Object

Scan

A scan of one of your sites using the embedded Burp Scanner. A Scan object is created based on the associated schedule item when the scan is due to start.

Fields

agent(): Agent

The agent machine used to perform the scan.

api_definitions(): [ApiFilenameUrl!]!

The API definition file filename or hosted URL.

audit_item(id: ID!): AuditItem

A specific audit item that has been identified by the scan.

audit_items(sort_column: AuditItemSortColumn, sort_order: SortOrder): [AuditItem!]

A list of audit items that have been identified during the scan.

bchecks(): [BCheck!]

Provides a list of BChecks that were used for the scan.

duration_in_seconds(): Long

The total time the scan took to run.

end_time(): Timestamp

The time at which the scan finished.

estimated_duration_in_seconds(): Long

The estimated time for the scan to run, if available.

extensions(): [Extension!]

Provides a list of extensions that were used for the scan.

generated_by(): GeneratedBy

Indicates the method in which the scan was initiated.

gitlab_issue_count(): Int

The number of GitLab issues that have been created for issues found by this scan.

id(): ID!

The unique identifier for the scan.

issue_counts(): IssueCounts

Provides information about the number of issues found, sorted their severity level.

issue_type_groups(severities: [Severity], confidences: [Confidence], novelties: [Novelty], accepted_risks: [Boolean]): [IssueTypeGroup!]

A list of issues that were found during this scan, grouped by their issue type.

issues(type_index: ID, start: Int!, count: Int!, severities: [Severity], confidences: [Confidence], novelties: [Novelty], accepted_risks: [Boolean]): [Issue!]

A list of issues that have been found by the scan.

jira_ticket_count(): Int

The number of Jira tickets that have been created for issues found by this scan.

scan_configurations(): [ScanConfiguration!]

A list of scan configurations that were used for this scan.

scan_delta(): ScanDelta

Provides information about how the number of issues has changed in relation to the previous scan, such as how many new issues have been found.

scan_failure_cause(): String

A message that provides more information about what caused a scan failure.

scan_failure_code(): Int

A number that indicates why a scan failed.

scan_failure_message(): String

A message that provides information about why a scan failed.

scan_failure_remedy(): String

A message that provides information about how to resolve a scan failure.

scan_metrics(): ScanProgressMetrics

A collection of metrics that provide details of a scan's progress, such as how many requests it has made.

scan_target(): ScanTarget!

Describes the target for this scan.

scanned_items(): [ScannedItem]

A combined list of crawl and audit items.

scanner_build_number(): Int

The version of Burp Scanner used to perform this scan.

scanner_version(): String

The version of Burp Scanner used to perform this scan.

schedule_item(): ScheduleItem

The schedule item from which this scan was created.

schedule_item_application_logins(): ApplicationLogins!

All the saved application logins associated with the schedule item from which this scan was created. These can either be basic sets of login credentials or scripts of full login sequences that you recorded with the Burp Suite Navigation Recorder browser extension. These are used by scans to crawl areas of the site that are only accessible to registered users.

scheduled_start_time(): Timestamp

The time at which the scan was schedule to start.

scope_v2(): ScopeV2!

The site scope used for the scan.

settings(): SiteSettings

Settings for a site.

site_application_logins(): ApplicationLogins!

All the application logins that are associated with this site. These can either be basic sets of login credentials or scripts of full login sequences that you recorded with the Burp Suite Navigation Recorder browser extension. These are used by scans to crawl areas of the site that are only accessible to registered users.

site_id(): ID!

Deprecated: Use the scan_target.id field instead

The unique identifier of the site that is being scanned.

site_name(): String

Deprecated: Use the scan_target.name field instead

The name of the site that is being scanned.

start_time(): Timestamp

The time at which the scan started.

status(): ScanStatus

The current status of the scan, for example, whether the scan is currently running, has finished, or failed.

trello_card_count(): Int

The number of Trello cards that have been created for issues found by this scan.

warnings(): ScanWarnings

Any warnings about the scan.

Example

Query

query GetScan ($scan_id: ID!) {
    scan(id: $scan_id) {
        id
        status
        agent {
            id
            name
        }
        site_application_logins {
            login_credentials {
                label
                username
            }
            recorded_logins {
                label
            }
        }
        audit_items {
            id
            issue_counts {
                total
            }
            number_of_requests
        }
        scan_configurations {
            id
            name
        }
        settings {
            request_headers {
                name
                value
            }
            request_cookies {
                name
                value
            }
        }
    }
}

Variables

{
  "scan_id": "4"
}

Result

{
  "data": {
    "scan": {
      "id": "4",
      "status": "succeeded",
      "agent": {
        "id": null,
        "name": null
      },
      "site_application_logins": {
        "login_credentials": [],
        "recorded_logins": []
      },
      "audit_items": [
        {
          "id": "500117",
          "issue_counts": {
            "total": 1
          },
          "number_of_requests": 325
        }
      ],
      "scan_configurations": [
        {
          "id": null,
          "name": null
        }
      ],
      "settings": {
        "request_headers": [],
        "request_cookies": []
      }
    }
  }
}