I am trying to create a query to list all assets and associated vulnerabilities which have an exception. I am lost when exception can be for individual host or asset group or as a whole. IF anybody wrote a query please share.
SELECT
da.ip_address AS "IP Address",
da.host_name AS "Host Name",
dv.title AS "Vulnerability",
dve.additional_comments AS "Comments",
dest.description AS "Exception Type",
dve.submitted_by AS "Submitted by",
dve.reviewed_by AS "Reviewed by",
dve.review_comment AS "Reviewer's Comment",
dve.expiration_date AS "Exception Expiration Date"
FROM dim_vulnerability_exception dve
JOIN dim_asset da ON dve.asset_id = da.asset_id
JOIN dim_vulnerability dv ON dve.vulnerability_id = dv.vulnerability_id
JOIN dim_exception_scope descope ON dve.scope_id = descope.scope_id
JOIN dim_exception_status dest ON dve.status_id = dest.status_id
I think these tables are in the rapid7 vm DB. I only see the “dim_vulnerability_exception” in the data warehouse.