Skip to main content

Update Custom Vulnerability Feed

PUT 

/api/v33.01/feeds/custom/custom-vulnerabilities

x-prisma-cloud-target-env: {"permission":"systemOperations"}

Updates all the custom vulnerabilities and associated rules simultaneously for handling internally created or packaged apps.

cURL Request

Refer to the following cURL command that updates a vulnerability for a library named internal-lib, and specifies that its versions 1.1 to 1.8 are known to be vulnerable.

$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X PUT \
-d '
{
"rules": [
{
"_id": "<ID>",
"package": "internal-lib",
"type": "package",
"minVersionInclusive": "1.1",
"name": "internal-lib",
"maxVersionInclusive": "1.8",
"md5": ""
}
]
}' \
"https://<CONSOLE>/api/v<VERSION>/feeds/custom/custom-vulnerabilities"

Note: No response will be returned upon successful execution.

Maintain your Custom Vulnerabilities

We suggest you maintain your custom vulnerabilities using the following steps:

  1. Get all the custom vulnerability rules from the GET endpoint and save the results to a file.

    Note: You will need jq to execute this command.

    $ curl -k \
    -u <USER> \
    https://<CONSOLE>/api/v<VERSION>/feeds/custom/custom-vulnerabilities \
    | jq '.' > custom_vulnerability_rules.json
  2. Open the JSON file and add, modify, and/or delete the rules by directly editing the JSON output. For example:

    {
    "id": "customVulnerabilities",
    "rules": [
    {
    "_id": "<ID>",
    "package": "internal-lib",
    "type": "package",
    "minVersionInclusive": "1.1",
    "name": "internal-lib",
    "maxVersionInclusive": "1.8",
    "md5": ""
    }
    ],
    "digest": "97de7f27XXXXXXXXXX"
    }
  3. Update the rules by pushing the new JSON payload. Note: Do not forget to specify the @ symbol.

    $ curl -k \
    -u <USER> \
    -X PUT \
    -H "Content-Type:application/json" \
    -d @custom_vulnerability_rules.json \
    https://<CONSOLE>/api/v<VERSION>/feeds/custom/custom-vulnerabilities
  4. Run the cURL command for the GET /api/vVERSION/feeds/custom/custom-vulnerabilities endpoint and you can see that the previously installed rules are now overwritten with your new rules.

    $ curl -k \
    -u <USER> \
    -H 'Content-Type: application/json' \
    -X GET \
    https://<CONSOLE>/api/v<VERSION>/feeds/custom/custom-vulnerabilities


## Request

<MimeTabs className={"openapi-tabs__mime"}><TabItem label={"application/json"} value={"application/json-schema"}><details style={{}} className={"openapi-markdown__details mime"} data-collapsed={false} open={true}><summary style={{}} className={"openapi-markdown__details-summary-mime"}><h3 className={"openapi-markdown__details-summary-header-body"}>Body</h3></summary><div style={{"textAlign":"left","marginLeft":"1rem"}}></div><ul style={{"marginLeft":"1rem"}}><SchemaItem collapsible={false} name={"_id"} required={false} schemaName={"string"} qualifierMessage={undefined} schema={{"description":"ID is the custom vulnerabilities feed ID.\n","type":"string"}}></SchemaItem><SchemaItem collapsible={false} name={"digest"} required={false} schemaName={"string"} qualifierMessage={undefined} schema={{"description":"Digest is the internal custom vulnerabilities feed digest.\n","type":"string"}}></SchemaItem><SchemaItem collapsible={true} className={"schemaItem"}><details style={{}} className={"openapi-markdown__details"}><summary style={{}}><span className={"openapi-schema__container"}><strong className={"openapi-schema__property"}>rules</strong><span className={"openapi-schema__name"}> object[]</span></span></summary><div style={{"marginLeft":"1rem"}}><div style={{"marginTop":".5rem","marginBottom":".5rem"}}>

Rules is the list of custom vulnerabilities rules.


</div><li><div style={{"fontSize":"var(--ifm-code-font-size)","opacity":"0.6","marginLeft":"-.5rem","paddingBottom":".5rem"}}>Array [</div></li><SchemaItem collapsible={false} name={"_id"} required={false} schemaName={"string"} qualifierMessage={undefined} schema={{"description":".\n","type":"string"}}></SchemaItem><SchemaItem collapsible={false} name={"maxVersionInclusive"} required={false} schemaName={"string"} qualifierMessage={undefined} schema={{"description":".\n","type":"string"}}></SchemaItem><SchemaItem collapsible={false} name={"md5"} required={false} schemaName={"string"} qualifierMessage={undefined} schema={{"description":".\n","type":"string"}}></SchemaItem><SchemaItem collapsible={false} name={"minVersionInclusive"} required={false} schemaName={"string"} qualifierMessage={undefined} schema={{"description":".\n","type":"string"}}></SchemaItem><SchemaItem collapsible={false} name={"name"} required={false} schemaName={"string"} qualifierMessage={undefined} schema={{"description":".\n","type":"string"}}></SchemaItem><SchemaItem collapsible={false} name={"package"} required={false} schemaName={"string"} qualifierMessage={undefined} schema={{"description":".\n","type":"string"}}></SchemaItem><SchemaItem collapsible={false} name={"type"} required={false} schemaName={"packages.Type (string)"} qualifierMessage={"**Possible values:** [`nodejs,gem,python,jar,package,windows,binary,nuget,go,app,unknown`]"} schema={{"description":"Type describes the package type","enum":[["nodejs","gem","python","jar","package","windows","binary","nuget","go","app","unknown"]],"type":"string","title":"packages.Type"}}></SchemaItem><li><div style={{"fontSize":"var(--ifm-code-font-size)","opacity":"0.6","marginLeft":"-.5rem"}}>]</div></li></div></details></SchemaItem></ul></details></TabItem></MimeTabs><div><div><ApiTabs label={undefined} id={undefined}><TabItem label={"200"} value={"200"}><div>

OK

</div><div></div></TabItem><TabItem label={"default"} value={"default"}><div></div><div></div></TabItem></ApiTabs></div></div>
Loading...