Skip to main content

Download Host Scan Results

GET 
/api/v30.03/hosts/download
x-prisma-cloud-target-env: {"permission":"monitorHosts","saas":true,"self-hosted":true}
x-public: true

Downloads all host scan reports in CSV format.

This endpoint maps to the CSV hyperlink in Monitor > Vulnerabilities > Hosts > Running hosts in the Console UI.

Note: The query parameters fields, complianceID and normalizedSeverity are not supported for this API endpoint.

cURL Request

Refer to the following example cURL command that downloads all host scan reports to a CSV file called hosts_report.csv:

curl -k \
  -u <USER> \
  -H 'Content-Type: text/csv' \
  -X GET -o hosts_report.csv \
  https://<CONSOLE>/api/v<VERSION>/hosts/download

A successful response displays the status of the download.

Request

Query Parameters

    offset integer

    Offsets the result to a specific report count. Offset starts from 0.

    limit integer

    Number of reports to retrieve in a page. For PCCE, the maximum limit is 250. For PCEE, the maximum limit is 50. The default value is 50.

    search string

    Retrieves the result for a search term.

    sort string

    Sorts the result using a key. Refer to the columns in the relevant Prisma Cloud Compute user interface to use them as sort keys.

    reverse boolean

    Sorts the result in reverse order.

    collections string[]

    Filters the result based on collection names that you have defined in Prisma Cloud Compute.

    provider string[]

    Scopes the query by cloud provider.

    accountIDs string[]

    Filters the result based on cloud account IDs.

    resourceIDs string[]

    Scopes the query by resource ID.

    region string[]

    Scopes the query by cloud region.

    fields string[]

    Retrieves the fields that you need in a report. Use the list of fields you want to retrieve. By default, the result shows all fields of data.

    hostname string[]

    Filters the result based on hostnames.

    distro string[]

    Filters the result based on OS distribution names.

    compact boolean

    Provides the minimal image data. Information about vulnerabilities, compliance, and extended image metadata are skipped. Default is false.

    clusters string[]

    Filters the result based on cluster names.

    complianceIDs int[]

    Filters the result based on compliance IDs.

    agentless boolean

    Retrieves the host names that were scanned by the agentless scanner.

    stopped boolean

    Retrieves the host names that were skipped during an agentless scan. Default is false.

    normalizedSeverity boolean

    Retrieves the result in the normalized form of low, medium, high, and critical based on vulnerability's severity level. Default is false.

Responses

OK

Loading...