Object

Scan

A scan of one of your sites using the embedded Burp Scanner. A Scan object is created based on the associated schedule item when the scan is due to start.

Fields

id(ID!)
The unique identifier for the scan.
schedule_item(ScheduleItem)
The schedule item from which this scan was created.
site_id(ID!)
The unique identifier of the site that is being scanned.
site_name(String)
The name of the site that is being scanned.
start_time(Timestamp)
The time at which the scan started.
end_time(Timestamp)
The time at which the scan finished.
duration_in_seconds(Long)
The total time the scan took to run.
status(ScanStatus)
The current status of the scan, for example, whether the scan is currently running, has finished, or failed.
agent(Agent)
The agent machine used to perform the scan.
scan_metrics(ScanProgressMetrics)
A collection of metrics that provide details of a scan's progress, such as how many requests it has made.
scan_failure_message(String)
A message that provides information about why a scan failed.
generated_by(GeneratedBy)
Indicates whether the scan was created on the Burp Suite Enterprise Edition web UI by a user, or was generated using the REST API.
scanner_version(String)
The version of Burp Scanner used to perform this scan.
scan_configurations([ScanConfiguration!])
A list of scan configurations that were used for this scan.
scan_delta(ScanDelta)
Provides information about how the number of issues has changed in relation to the previous scan, such as how many new issues have been found.
jira_ticket_count(Int)
The number of Jira tickets that have been created for issues found by this scan.
issue_types([IssueType!])
A list of issue types that have been found during this scan.
issue_counts(IssueCounts)
Provides information about the number of issues found, broken down by their severity level.
audit_items([AuditItem!])
A list of audit items that have been identified during the scan.
audit_item(AuditItem)
A specific audit item that has been identified by the scan.
scope(Scope!)
The URLs that are crawled and audited during the scan.
site_application_logins([ApplicationLogin!])
A list of login credentials that were provided for this site. This set of credentials is used by the scan to crawl areas of the site that are only accessible to registered users.
schedule_item_application_logins([ApplicationLogin!])
A list of login credentials that were provided for the schedule item from which the scan was created.
issues([Issue!])
A list of issues that have been found by the scan.

Example

Query
query GetScan ($id: ID!) {
   scan(id: $id) {
     id
     status
     agent {
       id
       name 
    }
     issue_types {
       confidence
       severity
       novelty 
    }
     site_application_logins {
       label
       username 
    }
     audit_items {
       id 
      issue_counts {
          total 
      }
       number_of_requests 
    }
     scan_configurations {
       id
       name 
    } 
  }
}
Variables
{
  "id": "4"
}
Result
{
  data": {
    scan": {
      id": "4",
      status": "running",
      agent": {
        id": "1",
        name": "agent #1"
      },
      issue_types": [
        {
          confidence": "certain",
          severity": "high",
          novelty": "first"
        },
        {
          confidence": "certain",
          severity": "low",
          novelty": "first"
        },
        {
          confidence": "certain",
          severity": "info",
          novelty": "first"
        },
        {
          confidence": "certain",
          severity": "info",
          novelty": "first"
        },
        {
          confidence": "firm",
          severity": "info",
          novelty": "first"
        }
      ],
      site_application_logins": [],
      audit_items": [],
      scan_configurations": [
        {
          id": "ab530a7b-6f83-4ba0-9fcb-298f6da3eed4",
          name": "Audit coverage - maximum"
        },
        {
          id": "fe930408-6829-47b1-a168-f7fb9bd42f34",
          name": "Crawl strategy - most complete"
        }
      ]
    }
  }
}