: - bearerAuth: [] tags: - name: Scan Schedules description: Manage the configuration and scheduling of recurring vulnerability scans. - name: Scan Execution description: Manually trigger and terminate scan jobs. - name: Scan Results description: Retrieve historical and in-progress scan reports and data. - name: Vulnerability Intelligence description: Query for specific vulnerability data and mitigation advice. - name: Vulnerability Management description: Manage the lifecycle and status of discovered vulnerabilities. paths: /scans/cve/scheduled: post: tags: - Scan Schedules summary: Create Scan Schedule description: >- Creates a new recurring CVE scan schedule. You must define the timing, frequency, target sites and subnets, and notification settings. A successful creation returns the full schedule object. operationId: createScanSchedule requestBody: required: true description: The configuration for the new scan schedule. content: application/json: schema: $ref: '#/components/schemas/ScanScheduleWrite' example: description: Weekly Scan for Main Office day_of_week: 1 time_of_day: '02:00' every_n_weeks: 2 timezone: America/New_York min_cvss: 4 warning_threshold: 7 ignore_offline_sites": false notification_group": security-alerts sites: - id: 9c3c1392-7f36-4240-85f2-273573c0384a subnet: 192.168.1.0/24 responses: '201': description: The scan schedule was created successfully. content: application/json: schema: $ref: '#/components/schemas/ScanSchedule' '400': $ref: '#/components/responses/BadRequestError' '401': $ref: '#/components/responses/UnauthorizedError' '403': $ref: '#/components/responses/ForbiddenError' '422': $ref: '#/components/responses/ValidationError' '500': $ref: '#/components/responses/InternalServerError' components: schemas: ScanScheduleWrite: type: object required: - description - day_of_week - time_of_day - every_n_weeks - timezone - min_cvss - warning_threshold - sites - notification_group properties: description: type: string description: A human-readable name for the scan schedule. example: Weekly Scan for Main Office day_of_week: type: integer description: >- The day of the week to run the scan (0=Sunday, 1=Monday, ..., 6=Saturday). example: 1 time_of_day: type: string format: time pattern: ^([0-1]?[0-9]|2[0-3]):[0-5][0-9]$ description: The time of day to run the scan in 24-hour format (HH:mm). example: '02:00' every_n_weeks: type: integer description: >- The frequency of the scan in weeks (e.g., 2 for every 2 weeks). Minimum 2. example: 2 timezone: type: string description: The IANA timezone database name (e.g., 'America/New_York', 'UTC'). example: America/New_York min_cvss: type: number format: float description: >- The minimum CVSS score for a vulnerability to be included in reports. Must be less than `warning_threshold`. example: 4 warning_threshold: type: number format: float description: >- The CVSS score at which a vulnerability is considered a high-priority warning. Must be greater than `min_cvss`. example: 7 ignore_offline_sites: type: boolean description: >- If true, the scan will not fail if a site is offline. Defaults to false. example: false sites: type: array description: A list of sites and their subnets to be scanned. items: $ref: '#/components/schemas/ScanScheduleSiteInput' notification_group: type: string description: The identifier for a notification group to receive scan alerts. example: security-alerts ScanSchedule: type: object properties: id: type: string format: uuid description: The unique identifier for the scan schedule. example: 9c43cc95-f313-49a3-b632-524f7a24503b description: type: string description: A human-readable name for the scan schedule. example: Weekly Scan for Main Office day_of_week: type: integer description: >- The day of the week to run the scan (0=Sunday, 1=Monday, ..., 6=Saturday). example: 1 time_of_day: type: string description: The time of day to run the scan in 24-hour format (HH:mm). example: '02:00' every_n_weeks: type: integer description: The frequency of the scan in weeks (e.g., 2 for every 2 weeks). example: 2 timezone: type: string description: The timezone in which the `time_of_day` is specified. example: America/New_York min_cvss: type: number format: float description: >- The minimum CVSS score for a vulnerability to be included in reports. example: 4 warning_threshold: type: number format: float description: >- The CVSS score at which a vulnerability is considered a high-priority warning. example: 7 ignore_offline_sites: type: boolean description: If true, the scan will not fail if a site is offline. example: false next_scan_at: type: string format: date-time description: The calculated timestamp for the next scheduled scan. example: '2025-11-10T02:00:00-05:00' running: type: boolean description: Indicates if a scan for this schedule is currently in progress. example: false sites: type: array description: A list of sites and their subnets to be scanned. items: $ref: '#/components/schemas/ScanScheduleSite' created_at: type: string format: date-time description: The timestamp when the schedule was created. example: '2025-10-28T14:30:00Z' updated_at: type: string format: date-time description: The timestamp when the schedule was last updated. example: '2025-10-29T09:00:00Z' status: type: string description: The current status of the scan schedule's lifecycle. example: ready last_run_at: type: string format: date-time description: The timestamp when a scan for this schedule was last initiated. example: '2025-10-27T02:00:00-05:00' notification_group: type: string description: The identifier for a notification group to receive scan alerts. example: security-alerts ScanScheduleSiteInput: type: object required: - id - subnet properties: id: type: string format: uuid description: The unique identifier of the site. example: 9c3c1392-7f36-4240-85f2-273573c0384a subnet: type: string description: >- The IPv4 subnet to be scanned for this site, in CIDR notation. Must be between /22 and /32. example: 192.168.1.0/24 ScanScheduleSite: type: object properties: id: type: string format: uuid description: The unique identifier of the site. example: 9c3c1392-7f36-4240-85f2-273573c0384a subnet: type: string description: The IPv4 subnet to be scanned for this site, in CIDR notation. example: 192.168.1.0/24 ErrorResponse: type: object properties: type: type: string description: A broad category for the error (e.g., 'invalid_request_error'). example: invalid_request_error code: type: string description: A short, unique string identifying the specific error. example: parameter_missing message: type: string description: A human-readable description of what went wrong. example: The 'description' parameter is required for this request. doc_url: type: string description: >- A direct link to the documentation page for this specific error code. example: https://docs.altostrat.io/errors/parameter_missing responses: BadRequestError: description: Bad Request - The request was malformed or invalid. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' UnauthorizedError: description: >- Unauthorized - The request requires authentication, but none was provided or it was invalid. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' ForbiddenError: description: >- Forbidden - The authenticated user does not have permission to perform this action. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' ValidationError: description: >- Unprocessable Entity - The request was well-formed but was unable to be followed due to semantic errors. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' InternalServerError: description: Internal Server Error - An unexpected error occurred on the server. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT description: 'Enter your bearer token in the format: Bearer {token}' ````