Get Risk Profiles for Specified Report

Retrieve risk profiles associated with a specific report using the report ID. To acquire the report ID, use the GET /report/findAllReports method from the Reports API.

Resource Name: /api/v1/seikan/report/{reportId}/risks_list

Request Method: GET

Request Parameters:

Parameter Type Description
reportId mandatory string The unique identifier of the report. Use GET /report/findAllReports to retrieve this value.

cURL Example:

Copy 
curl -X GET \  
    "https://localhost/api/v1/seikan/report/afa-1/risks_list" \\
    -H "Authorization: Bearer your-token"            

Status Codes:

Code Description
200 OK
400 Bad Request
401 Unauthorized
403 The session does not have permissions to the device
404 Unknown report
423 Locked
429 Too Many Requests
500 Internal Server Error
503 Service Unavailable

Response Parameters:

Parameter Type Description
RiskReportResponse array Array of risk profiles related to the specified report.
riskDefinition object Reference to RiskAbstract. This parameter is a nested object and contains details about the risk's abstract definition.
code string A unique identifier for the risk.
name string The name of the risk.
severity string The level of risk, e.g., "High".
title string The title or short summary of the risk.
description string A detailed explanation of the risk.
assessment string An evaluation or analysis of the risk.
remedy string Suggested actions to mitigate or resolve the risk.
device string The device associated with the risk report.
total integer Total count of risks in the report (32-bit integer).
title string Title of the risk report.
newRiskInReport boolean Indicates whether there are new risks included in this report.

Response Example Success (200):

Copy 
[
  {
    "riskDefinition": {
      "code": "F01",
      "name": "F01-fwinsec-ext-ckp",
      "severity": "SUSP_HIGH",
      "title": "Insecure external access to firewall",
      "description": " \nAccess to the firewall should be limited to secure, encrypted and \nauthenticated services, and network management services.  These \ninclude Check Point's services (grouped under the FireWall1 service \ngroup), and SSH.  Common network management services include SNMP, \nTraceroute, and some ICMP services like ICMP-echo and ICMP-echo-reply \n(\"ping\").  You should generally deny other services from reaching the \nfirewall, and in particular, do not allow the highly risky \"Any\" \nservice. \n    ",
      "assessment": " \nThe total number of rules tha...
      "remedy": "  \nRemove the rules that allow insecure services to access the firewall. "
    },
    "device": "R80_10_GW_1",
    "total": 1,
    "title": "Insecure external access to firewall",
    "newRiskInReport": false
  }
]

Response Example Failure (400):

Copy 
{
  "error": "string",
  "description": "string",
  "fieldErrors": [
    {
      "field": "string",
      "error": "string"
    }
  ]
}