Does anyone have a query specifically around the API where we are able to determine the exact asset count where vulnerabilities have been assessed (excluding discovered assets).
I know we can use SQL Exporter etc but wanting to avoid this.
There are two separate APIs for InsightVM. There is a cloud API and the console API. Either of these should be able to get you what you’re looking for.
The query the API using Python for example to get this info would be this:
import requests
url = "https://<console URL>:3780/api/3/assets"
payload={}
headers = {
'Accept': 'application/json;charset=UTF-8',
'Authorization': 'Basic <Base 64 of creds>'
}
response = requests.request("GET", url, headers=headers, data=payload)
print(response.text)
That little bit of code was pulled directly from Postman and just shows you how to bring back all of the assets. The key in the response that you’re looking for is "assessedForVulnerabilities": true
Keep in mind as well that the API only returns 10 assets per page so you may want to increase the size when you make the call or page through. Basically just add some lines of code to loop through the response and only add the assets with that value above to a new list or delete the ones from the list that are false.