Get Evaluation Reports
Use this API to download a report that is generated for the evaluation of a specified standard against a specified asset in
Control Compliance Suite
12.5.Authentication
To grant access to users to view or execute
Control Compliance Suite
RESTful APIs, you must generate an authentication token.Authorization requirements
You must have permissions to execute the following task to use the Get Reports API:
- View evaluation results
You do not require permission on any
Control Compliance Suite
folder to use this API.Request method
To download an evaluation report, create a
GET
request.HTTPS request components for Get Evaluation Reports API
Create a GET request by using the following components:
Request component | Value |
|---|---|
URL |
You can also use the Fully Qualified Domain Name (FQDN) as the hostname. You can configure the port number from the Integration Services Endpoint Configuration dialog box from Settings > Deployment View on the Control Compliance Suite console. You must restart the Symantec Application Server Service after you configure the port. If you do not configure the port, the default port is considered in the request. The default port is 12431. |
Content type | application/json |
HTTPS request parameters for Get Evaluation Reports API
The following table contains the description of the HTTPS request parameters for the Get Reports API:
Field name | Field type | Data type | Description |
|---|---|---|---|
AssetID | Mandatory | GUID | This is a unique identifier of an evaluated Control Compliance Suite asset for which an evaluation report is downloaded. |
StandardID | Mandatory | GUID | This is a unique identifier of a standard against which asset is evaluated. |
ReportFileType | Optional | String | This is the file format in which you want to download the evaluation report. Currently, only Microsoft Excel file format is supported. To download the evaluation report in Microsoft Excel file format, you must complete the following prerequisites:
* On a 64-bit (x64) computer : %WINDIR%\SysWow64\Config\SystemProfile * On a 32-bit (x86) computer : %WINDIR%\System32\Config\SystemProfile |
JobRunID | Mandatory | GUID | This is a unique identifier of the job run which contains the specified standard and asset. |
Sample HTTPS request for Get Evaluation Reports API
The following is a sample HTTPS request for your reference:
Request component | Value |
|---|---|
URL |
|
Content type | application/json |
Sample HTTPS response for Get Evaluation Reports API
On successful report generation, HTTPS response code 200 (OK) is returned along with a downloaded file that has the 'EvaluationResultExport_YYYY.MM.DD.HH.MM.SS.MSS'.xls naming convention. From Release 12.7.0, the downloaded report provides remediation information in the Remediaiton column.
HTTPS response codes for Get Evaluation Reports API
Depending on the success or the failure of your API request, you see the following response codes for the Get Evaluation Reports API:
Response Code | Response Type | Description |
|---|---|---|
200 | OK | The report file is successfully downloaded in the specified format. |
404 | NOT Found | This error is displayed if any of the input parameters does not exist in the Control Compliance Suite system. |
403 | Forbidden | This may be because the identified user does not have proper authorization to access the requested content. |
401 | Unauthorized | This may be because of an invalid or expired access token in an API request. |
400 | Bad Request (Client Error) | The following error message is displayed:
|
500 | Internal Server Error (Server Error) | The following error message is displayed:
|
Sample Python script for Get Evaluation Reports API
Click to view a sample Python script for Get Evaluation Reports API
# Script to Generate evaluation report in excel format import requests from requests.packages.urllib3.exceptions import InsecureRequestWarning import xlwt import io import os # Variable # Replace the <hostname> with CCS application server host name # Replace the <port number> with the configured port number for REST API, Default Port Number : 12431 # Replace the <user name> and <password> with valid CCS user name and password for example: UserName = domain1\\administrator, password = <Base64 encoded> HostName = '<hostname>' PortNumber = '<port number>' UserName = '<user name>' Password = '<password>' #<Base64 encoded> ExcelFilePath = "c:\\Outputfile.xls" if os.path.exists(ExcelFilePath): os.remove(ExcelFilePath) # Function to generate CCS REST API access token def getToken(): urlToken = "https://" + HostName + ":" + PortNumber + "/ccs/api/v1/oauth/tokens" payload = "grant_type=password&username=" + UserName + "&password=" + Password +"" headers = {'Content-Type': "application/json"} responseToken = requests.request("POST", urlToken, data=payload, headers=headers, verify=False) autheticationresult = responseToken.status_code if (autheticationresult!=200) : print("\nToken Generation Failed. Please check if the REST API is enabled and User name and password is correct\n") exit() tokenDict = responseToken.json() token = tokenDict['access_token'] refreshToken = tokenDict['refresh_token'] print("bearer Token is:\n") print(token) print("\n Refresh Token is:\n") print(refreshToken) return token # CCS Report URI url = "https://" + HostName + ":" + PortNumber + "/ccs/api/v1/Reports" # Provide the Asset GUID, Standard GUID, Job GUID and Report file type as "excel". querystring = {"assetid":"<AssetID>", "standardid":"<StandardID>", "reportfiletype":"excel", "jobrunid":"<JobRunID>"} requests.packages.urllib3.disable_warnings(InsecureRequestWarning) bearertoken = "Bearer " + getToken() headers = { 'Authorization': bearertoken , 'Content-Type': "application/json" } response = requests.request("GET", url, headers=headers, params=querystring, verify=False) file = open(ExcelFilePath,"wb") file.write(response.content) file.close()