Snyk 集成
编辑Snyk 集成
编辑此集成用于从 Snyk API 提取数据。该集成允许通过 Snyk REST API 和 旧版 APIv1 API 收集审计日志信息和漏洞问题。
REST API
编辑-
issues: 收集相关组织和项目的所有发现的问题 -
audit_logs: 从 Snyk 收集审计日志,这可以是用户、权限、组、API 访问等操作。
要配置对 Snyk REST 审计日志 API 的访问,您必须从 您的 Snyk 帐户仪表板获取 API 访问令牌,如 Snyk 文档中所述。
旧版 APIv1
编辑-
vulnerabilities: 收集相关组织和项目的所有发现的漏洞 -
audit: 从 Snyk 收集审计日志,这可以是用户、权限、组、API 访问等操作。
要配置对 Snyk 审计日志 APIv1 的访问,您必须按照 Snyk 文档中所述生成 API 访问令牌。
审计日志
编辑示例
针对 audit 的示例事件如下所示
{
"@timestamp": "2024-05-15T16:34:14.144Z",
"agent": {
"ephemeral_id": "6b4b2646-d403-4342-9261-edee5f31db21",
"id": "24936262-0cda-4934-aea3-82bed4844c98",
"name": "docker-fleet-agent",
"type": "filebeat",
"version": "8.13.0"
},
"data_stream": {
"dataset": "snyk.audit_logs",
"namespace": "ep",
"type": "logs"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "24936262-0cda-4934-aea3-82bed4844c98",
"snapshot": false,
"version": "8.13.0"
},
"event": {
"action": "org.project.issue.create",
"agent_id_status": "verified",
"dataset": "snyk.audit_logs",
"ingested": "2024-05-23T23:38:58Z",
"original": "{\"content\":{\"action\":\"Returned from analysis\"},\"created\":\"2024-05-15T16:34:14.144Z\",\"event\":\"org.project.issue.create\",\"org_id\":\"0de7b2d6-c1da-46aa-887e-1886f96770d4\",\"project_id\":\"d2bf0629-84a7-4b0b-b435-f49a87f0720c\"}",
"type": [
"creation"
]
},
"input": {
"type": "cel"
},
"organization": {
"id": "0de7b2d6-c1da-46aa-887e-1886f96770d4"
},
"snyk": {
"audit_logs": {
"content": {
"action": "Returned from analysis"
},
"org_id": "0de7b2d6-c1da-46aa-887e-1886f96770d4",
"project_id": "d2bf0629-84a7-4b0b-b435-f49a87f0720c"
}
},
"tags": [
"preserve_original_event",
"forwarded",
"snyk-audit-logs"
]
}
导出的字段
| 字段 | 描述 | 类型 |
|---|---|---|
@timestamp |
事件时间戳。 |
date |
data_stream.dataset |
数据流数据集名称。 |
constant_keyword |
data_stream.namespace |
数据流命名空间。 |
constant_keyword |
data_stream.type |
数据流类型。 |
constant_keyword |
event.dataset |
事件数据集 |
constant_keyword |
event.module |
事件模块 |
constant_keyword |
host.containerized |
主机是否为容器。 |
boolean |
host.os.build |
操作系统构建信息。 |
keyword |
host.os.codename |
操作系统代号(如果有)。 |
keyword |
input.type |
Filebeat 输入的类型。 |
keyword |
log.flags |
日志文件的标志。 |
keyword |
log.offset |
日志文件中条目的偏移量。 |
long |
snyk.audit_logs.content |
更改内容的概述,包括旧值和新值。 |
flattened |
snyk.audit_logs.org_id |
与事件相关的相关组织的 ID。 |
keyword |
snyk.audit_logs.project_id |
与事件相关的项目的 ID。 |
keyword |
snyk.audit_logs.user_id |
与事件相关的用户的 ID。 |
keyword |
snyk.projects |
包含所有相关项目对象的数组。 |
flattened |
snyk.related.projects |
所有相关项目 ID 的数组。 |
keyword |
问题
编辑示例
针对 issues 的示例事件如下所示
{
"@timestamp": "2024-05-15T18:49:24.958Z",
"agent": {
"ephemeral_id": "15edfc41-3c98-4358-b81a-457fe310ca39",
"id": "24936262-0cda-4934-aea3-82bed4844c98",
"name": "docker-fleet-agent",
"type": "filebeat",
"version": "8.13.0"
},
"data_stream": {
"dataset": "snyk.issues",
"namespace": "ep",
"type": "logs"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "24936262-0cda-4934-aea3-82bed4844c98",
"snapshot": false,
"version": "8.13.0"
},
"event": {
"agent_id_status": "verified",
"dataset": "snyk.issues",
"ingested": "2024-05-23T23:49:52Z",
"kind": [
"alert"
],
"original": "{\"attributes\":{\"coordinates\":[{\"is_fixable_manually\":false,\"is_fixable_snyk\":false,\"is_fixable_upstream\":false,\"is_patchable\":false,\"is_pinnable\":false,\"is_upgradeable\":false,\"reachability\":\"no-info\",\"representations\":[{\"dependency\":{\"package_name\":\"git/git-man\",\"package_version\":\"1:2.30.2-1\"}}]},{\"is_fixable_manually\":false,\"is_fixable_snyk\":false,\"is_fixable_upstream\":false,\"is_patchable\":false,\"is_pinnable\":false,\"is_upgradeable\":false,\"reachability\":\"no-info\",\"representations\":[{\"dependency\":{\"package_name\":\"git\",\"package_version\":\"1:2.30.2-1\"}}]}],\"created_at\":\"2024-05-15T18:49:24.958Z\",\"effective_severity_level\":\"low\",\"ignored\":false,\"key\":\"SNYK-DEBIAN11-GIT-6846207\",\"problems\":[{\"id\":\"SNYK-DEBIAN11-GIT-6846207\",\"source\":\"SNYK\",\"type\":\"vulnerability\",\"updated_at\":\"2024-05-15T18:49:26.454629Z\"},{\"id\":\"CVE-2024-32020\",\"source\":\"NVD\",\"type\":\"vulnerability\",\"updated_at\":\"2024-05-15T18:49:26.454631Z\",\"url\":\"https://nvd.nist.gov/vuln/detail/CVE-2024-32020\"}],\"risk\":{\"factors\":[],\"score\":{\"model\":\"v1\",\"value\":221}},\"status\":\"open\",\"title\":\"CVE-2024-32020\",\"type\":\"package_vulnerability\",\"updated_at\":\"2024-05-15T18:49:24.958Z\"},\"id\":\"bdb0b182-440e-483f-8f42-d4f5477e8349\",\"relationships\":{\"organization\":{\"data\":{\"id\":\"0de7b2d6-c1da-46aa-887e-1886f96770d4\",\"type\":\"organization\"},\"links\":{\"related\":\"/orgs/0de7b2d6-c1da-46aa-887e-1886f96770d4\"}},\"scan_item\":{\"data\":{\"id\":\"068c68be-4f21-4edd-9975-92dd051d16dc\",\"type\":\"project\"},\"links\":{\"related\":\"/orgs/0de7b2d6-c1da-46aa-887e-1886f96770d4/projects/068c68be-4f21-4edd-9975-92dd051d16dc\"}}},\"type\":\"issue\"}",
"type": [
"info"
]
},
"input": {
"type": "cel"
},
"organization": {
"id": "0de7b2d6-c1da-46aa-887e-1886f96770d4"
},
"snyk": {
"issues": {
"attributes": {
"coordinates": [
{
"is_fixable_manually": false,
"is_fixable_snyk": false,
"is_fixable_upstream": false,
"is_patchable": false,
"is_pinnable": false,
"is_upgradeable": false,
"reachability": "no-info",
"representations": [
{
"dependency": {
"package_name": "git/git-man",
"package_version": "1:2.30.2-1"
}
}
]
},
{
"is_fixable_manually": false,
"is_fixable_snyk": false,
"is_fixable_upstream": false,
"is_patchable": false,
"is_pinnable": false,
"is_upgradeable": false,
"reachability": "no-info",
"representations": [
{
"dependency": {
"package_name": "git",
"package_version": "1:2.30.2-1"
}
}
]
}
],
"created_at": "2024-05-15T18:49:24.958Z",
"effective_severity_level": "low",
"ignored": false,
"key": "SNYK-DEBIAN11-GIT-6846207",
"problems": [
{
"id": "SNYK-DEBIAN11-GIT-6846207",
"source": "SNYK",
"type": "vulnerability",
"updated_at": "2024-05-15T18:49:26.454629Z"
},
{
"id": "CVE-2024-32020",
"source": "NVD",
"type": "vulnerability",
"updated_at": "2024-05-15T18:49:26.454631Z",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32020"
}
],
"risk": {
"score": {
"model": "v1",
"value": 221
}
},
"status": "open",
"title": "CVE-2024-32020",
"type": "package_vulnerability",
"updated_at": "2024-05-15T18:49:24.958Z"
},
"id": "bdb0b182-440e-483f-8f42-d4f5477e8349",
"relationships": {
"organization": {
"data": {
"id": "0de7b2d6-c1da-46aa-887e-1886f96770d4",
"type": "organization"
},
"links": {
"related": "/orgs/0de7b2d6-c1da-46aa-887e-1886f96770d4"
}
},
"scan_item": {
"data": {
"id": "068c68be-4f21-4edd-9975-92dd051d16dc",
"type": "project"
},
"links": {
"related": "/orgs/0de7b2d6-c1da-46aa-887e-1886f96770d4/projects/068c68be-4f21-4edd-9975-92dd051d16dc"
}
}
}
}
},
"tags": [
"preserve_original_event",
"forwarded",
"snyk-issues"
],
"vulnerability": {
"enumeration": [
"SNYK",
"NVD"
],
"id": [
"SNYK-DEBIAN11-GIT-6846207",
"CVE-2024-32020"
],
"reference": [
"https://nvd.nist.gov/vuln/detail/CVE-2024-32020"
],
"scanner": {
"vendor": "Snyk"
},
"severity": "low"
}
}
导出的字段
| 字段 | 描述 | 类型 |
|---|---|---|
@timestamp |
事件时间戳。 |
date |
data_stream.dataset |
数据流数据集名称。 |
constant_keyword |
data_stream.namespace |
数据流命名空间。 |
constant_keyword |
data_stream.type |
数据流类型。 |
constant_keyword |
event.dataset |
事件数据集 |
constant_keyword |
event.module |
事件模块 |
constant_keyword |
host.containerized |
主机是否为容器。 |
boolean |
host.os.build |
操作系统构建信息。 |
keyword |
host.os.codename |
操作系统代号(如果有)。 |
keyword |
input.type |
Filebeat 输入的类型。 |
keyword |
log.flags |
日志文件的标志。 |
keyword |
log.offset |
日志文件中条目的偏移量。 |
long |
snyk.issues.attributes.classes.id |
keyword |
|
snyk.issues.attributes.classes.source |
keyword |
|
snyk.issues.attributes.classes.type |
keyword |
|
snyk.issues.attributes.coordinates.cloud_resource |
指向某些服务(如云资源)的资源位置。 |
flattened |
snyk.issues.attributes.coordinates.is_fixable_manually |
boolean |
|
snyk.issues.attributes.coordinates.is_fixable_snyk |
boolean |
|
snyk.issues.attributes.coordinates.is_fixable_upstream |
boolean |
|
snyk.issues.attributes.coordinates.is_patchable |
boolean |
|
snyk.issues.attributes.coordinates.is_pinnable |
boolean |
|
snyk.issues.attributes.coordinates.is_upgradeable |
boolean |
|
snyk.issues.attributes.coordinates.reachability |
keyword |
|
snyk.issues.attributes.coordinates.representations.dependency.package_name |
keyword |
|
snyk.issues.attributes.coordinates.representations.dependency.package_version |
keyword |
|
snyk.issues.attributes.coordinates.resourcePath |
keyword |
|
snyk.issues.attributes.created_at |
date |
|
snyk.issues.attributes.effective_severity_level |
问题严重级别枚举的类型:info、low、medium、high 或 critical。这通常由问题的生产者设置,但可以被策略覆盖。 |
keyword |
snyk.issues.attributes.ignored |
boolean |
|
snyk.issues.attributes.key |
keyword |
|
snyk.issues.attributes.problems.disclosed_at |
此问题何时向公众披露。 |
date |
snyk.issues.attributes.problems.discovered_at |
何时首次发现此问题。 |
date |
snyk.issues.attributes.problems.id |
keyword |
|
snyk.issues.attributes.problems.source |
keyword |
|
snyk.issues.attributes.problems.type |
问题类型:规则或漏洞。 |
keyword |
snyk.issues.attributes.problems.updated_at |
此问题上次更新的时间。 |
date |
snyk.issues.attributes.problems.url |
keyword |
|
snyk.issues.attributes.risk.score.model |
用于计算得分值的风险评分模型。 |
keyword |
snyk.issues.attributes.risk.score.updated_at |
date |
|
snyk.issues.attributes.risk.score.value |
风险评分值,可用于整体优先级排序。 |
long |
snyk.issues.attributes.status |
问题的状态:open 或 resolved。 |
keyword |
snyk.issues.attributes.title |
keyword |
|
snyk.issues.attributes.type |
keyword |
|
snyk.issues.attributes.updated_at |
date |
|
snyk.issues.id |
问题参考 ID。 |
keyword |
snyk.issues.relationships.organization.data.id |
keyword |
|
snyk.issues.relationships.organization.data.type |
keyword |
|
snyk.issues.relationships.organization.links.related |
keyword |
|
snyk.issues.relationships.scan_item.data.id |
keyword |
|
snyk.issues.relationships.scan_item.data.type |
keyword |
|
snyk.issues.relationships.scan_item.links.related |
keyword |
|
snyk.projects |
包含所有相关项目对象的数组。 |
flattened |
snyk.related.projects |
所有相关项目 ID 的数组。 |
keyword |
审计(旧版)
编辑示例
针对 audit 的示例事件如下所示
{
"@timestamp": "2020-11-12T13:24:40.317Z",
"agent": {
"ephemeral_id": "8dd58507-15bf-413b-bbbe-f278ce3905c3",
"id": "bb043b0c-36d1-4054-81ed-2d3f4546a433",
"name": "docker-fleet-agent",
"type": "filebeat",
"version": "8.8.1"
},
"data_stream": {
"dataset": "snyk.audit",
"namespace": "ep",
"type": "logs"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "bb043b0c-36d1-4054-81ed-2d3f4546a433",
"snapshot": false,
"version": "8.8.1"
},
"event": {
"action": "api.access",
"agent_id_status": "verified",
"created": "2023-07-06T18:45:03.747Z",
"dataset": "snyk.audit",
"ingested": "2023-07-06T18:45:04Z",
"original": "{\"content\":{\"url\":\"/api/v1/org/orgid123test-5643asd234-asdfasdf/projects\"},\"created\":\"2020-11-12T13:24:40.317Z\",\"event\":\"api.access\",\"groupId\":\"groupid123test-543123-54312sadf-123ad\",\"orgId\":\"orgid123test-5643asd234-asdfasdf\",\"projectId\":null,\"userId\":\"userid123test-234sdfa2-423sdfa-2134\"}"
},
"input": {
"type": "httpjson"
},
"snyk": {
"audit": {
"content": {
"url": "/api/v1/org/orgid123test-5643asd234-asdfasdf/projects"
},
"org_id": "orgid123test-5643asd234-asdfasdf"
}
},
"tags": [
"preserve_original_event",
"forwarded",
"snyk-audit"
],
"user": {
"group": {
"id": "groupid123test-543123-54312sadf-123ad"
},
"id": "userid123test-234sdfa2-423sdfa-2134"
}
}
导出的字段
| 字段 | 描述 | 类型 |
|---|---|---|
@timestamp |
事件时间戳。 |
date |
data_stream.dataset |
数据流数据集名称。 |
constant_keyword |
data_stream.namespace |
数据流命名空间。 |
constant_keyword |
data_stream.type |
数据流类型。 |
constant_keyword |
event.dataset |
事件数据集 |
constant_keyword |
event.module |
事件模块 |
constant_keyword |
host.containerized |
主机是否为容器。 |
boolean |
host.os.build |
操作系统构建信息。 |
keyword |
host.os.codename |
操作系统代号(如果有)。 |
keyword |
input.type |
Filebeat 输入的类型。 |
keyword |
log.flags |
日志文件的标志。 |
keyword |
log.offset |
日志文件中条目的偏移量。 |
long |
snyk.audit.content |
更改内容的概述,包括旧值和新值。 |
flattened |
snyk.audit.org_id |
与事件相关的相关组织的 ID。 |
keyword |
snyk.audit.project_id |
与事件相关的项目的 ID。 |
keyword |
snyk.projects |
包含所有相关项目对象的数组。 |
flattened |
snyk.related.projects |
所有相关项目 ID 的数组。 |
keyword |
漏洞(旧版)
编辑示例
针对 vulnerabilities 的示例事件如下所示
{
"@timestamp": "2023-07-06T18:46:12.851Z",
"agent": {
"ephemeral_id": "eadbc5df-eed9-4729-9f23-a701b539bf47",
"id": "bb043b0c-36d1-4054-81ed-2d3f4546a433",
"name": "docker-fleet-agent",
"type": "filebeat",
"version": "8.8.1"
},
"data_stream": {
"dataset": "snyk.vulnerabilities",
"namespace": "ep",
"type": "logs"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "bb043b0c-36d1-4054-81ed-2d3f4546a433",
"snapshot": false,
"version": "8.8.1"
},
"event": {
"agent_id_status": "verified",
"created": "2023-07-06T18:46:12.851Z",
"dataset": "snyk.vulnerabilities",
"ingested": "2023-07-06T18:46:13Z",
"original": "{\"introducedDate\":\"2020-04-07\",\"isFixed\":false,\"issue\":{\"CVSSv3\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"credit\":[\"Snyk Security Research Team\"],\"cvssScore\":\"8.1\",\"disclosureTime\":\"2016-11-27T22:00:00.000Z\",\"exploitMaturity\":\"no-known-exploit\",\"id\":\"npm:ejs:20161128\",\"identifiers\":{\"ALTERNATIVE\":[\"SNYK-JS-EJS-10218\"],\"CVE\":[],\"CWE\":[\"CWE-94\"]},\"isIgnored\":false,\"isPatchable\":false,\"isPatched\":false,\"isPinnable\":false,\"isUpgradable\":false,\"jiraIssueUrl\":null,\"language\":\"js\",\"originalSeverity\":null,\"package\":\"ejs\",\"packageManager\":\"npm\",\"patches\":[{\"comments\":[],\"id\":\"patch:npm:ejs:20161128:0\",\"modificationTime\":\"2019-12-03T11:40:45.851976Z\",\"urls\":[\"https://snyk-patches.s3.amazonaws.com/npm/ejs/20161128/ejs_20161128_0_0_3d447c5a335844b25faec04b1132dbc721f9c8f6.patch\"],\"version\":\"\\u003c2.5.3 \\u003e=2.2.4\"}],\"priorityScore\":4.05,\"publicationTime\":\"2016-11-28T18:44:12.000Z\",\"reachability\":\"No Info\",\"semver\":{\"vulnerable\":[\"\\u003c2.5.3\"]},\"severity\":\"high\",\"title\":\"Arbitrary Code Execution\",\"type\":\"vuln\",\"uniqueSeveritiesList\":[\"high\"],\"url\":\"https://snyk.io/vuln/npm:ejs:20161128\",\"version\":\"0.8.8\"},\"projects\":[{\"id\":\"projectid\",\"name\":\"username/reponame\",\"packageManager\":\"npm\",\"source\":\"github\",\"targetFile\":\"package.json\",\"url\":\"https://snyk.io/org/orgname/project/projectid\"},{\"id\":\"projectid\",\"name\":\"someotheruser/someotherreponame\",\"packageManager\":\"npm\",\"source\":\"github\",\"targetFile\":\"folder1/package.json\",\"url\":\"https://snyk.io/org/orgname/project/projectid\"},{\"id\":\"projectid\",\"name\":\"projectname\",\"packageManager\":\"npm\",\"source\":\"cli\",\"targetFile\":\"package.json\",\"url\":\"https://snyk.io/org/orgname/project/projectid\"}]}"
},
"input": {
"type": "httpjson"
},
"snyk": {
"projects": [
{
"id": "projectid",
"name": "username/reponame",
"packageManager": "npm",
"source": "github",
"targetFile": "package.json",
"url": "https://snyk.io/org/orgname/project/projectid"
},
{
"id": "projectid",
"name": "someotheruser/someotherreponame",
"packageManager": "npm",
"source": "github",
"targetFile": "folder1/package.json",
"url": "https://snyk.io/org/orgname/project/projectid"
},
{
"id": "projectid",
"name": "projectname",
"packageManager": "npm",
"source": "cli",
"targetFile": "package.json",
"url": "https://snyk.io/org/orgname/project/projectid"
}
],
"related": {
"projects": [
"username/reponame",
"someotheruser/someotherreponame",
"projectname"
]
},
"vulnerabilities": {
"credit": [
"Snyk Security Research Team"
],
"cvss3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"disclosure_time": "2016-11-27T22:00:00.000Z",
"exploit_maturity": "no-known-exploit",
"id": "npm:ejs:20161128",
"identifiers": {
"alternative": [
"SNYK-JS-EJS-10218"
],
"cwe": [
"CWE-94"
]
},
"introduced_date": "2020-04-07",
"is_fixed": false,
"is_ignored": false,
"is_patchable": false,
"is_patched": false,
"is_pinnable": false,
"is_upgradable": false,
"language": "js",
"package": "ejs",
"package_manager": "npm",
"patches": [
{
"id": "patch:npm:ejs:20161128:0",
"modificationTime": "2019-12-03T11:40:45.851976Z",
"urls": [
"https://snyk-patches.s3.amazonaws.com/npm/ejs/20161128/ejs_20161128_0_0_3d447c5a335844b25faec04b1132dbc721f9c8f6.patch"
],
"version": "<2.5.3 >=2.2.4"
}
],
"priority_score": 4.05,
"publication_time": "2016-11-28T18:44:12.000Z",
"reachability": "No Info",
"semver": {
"vulnerable": [
"<2.5.3"
]
},
"title": "Arbitrary Code Execution",
"type": "vuln",
"unique_severities_list": [
"high"
],
"version": "0.8.8"
}
},
"tags": [
"preserve_original_event",
"forwarded",
"snyk-vulnerabilities"
],
"vulnerability": {
"category": [
"Github"
],
"classification": "CVSS",
"enumeration": "CVE",
"reference": "https://snyk.io/vuln/npm:ejs:20161128",
"scanner": {
"vendor": "Snyk"
},
"score": {
"base": 8.1,
"version": "3.0"
},
"severity": "high"
}
}
导出的字段
| 字段 | 描述 | 类型 |
|---|---|---|
@timestamp |
事件时间戳。 |
date |
data_stream.dataset |
数据流数据集名称。 |
constant_keyword |
data_stream.namespace |
数据流命名空间。 |
constant_keyword |
data_stream.type |
数据流类型。 |
constant_keyword |
event.dataset |
事件数据集 |
constant_keyword |
event.module |
事件模块 |
constant_keyword |
host.containerized |
主机是否为容器。 |
boolean |
host.os.build |
操作系统构建信息。 |
keyword |
host.os.codename |
操作系统代号(如果有)。 |
keyword |
input.type |
Filebeat 输入的类型。 |
keyword |
log.flags |
日志文件的标志。 |
keyword |
log.offset |
日志文件中条目的偏移量。 |
long |
snyk.projects |
包含所有相关项目对象的数组。 |
flattened |
snyk.related.projects |
所有相关项目 ID 的数组。 |
keyword |
snyk.vulnerabilities.credit |
参考最初发现漏洞的人员。 |
keyword |
snyk.vulnerabilities.cvss3 |
CSSv3 分数。 |
keyword |
snyk.vulnerabilities.disclosure_time |
此漏洞最初向软件包维护者披露的时间。 |
date |
snyk.vulnerabilities.exploit_maturity |
Snyk 漏洞利用成熟度级别。 |
keyword |
snyk.vulnerabilities.id |
漏洞参考 ID。 |
keyword |
snyk.vulnerabilities.identifiers.alternative |
其他漏洞标识符。 |
keyword |
snyk.vulnerabilities.identifiers.cwe |
CWE 漏洞标识符。 |
keyword |
snyk.vulnerabilities.introduced_date |
最初发现漏洞的日期。 |
date |
snyk.vulnerabilities.is_fixed |
是否已解决相关漏洞。 |
boolean |
snyk.vulnerabilities.is_ignored |
是否已忽略漏洞报告。 |
boolean |
snyk.vulnerabilities.is_patchable |
是否可以通过使用 Snyk 提供的补丁来修复漏洞。 |
boolean |
snyk.vulnerabilities.is_patched |
是否已修补漏洞。 |
boolean |
snyk.vulnerabilities.is_pinnable |
是否可以通过固定传递依赖项来修复漏洞。 |
boolean |
snyk.vulnerabilities.is_upgradable |
是否可以通过升级依赖项来修复漏洞。 |
boolean |
snyk.vulnerabilities.jira_issue_url |
指向相关 Jira 问题的链接。 |
keyword |
snyk.vulnerabilities.language |
软件包的编程语言。 |
keyword |
snyk.vulnerabilities.original_severity |
漏洞的原始严重性。 |
long |
snyk.vulnerabilities.package |
根据其包管理器,软件包标识符。 |
keyword |
snyk.vulnerabilities.package_manager |
包管理器。 |
keyword |
snyk.vulnerabilities.patches |
解决 Snyk 创建的问题所需的补丁。 |
flattened |
snyk.vulnerabilities.priority_score |
CVS 优先级分数。 |
long |
snyk.vulnerabilities.publication_time |
漏洞发布时间。 |
date |
snyk.vulnerabilities.reachability |
是否在扫描的代码中使用了库中存在漏洞的函数。可以是“无信息”、“可能可达”和“可达”。 |
keyword |
snyk.vulnerabilities.semver |
此问题适用的一个或多个 semver 范围。格式因包管理器而异。 |
flattened |
snyk.vulnerabilities.title |
问题标题。 |
keyword |
snyk.vulnerabilities.type |
问题类型。可以是“license”或“vulnerability”。 |
keyword |
snyk.vulnerabilities.unique_severities_list |
相关唯一严重性列表。 |
keyword |
snyk.vulnerabilities.version |
此问题适用的软件包版本。 |
keyword |
更新日志
编辑更新日志
| 版本 | 详情 | Kibana 版本 |
|---|---|---|
1.27.0 |
增强功能 (查看拉取请求) |
8.13.0 或更高版本 |
1.26.0 |
增强功能 (查看拉取请求) |
8.13.0 或更高版本 |
1.25.3 |
Bug 修复 (查看拉取请求) |
8.13.0 或更高版本 |
1.25.2 |
Bug 修复 (查看拉取请求) |
8.13.0 或更高版本 |
1.25.1 |
Bug 修复 (查看拉取请求) |
8.13.0 或更高版本 |
1.25.0 |
增强功能 (查看拉取请求) |
8.13.0 或更高版本 |
1.24.0 |
增强功能 (查看拉取请求) |
8.13.0 或更高版本 |
1.23.0 |
增强功能 (查看拉取请求) |
8.13.0 或更高版本 |
1.22.1 |
Bug 修复 (查看拉取请求) |
8.12.0 或更高版本 |
1.22.0 |
增强功能 (查看拉取请求) |
8.12.0 或更高版本 |
1.21.0 |
增强功能 (查看拉取请求) |
8.12.0 或更高版本 |
1.20.1 |
增强功能 (查看拉取请求) |
8.12.0 或更高版本 |
1.20.0 |
增强功能 (查看拉取请求) |
8.12.0 或更高版本 |
1.19.1 |
增强功能 (查看拉取请求) |
8.7.1 或更高版本 |
1.19.0 |
增强功能 (查看拉取请求) |
8.7.1 或更高版本 |
1.18.0 |
增强功能 (查看拉取请求) |
8.7.1 或更高版本 |
1.17.0 |
增强功能 (查看拉取请求) |
8.7.1 或更高版本 |
1.16.0 |
增强功能 (查看拉取请求) |
8.7.1 或更高版本 |
1.15.0 |
增强 (查看拉取请求) |
8.7.1 或更高版本 |
1.14.0 |
增强 (查看拉取请求) |
8.7.1 或更高版本 |
1.13.0 |
增强 (查看拉取请求) |
8.7.1 或更高版本 |
1.12.0 |
增强 (查看拉取请求) |
8.7.1 或更高版本 |
1.11.0 |
增强 (查看拉取请求) |
8.7.1 或更高版本 |
1.10.0 |
增强 (查看拉取请求) |
8.7.1 或更高版本 |
1.9.0 |
增强 (查看拉取请求) |
8.7.1 或更高版本 |
1.8.0 |
增强 (查看拉取请求) |
8.7.1 或更高版本 |
1.7.0 |
增强 (查看拉取请求) |
7.16.0 或更高版本 |
1.6.0 |
增强 (查看拉取请求) |
7.16.0 或更高版本 |
1.5.0 |
增强 (查看拉取请求) |
7.16.0 或更高版本 |
1.4.0 |
增强 (查看拉取请求) |
7.16.0 或更高版本 |
1.3.3 |
错误修复 (查看拉取请求) |
7.16.0 或更高版本 |
1.3.2 |
增强 (查看拉取请求) |
7.16.0 或更高版本 |
1.3.1 |
错误修复 (查看拉取请求) |
7.16.0 或更高版本 |
1.3.0 |
增强 (查看拉取请求) |
7.16.0 或更高版本 |
1.2.1 |
错误修复 (查看拉取请求) |
7.16.0 或更高版本 |
1.2.0 |
增强 (查看拉取请求) |
7.16.0 或更高版本 |
1.1.2 |
错误修复 (查看拉取请求) |
7.16.0 或更高版本 |
1.1.1 |
增强 (查看拉取请求) |
7.16.0 或更高版本 |
1.1.0 |
增强 (查看拉取请求) |
7.16.0 或更高版本 |
1.0.0 |
增强 (查看拉取请求) |
7.16.0 或更高版本 |