I would like to query XDR externally for the data stored in the Host Insights > Vulnerability Assessment page.
I looked through all of the available APIs, but none of them seem to have data related to CVEs. I would not be opposed to writing a custom XQL query for this data, but I do not see fields related to CVE's in the xdr_data schema either.. is it in there somewhere and I just missed it?
I know I can manually export the data to file on the page, but I need to accomplish this programmatically.
Any tips on how I could go about extracting this data?
Hi @JamesWiggins ,
Thanks for posting to our Live Community discussion board. At the moment information about CVE is only available inside the UI (via export function). As an alternative you can create a custom dataset containing the vulnerabilities in the CSV format and be able to map it against other datasets.
Let me know if you got any questions or concerns!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!