Export API: Specifications, columns, and filters

The Export API, which Snyk Analytics supports, makes it easier to export data by allowing users to create and manage CSV files. These files are safely stored by Snyk. Designed for efficiency and security, the Export API helps users organize and scale the export of large datasets, which is useful for reporting and analytics tasks.

You can use the Export API to export the Snyk issues dataset in the scope of Snyk Organization or Snyk Group. Navigate to the available columns and filters section to see the full lists.

Before running the first export, ensure that all API requests include:

The API version parameter. The latest version is 2024-10-15.
The authorization header. Use a user or a service account Snyk API Token.
The date of the current day for the version, if you want to autoupgrade when you use the API.

Data consumption process

The Export API includes three endpoints for each scope, where the scope can be Snyk Organization or Snyk Group. Use the following workflow to successfully run an export using this API.

Initiate the export Start by initiating an export process. The response to that request returns the export_id.Set the filters and columns based on your preferences.

POST /groups/{group_id}/export

Validate the export status Validate the status using the export status endpoint and the export_id returned in the previous step. Available statuses:
- PENDING - the export process is preparing to start
- STARTED - the export process has started
- FINISHED - the export process has completed successfully. If the process finishes successfully when this request arrives, the results data will be included in the response.
- ERROR - the export process has failed

GET /groups/{group_id}/jobs/export/{export_id}

Fetch results After the export process returns the FINISHED status, fetch the exported files using the export result endpoint. Use the export_id returned in the first step.

GET /groups/{group_id}/export/{export_id}

Export API specifications

Data freshness

The data provided by the Export API service updates approximately every two hours. Given the data freshness, cyclic exports should not be scheduled more frequently than once every two hours.

Rate limits

The API is limited by:

The actual data consumption compared to the number of API calls; this allows for the consumption of up to five million records daily.
The export POST endpoint allows up to 20 export requests per hour, while the status checks and results retrieval are unlimited.

Given that the data is typically refreshed every two hours, Snyk anticipates that the applied rate limits will allow comfortable consumption. Snyk recommends requesting an export per relevant Group once in a few hours or on a daily basis.

Data retention

The exported CSV files will remain available in the designated S3 bucket for a period of three days.

While the files are accessible for three days, the self-signed link to retrieve the export results is available only for 60 minutes after its creation.

Available columns and filters

Default filters

If the Export API call does not include a definition for the specific filters, the returned data is scoped by default to fetch issues that were introduced.

Default columns

If the Export API call does not define the specific columns, the returned data includes all the available columns by default.

Available filters

Although the requested filters are not case-sensitive, the values for those filters are case-sensitive.

Use the exact filter value as it appears in the Snyk Web UI. To clarify this requirement, case-sensitive filters are indicated in the table of available filters.

Filter

Description

updated (from and to)

The date and time of the last update that affected any attribute in the dataset.

Use this filter during cyclic exports to export only data that was updated since the last export.

Acceptable format: YYYY-MM-DDTHH:MM:SSZ (example: 2024-11-28T09:10:00Z)

introduced (from and to)

Date when the issue was introduced. Acceptable format: YYYY-MM-DDTHH:MM:SSZ (example: 2024-11-28T09:10:00Z)

orgs

Snyk Organization ID (available only for the Group endpoints).

environment

The environment of the Project (case sensitive).

lifecycle

The lifecycle of the Project (case sensitive).

Available columns

A list of all columns that can be easily copied to the request body

"PROBLEM_ID",
"GROUP_PUBLIC_ID",
"GROUP_DISPLAY_NAME",
"ORG_PUBLIC_ID",
"ORG_SLUG",
"EPSS_SCORE",
"EPSS_PERCENTILE",
"ISSUE_SEVERITY",
"SCORE",
"NVD_SCORE",
"PROBLEM_TITLE",
"CVE",
"CWE",
"VULN_DB_URL",
"NVD_SEVERITY",
"PROJECT_NAME",
"PROJECT_URL",
"PROJECT_PUBLIC_ID",
"PROJECT_IS_MONITORED",
"PROJECT_OWNER_USERNAME",
"PROJECT_ORIGIN",
"PROJECT_CRITICALITIES",
"PROJECT_ENVIRONMENTS",
"PROJECT_LIFECYCLES",
"PROJECT_TAGS",
"PROJECT_TARGET_DISPLAY_NAME",
"PROJECT_TARGET_REF",
"PROJECT_COLLECTIONS",
"EXPLOIT_MATURITY",
"COMPUTED_FIXABILITY",
"EXISTS_IN_DIRECT_DEPENDENCY",
"FIRST_INTRODUCED",
"LAST_INTRODUCED",
"LAST_IGNORED",
"LAST_RESOLVED",
"PRODUCT_NAME",
"ISSUE_URL",
"ISSUE_STATUS",
"ISSUE_TYPE",
"ISSUE_SUB_TYPE",
"FIXED_IN_AVAILABLE",
"FIXED_IN_VERSION",
"SEMVER_VULNERABLE_RANGE",
"INTRODUCTION_CATEGORY",
"VULNERABILITY_PUBLICATION_DATE",
"PACKAGE_NAME_AND_VERSION",
"SNYK_CVSS_SCORE",
"SNYK_CVSS_VECTOR",
"REACHABILITY",
"GROUP_SLUG",
"ORG_DISPLAY_NAME",
"PROJECT_TYPE",
"PROJECT_TYPE_DISPLAY_NAME",
"PROJECT_TEST_FREQUENCY",
"PROJECT_TARGET_RUNTIME",
"PROJECT_IS_PRIVATE_TARGET",
"PROJECT_TARGET_SOURCE_TYPE",
"PROJECT_TARGET_SOURCE_TYPE_DISPLAY_VALUE",
"PROJECT_TARGET_UPSTREAM_URL",
"PROJECT_OWNER_EMAIL",
"ISSUE_DELETED_AT",
"PROJECT_DELETED_AT",
"GROUP_DELETED_AT",
"COMMIT_ID",
"FILE_PATH",
"CODE_REGION",
"CODE_REGION_DISPLAY_VALUE",
"ASSET_FINDING_ID",
"ASSET_ID",
"PARENT_ASSET_ID",
"ASSET_NAME",
"PARENT_ASSET_NAME",
"ASSET_CLASS",
"ASSET_TYPE",
"ASSET_TAGS",
"REPOSITORY_FRESHNESS",
"ASSET_APPLICATION",
"ASSET_OWNER",
"ASSET_CATEGORY",
"ASSET_CATALOG_NAME",
"ASSET_LIFECYCLE",
"JIRA_ISSUES",
"HAS_JIRA_ISSUE_ASSIGNED",
"LATEST_JIRA_ISSUE",
"UPDATED_AT"

Severity

Column name

Description

score

A score based on an analysis model. Priority score is released in General Availability, while Risk Score is in Early Access.

issue_severity

Indicates the assessed level of risk, critical, high, medium, or low.

snyk_cvss_score

The Snyk recommended Common Vulnerability Scoring System (CVSS) score.

nvd_severity

The severity of a vulnerability as rated by NVD.

nvd_score

The score of a vulnerability as calculated by NVD.

Likelihood

Column name

Description

exploit_maturity

Represents the existence and maturity of public exploits validated by Snyk, such as Mature and Proof of Concept.

snyk_cvss_vector

The vector string of the metric values used to determine the CVSS score.

epss_score

The probability of exploitation in the wild in the next 30 days.

epss_percentile

The proportion of all vulnerabilities with the same or lower EPSS score.

reachability

Indicates whether the issue is related to functions that are being called by the application and thus has a greater risk of exploitability.

project_is_private_target

Indicates whether the Target's source is private or publicly reachable.

Impact

Column name

Description

asset_class

The customer configured business criticality of the asset (A, most critical to D, least critical).

project_target_runtime

The environment in which the Target is executed and run.

project_criticalities

A Project attribute that indicates business criticality. For example, low, medium, high, critical.

project_lifecycles

A Project attribute, for example, production, development, sandbox.

asset_lifecycle

The lifecycle state of the asset.

project_environments

A Project attribute, for example, frontend, backend, internal, external, mobile, saas, onprem, hosted, distributed.

SCA fixability

Column name

Description

computed_fixability

Indicates whether the issue can be fixed based on the vulnerability remediation paths.

fixed_in_available

Indicates whether Is the given vulnerability fixed in a different version of the responsible source.

fixed_in_version

The first version in which a given vulnerability was fixed.

exists_in_direct_dependency

Indicates if the vulnerability exists in a direct dependency. If false, the vulnerability only exists in transitive dependencies.

Snyk hierarchy

Column name

Description

group_public_id

A universally unique identifier for a Group, assigned in the source database of the record.

org_public_id

A universally unique identifier for an Organization, assigned in the source database of the record.

group_display_name

The display name set for this Group.

group_slug

The name of the Group within Snyk.

org_display_name

The display name set for this Organization.

org_slug

The name for the Organization within Snyk.

Issue context

Column name

Description

problem_id

Snyk Vulnerability Database ID that uniquely identifies the vulnerability.

product_name

The Snyk product which initially identified the issue.

problem_title

Name of the Snyk discovered vulnerability.

vuln_db_url

URL which directs to the Snyk Vulnerability Database.

issue_type

Indicates whether the issue is related to a vulnerability, license, or configuration.

issue_sub_type

A more granular variation of issue type.

issue_url

URL that directs to the given Project instance of this vulnerability on the Snyk website.

issue_status

Indicates whether the issue is open, resolved, or ignored.

issue_severity

Indicates the assessed level of risk, critical, high, medium, or low.

commit_id

they can be uniquely identified. Snyk provides Commit ID only for Snyk Code issues.

file_path

The path to the file where Snyk Code identified the specific issue.

code_region

The line numbers and columns range where the issues were found within a file.

code_region_display_value

The display representation of the line numbers and columns range where the issues was found within a file.

asset_finding_id

A unique issue ID in the level of repository, only applicable for Snyk Code issue

cve

The CVE ID(s).

cwe

The CWE ID(s).

introduction_category

A classification generated by Snyk describing how an issue was introduced in the context of using Snyk products, such as Baseline Issue, Non-Preventable Issue, and Preventable Issue.

package_name_and_version

The associated package name and version of the vulnerability.

semver_vulnerable_range

The vulnerable range of package versions (based on semantic versioning).

vulnerability_publication_date

The date a given vulnerability was first published by Snyk.

has_jira_issue_assigned

Displays true when at least one Jira issue is assigned, otherwise displays false.

latest_jira_issue

The most recently created Jira Issue for this issue.

jira_issues

All Jira Issues ever created for this issue.

first_introduced

The timestamp of the first scan that identified the issue.

last_introduced

The most recent instance of an issue having been introduced (or reintroduced).

last_ignored

The most recent instance of an issue has been ignored within the Snyk product.

last_resolved

The most recent instance of an issue having been resolved.

issue_deleted_at

When the issue record was deleted from Snyk.

updated_at

When the issue or any related context was last updated.

Project and Target context

Column name

Description

project_public_id

A universally unique identifier for a Project, assigned in the source database or the record.

project_name

The name given to this Project, when added to Snyk.

project_url

The project URL in Snyk platform.

project_is_monitored

The Project is set to be actively monitored. By default, the API returns only monitored issues of the Project. To fetch issues of deactivated Projects, check the API parameters.

project_type

The scanning method to use for a particular Project, such as Static Application Security Testing (SAST) for scanning using Snyk Code, or Maven for a Maven Project using Snyk Open Source. This is part of the configuration for scanning.

project_type_display_name

A display name Snyk assigned to internal Project type values.

project_test_frequency

The frequency of testing for a given Project, for example, Daily, Weekly, and so on.

project_origin

The Origin defines the Target ecosystem, such as CLI, GitHub, or Kubernetes. Origins are a property of Targets.

project_target_ref

A reference that differentiates this Project, for example, a branch name or version. Projects having the same reference can be grouped based on that reference.

project_target_runtime

The environment in which the Target is executed and run.

project_target_display_name

A display name for the Project's Target.

project_is_private_target

Indicates whether the Target's source is private or publicly reachable

project_target_source_type

The hosting provider of a givenTarget, for example, docker-hub, github, and so on.

project_target_source_type_display_value

A display value that represents the grouping forTarget sources, for example, Source Control, Container Registry, and so on.

project_target_upstream_url

The URL that points to a Target's upstream source, such as a URL for a GitHub repository.

project_criticalities

A Project attribute that indicates business criticality. For example, low, medium, high, critical.

project_lifecycles

A Project attribute, for example, production, development, sandbox.

project_environments

A Poject attribute, for example, frontend, backend, internal, external, mobile, saas, onprem, hosted, distributed.

project_collections

All Project collections to which this Project has been added.

project_tags

All tags which have been assigned to this Project.

project_owner_email

The email of the user assigned as the owner of this Project.

project_owner_username

The username of the user assigned as the owner of this Project.

Assets and application context

Column name

Description

asset_id

Asset ID.

parent_asset_id

Parent Asset ID.

asset_name

The display name of the asset.

parent_asset_name

The display name of the parent asset.

asset_class

The customer configured business criticality of the asset (A, most critical to D, least critical).

asset_type

Specific type of the asset (Repository, Package, Container Image, Image Package, or Scanned Artifact).

asset_tags

Array of the tags that were assigned to the asset based on imported data or user input.

repository_freshness

The repository activity status based on the last commit date.

asset_application

The application or service that the asset is associated with.

asset_owner

The code owner of the asset, usually a development team.

asset_category

Category from integrated development platforms, such as Backstage and Roadie.

asset_catalog_name

The catalog name as mentioned in the application context (ServiceNow, DataDog, and so on).

asset_lifecycle

The lifecycle state of the asset.

PreviousUsing specific Snyk APIs NextIssues: List issues for a package

Last updated 8 hours ago

Was this helpful?