Export API: Specifications, columns, and filters

AWS

AWS S3 bucket

GCP

Google Cloud Storage (GCS) bucket

updated (from and to)

issues, usage

The date and time of the last update that affected any attribute in the dataset.

Use this filter during cyclic exports to export only data that was updated since the last export.

Acceptable format: YYYY-MM-DDTHH:MM:SSZ (example: 2024-11-28T09:10:00Z)

introduced (from and to)

issues

Date when the issue was introduced. Acceptable format: YYYY-MM-DDTHH:MM:SSZ (example: 2024-11-28T09:10:00Z)

orgs

issues, usage

Snyk Organization ID (available only for the Group endpoints).

environment

issues

The environment of the Project (case insensitive).

lifecycle

issues

The lifecycle of the Project (case insensitive).

product_name

issues

Name of the Snyk product that produced the issue (case sensitive).

project_type

issues

The scanning method to use for a particular Project (case sensitive).

project_tags

issues

All tags (as key:value pair) which have been assigned to this Project (case sensitive).

empty_project_tags

issues

Takes one of three values:

• include - Includes issues with null/empty project tags when using the project_tags filter.

• exclude - Excludes issues with null/empty project tags. (Not necessary when using the project_tags filter, which implicitly filters these out.)

• only - Returns only issues with null/empty project tags. Request will return 0 issues if the project_tags filter is also populated.

issue_status

issues

Filter by Open, Resolved, or Ignored.

issue_type

issues

Limit results to vulnerabilities or licenses.

project_origin

issues

Filter by source, such as CLI, GitHub, or Jenkins.

project_target_ref

issues

Target specific branches or artifacts.

cve

issues

Search for a specific vulnerability ID.

nvd_severity

issues

Filter based on external severity ratings.

reachability

issues

Separate reachable from unreachable vulnerabilities.

project_target_display_name

issues

Use human-readable names for your reports.

score

A score based on an analysis model. Priority score is released in General Availability, while Risk Score is in Early Access.

issue_severity

Indicates the assessed level of risk, critical, high, medium, or low.

snyk_cvss_score

The Snyk recommended Common Vulnerability Scoring System (CVSS) score.

nvd_severity

The severity of a vulnerability as rated by NVD.

nvd_score

The score of a vulnerability as calculated by NVD.

exploit_maturity

Represents the legacy existence and maturity, as defined by Snyk, of public exploits validated by Snyk, for example, Mature or Proof of Concept.

exploit_maturity_cvss_v4

Represents the existence and maturity of public exploits validated by Snyk, using the CVSS v4 values: Not Defined, POC, Attacked.

snyk_cvss_vector

The vector string of the metric values used to determine the CVSS score.

epss_score

The probability of exploitation in the wild in the next 30 days.

epss_percentile

The proportion of all vulnerabilities with the same or lower EPSS score.

reachability

Indicates whether the issue is related to functions that are being called by the application and thus has a greater risk of exploitability.

project_is_private_target

Indicates whether the Target's source is private or publicly reachable.

asset_class

The customer configured business criticality of the asset (A, most critical to D, least critical).

project_target_runtime

The environment in which the Target is executed and run.

project_criticalities

A Project attribute that indicates business criticality. For example, low, medium, high, critical.

project_lifecycles

A Project attribute, for example, production, development, sandbox.

asset_lifecycle

The lifecycle state of the asset.

project_environments

A Project attribute, for example, frontend, backend, internal, external, mobile, saas, onprem, hosted, distributed.

computed_fixability

Indicates whether the issue can be fixed based on the vulnerability remediation paths.

fixed_in_available

Indicates whether Is the given vulnerability fixed in a different version of the responsible source.

fixed_in_version

The first version in which a given vulnerability was fixed.

exists_in_direct_dependency

Indicates if the vulnerability exists in a direct dependency. If false, the vulnerability only exists in transitive dependencies.

group_public_id

A universally unique identifier for a Group, assigned in the source database of the record.

org_public_id

A universally unique identifier for an Organization, assigned in the source database of the record.

group_display_name

The display name set for this Group.

group_slug

The name of the Group within Snyk.

org_display_name

The display name set for this Organization.

org_slug

The name for the Organization within Snyk.

problem_id

Snyk Vulnerability Database ID that uniquely identifies the vulnerability.

product_name

The Snyk product which initially identified the issue.

problem_title

Name of the Snyk discovered vulnerability.

vuln_db_url

URL which directs to the Snyk Vulnerability Database.

issue_type

Indicates whether the issue is related to a vulnerability, license, or configuration.

issue_sub_type

A more granular variation of issue type.

issue_url

URL that directs to the given Project instance of this vulnerability on the Snyk website.

issue_status

Indicates whether the issue is open, resolved, or ignored.

issue_severity

Indicates the assessed level of risk, critical, high, medium, or low.

commit_id

they can be uniquely identified. Snyk provides Commit ID only for Snyk Code issues.

file_path

The path to the file where Snyk Code identified the specific issue.

code_region

The line numbers and columns range where the issues were found within a file.

code_region_display_value

The display representation of the line numbers and columns range where the issues was found within a file.

asset_finding_id

A unique issue ID in the level of repository, only applicable for Snyk Code issue

cve

The CVE ID(s).

cwe

The CWE ID(s).

introduction_category

A classification generated by Snyk describing how an issue was introduced in the context of using Snyk products, such as Baseline Issue, Non-Preventable Issue, and Preventable Issue.

package_name_and_version

The associated package name and version of the vulnerability.

semver_vulnerable_range

The vulnerable range of package versions (based on semantic versioning).

vulnerability_publication_date

The date a given vulnerability was first published by Snyk.

has_jira_issue_assigned

Displays true when at least one Jira issue is assigned, otherwise displays false.

cisa_kev

Indicates if the vulnerability is present in CISA Known Exploited Vulnerabilities catalog.

latest_jira_issue

The most recently created Jira Issue for this issue.

jira_issues

All Jira Issues ever created for this issue.

first_introduced

The timestamp of the first scan that identified the issue.

last_introduced

The most recent instance of an issue having been introduced (or reintroduced).

last_ignored

The most recent instance of an issue has been ignored within the Snyk product.

last_resolved

The most recent instance of an issue having been resolved.

issue_deleted_at

When the issue record was deleted from Snyk.

updated_at

When the issue or any related context was last updated.

project_public_id

A universally unique identifier for a Project, assigned in the source database or the record.

project_name

The name given to this Project, when added to Snyk.

project_url

The project URL in Snyk platform.

project_is_monitored

The Project is set to be actively monitored. By default, the API returns only monitored issues of the Project. To fetch issues of deactivated Projects, check the API parameters.

project_type

The scanning method to use for a particular Project, such as Static Application Security Testing (SAST) for scanning using Snyk Code, or Maven for a Maven Project using Snyk Open Source. This is part of the configuration for scanning.

project_type_display_name

A display name Snyk assigned to internal Project type values.

project_test_frequency

The frequency of testing for a given Project, for example, Daily, Weekly, and so on.

project_origin

The Origin defines the Target ecosystem, such as CLI, GitHub, or Kubernetes. Origins are a property of Targets.

project_target_ref

A reference that differentiates this Project, for example, a branch name or version. Projects having the same reference can be grouped based on that reference.

project_target_runtime

The environment in which the Target is executed and run.

project_target_display_name

A display name for the Project's Target.

project_is_private_target

Indicates whether the Target's source is private or publicly reachable

project_target_source_type

The hosting provider of a givenTarget, for example, docker-hub, github, and so on.

project_target_source_type_display_value

A display value that represents the grouping forTarget sources, for example, Source Control, Container Registry, and so on.

project_target_upstream_url

The URL that points to a Target's upstream source, such as a URL for a GitHub repository.

project_target_file

The full file path within a project that Snyk is targeting for security scanning, such as /var/www/composer.lock, /app/package.json, or other dependency manifest files.

project_criticalities

A Project attribute that indicates business criticality. For example, low, medium, high, critical.

project_lifecycles

A Project attribute, for example, production, development, sandbox.

project_environments

A Poject attribute, for example, frontend, backend, internal, external, mobile, saas, onprem, hosted, distributed.

project_collections

All Project collections to which this Project has been added.

project_tags

All tags which have been assigned to this Project.

project_owner_email

The email of the user assigned as the owner of this Project.

project_owner_username

The username of the user assigned as the owner of this Project.

asset_id

Asset ID.

parent_asset_id

Parent Asset ID.

asset_name

The display name of the asset.

parent_asset_name

The display name of the parent asset.

asset_class

The customer configured business criticality of the asset (A, most critical to D, least critical).

asset_type

Specific type of the asset (Repository, Package, Container Image, Image Package, or Scanned Artifact).

asset_tags

Array of the tags that were assigned to the asset based on imported data or user input.

repository_freshness

The repository activity status based on the last commit date.

asset_application

The application or service that the asset is associated with.

asset_owner

The code owner of the asset, usually a development team.

asset_category

Category from integrated development platforms, such as Backstage and Roadie.

asset_catalog_name

The catalog name as mentioned in the application context (ServiceNow, DataDog, and so on).

asset_lifecycle

The lifecycle state of the asset.

id

A unique identifier for an interaction event

product_display_name

The Snyk product used during this interaction, for example, Snyk Open Source, Snyk IaC, Snyk Code, Snyk Container.

interaction_type

The type of interaction, could be "Scan done". Scan Done indicates that a test was run no matter if the CLI or IDE ran it, other types can be freely chosen types.

interaction_categories

The category vector used to describe the interaction in detail, "oss", "test".

interaction_timestamp

When the interaction was started in UTC.

interaction_status

Status would be "success" or "failure", where success means the action was executed, while failure means it didn't run.

interaction_stage

The stage of the SDLC where the Interaction occurred, such as "dev"|"cicd"|"prchecks"|"unknown".

interaction_exit_code

The interaction's exit code as returned by the running process. More info about the exit codes and their meaning is available in Snyk Docs per a given interaction (test, monitor, and so on).

interaction_target_id

A purl is a URL composed of seven components. scheme:type/namespace/name@version?qualifiers#subpath The purl specification is available here: https://github.com/package-url/purl-spec Some purl examples pkg:github/package-url/purl-spec@244fd47e07d1004f0aed9c pkg:npm/%40angular/[email protected] pkg:pypi/[email protected]

updated_at

When the interaction event or any related context was last updated.

runtime_application_name

The application used to execute a snyk interaction, for example, PyCharm, Visual Studio, snyk-ls, snyk-cli.

runtime_application_version

The version of the integration.

runtime_application_data_schema_version

The data schema version of Snyk's runtime interactions. The current version (v2) was released in Q2 2024. Prior versions' data may behave differently.

runtime_platform_os

The operating system for the integration (darwin, windows, linux, etc).

runtime_platform_arch

The architecture for the integration (AMD64, ARM64, 386, ALPINE).

runtime_environment_name

The environment for the integration (e.g., IntelliJ Ultimate, Pycharm).

environment_display_name

The Environment used during this interaction, for example: CLI, Eclipse, Jetbrains IDE, Visual Studio, Visual Studio Code, or Other

runtime_environment_version

The version of the integration environment (e.g. 2023.3)

runtime_integration_name

The name of the integration, could be a plugin or extension.

runtime_integration_version

The version of the integration, for example: 2.3.4.

runtime_performance_duration_ms

The duration in milliseconds of the interaction

group_public_id

A universally unique identifier for a Group, assigned in the source database of the record.

org_public_id

A universally unique identifier for an Organization, assigned in the source database of the record.

group_display_name

The display name set for this Group.

group_slug

The name of the Group within Snyk.

org_display_name

The display name set for this Organization.

org_slug

The name for the Organization within Snyk.

user_email

The email of the user who was authenticated during the interaction.

user_name

The name of the user who was authenticated during the interaction.

public_id

UUID for the pull request check.

pr_check_group_id

The identifier of the parent pull request check Group. A pull request check Group represents each time Snyk runs pull request checks on a specific pull request for a given product. A single Group contains multiple pull request checks if the target repository has multiple Projects associated with a specific Snyk product (for example, multiple language dependencies).

test_id

Identifier of the test results associated with the test-service.

product_name

The Snyk product associated with the check, for example, Snyk Open Source or Snyk Code.

pr_check_state

The status of the individual check for a specific product type, for example, success, failure, or error.

pr_check_group_state

The aggregate status of the parent check group across all product checks, for example, success, failure, or error.

marked_as_success

Indicates whether the check group was manually marked as successful by a user, overriding a failure state.

pr_check_result_description

Summary of the check results.

pr_check_created_at

Timestamp when the pull request check was created.

pr_check_modified_at

Timestamp when the pull request check was last updated.

check_group_created_at

Timestamp when the parent check group was created.

check_group_modified_at

Timestamp when the parent check group was last updated.

updated_at

When the PR check or any related context was last updated.

pull_request

The pull request that triggered the check.

pull_data_ref

Reference of the pull request that triggered the check.

repository_name

The display name of the repository (target) associated with the project.

old_version_sha

Commit SHA for the base revision used in the scan.

new_version_sha

Commit SHA for the head revision used in the scan.

merge_base_version_sha

Commit SHA for the merge base between the compared revisions.

settings_policy

Description of the policy applied to the check run (for example, only_new or all).

settings_severity_threshold

The severity threshold at which the pull request check is configured to fail.

is_settings_fail_only_fixable

Indicates whether the check was configured to fail only on issues that have an available fix.

error_message

Human-readable error message when the check resulted in an error or skipped state.

error_code

Snyk error catalog code identifying the type of error, for example, SNYK-PR-CHECK-0009.

error_status

HTTP status code associated with the error.

error_catalog_url

URL to the Snyk error catalog documentation page for the specific error code.

error_classification

ACTIONABLE indicates that the input is not in a format or state usable by Snyk, but there are steps you can take to resolve the issue. UNSUPPORTED indicates that Snyk cannot handle the data sent. For example, a project that uses a version of Python that is no longer supported.

group_public_id

A universally unique identifier for a Group, assigned in the source database of the record.

org_public_id

A universally unique identifier for an Organization, assigned in the source database of the record.

group_display_name

The display name set for this Group.

group_slug

The name of the Group within Snyk.

org_display_name

The display name set for this Organization.

org_slug

The name for the Organization within Snyk.

asset_id

Identifier of the asset linked to the Project.

parent_asset_id

Identifier of the repository parent asset linked to the project.

project_public_id

A universally unique identifier for a Project, assigned in the source database of the record.

project_origin

The origin defines the Target ecosystem, such as CLI, GitHub, or Kubernetes.

project_type

The scanning method to use for a particular Project, such as Static Application Security Testing (SAST) for Snyk Code, or Maven for a Maven Project using Snyk Open Source.

project_type_display_name

A display name Snyk assigned to internal Project type values.

project_target_ref

A reference that differentiates this Project, for example, a branch name or version.

project_target_upstream_url

The URL that points to a Target's upstream source, such as a URL for a GitHub repository.

is_project_monitored

Indicates whether the Project is set to be actively monitored.

project_deleted_at

When the Project was deleted from Snyk.

org_deleted_at

When the Organization was deleted from Snyk.

group_deleted_at

When the Group was deleted from Snyk.

pr_checks_project_adoption_id

Key uniquely identifying this historical project PR checks adoption settings period.

effective_at

Timestamp when this project pr check configuration state became effective.

ends_at

Timestamp when this project pr check configuration state ended. No data if the configuration is currently active.

is_current_settings

Indicates whether this row represents the currently active configuration for the project.

updated_at

When the record or any related context was last updated.

test_pull_requests

Indicates whether PR testing is enabled at the project level. No data if the project inherits its setting from the integration.

pull_requests_policy

The policy applied to the check run, for example, only_new or all. No data if inheriting from the integration.

pull_requests_severity_threshold

The severity threshold at which PR checks are configured to fail. No data if inheriting from the integration.

is_pull_request_fail_only_for_issues_with_fix

Indicates whether PR checks are configured to fail only on issues that have an available fix. No data if inheriting from the integration.

product_name

The Snyk product associated with the project, for example, Snyk Open Source or Snyk Code.

project_public_id

A universally unique identifier for a Project, assigned in the source database of the record.

repository_name

The display name of the repository (target) associated with the project.

org_source_public_id

UUID for the organization source (integration) linked to the project.

source_integration_type

Type of source integration, for example, scm.

project_created

Timestamp when the project was created.

project_deleted

Timestamp when the project was deleted, if applicable.

target_deleted

Timestamp when the target containing the project was deleted, if applicable.

is_project_monitored_historical

Indicates whether the project was monitored during this historical settings period.

project_deleted_historical

Indicates whether the project was marked as deleted during this historical settings period.

project_type

The scanning method to use for a particular Project, such as Static Application Security Testing (SAST) for Snyk Code, or Maven for a Maven Project using Snyk Open Source.

project_type_display_name

A display name Snyk assigned to internal Project type values.

project_origin

The origin defines the Target ecosystem, such as CLI, GitHub, or Kubernetes.

project_target_ref

A reference that differentiates this Project, for example, a branch name or version.

project_target_upstream_url

The URL that points to a Target's upstream source, such as a URL for a GitHub repository.

is_project_monitored

Indicates whether the Project is currently set to be actively monitored.

project_deleted_at

When the Project was deleted from Snyk.

project_criticalities

A Project attribute that indicates business criticality, for example, low, medium, high, critical.

project_lifecycles

A Project attribute, for example, production, development, sandbox.

project_environments

A Project attribute, for example, frontend, backend, internal, external, mobile, saas, onprem, hosted, distributed.

project_collections

All Project collections to which this Project has been added.

project_tags

All tags which have been assigned to this Project.

group_public_id

A universally unique identifier for a Group, assigned in the source database of the record.

org_public_id

A universally unique identifier for an Organization, assigned in the source database of the record.

group_display_name

The display name set for this Group.

group_slug

The name of the Group within Snyk.

org_display_name

The display name set for this Organization.

org_slug

The name for the Organization within Snyk.

org_deleted_at

When the Organization was deleted from Snyk.

group_deleted_at

When the Group was deleted from Snyk.

asset_id

Identifier of the asset linked to the project.

parent_asset_id

Identifier of the repository parent asset linked to the project.

pr_checks_integration_adoption_id

Key uniquely identifying this historical integration PR checks adoption settings period.

effective_at

Timestamp when this integration pr check configuration state became effective.

ends_at

Timestamp when this integration pr check configuration state ended. No data if the configuration is currently active.

is_current_settings

Indicates whether this row represents the currently active configuration for the integration.

updated_at

When the record or any related context was last updated.

org_source_public_id

UUID for the organization source (integration).

source_type

Type of the source, for example, github, gitlab, bitbucket.

source_integration_type

Type of source integration, for example, scm.

org_source_created

Timestamp when the integration for the organization was created.

org_source_deleted

Timestamp when the integration for the organization was deleted.

org_source_deleted_historical

Indicates whether the integration was marked as deleted during this historical settings period.

is_pull_request_test_open_source_enabled

Indicates whether Snyk Open Source PR checks are enabled for the integration.

is_pull_request_check_open_source_fail_on_any_vulns

Indicates whether Snyk Open Source PR checks are configured to fail on any open source vulnerabilities versus only new ones.

is_pull_request_check_open_source_fail_only_for_high_or_critical_severity

Indicates whether Snyk Open Source PR checks are configured to fail only for high or critical severity open source issues.

is_pull_request_check_open_source_fail_only_for_issues_with_fix

Indicates whether Snyk Open Source PR checks are configured to fail only for open source issues that have an available fix.

is_pull_request_test_code_enabled

Indicates whether Snyk Code PR checks are enabled for the integration.

pull_request_check_code_severity

The severity threshold at which Snyk Code PR checks are configured to fail.

group_public_id

A universally unique identifier for a Group, assigned in the source database of the record.

org_public_id

A universally unique identifier for an Organization, assigned in the source database of the record.