Exporting Compliance Findings


Exporting Compliance Findings

Exporting Individual Checks or Standards

You can export findings for specific checks and standards directly from the Kion console.

To export findings for a check or standard:

  1. Navigate to Compliance > All Compliance Standards or Compliance > All Compliance Checks.
  2. Click the name of the standard or check.
  3. Click the Findings tab.
  4. Click the Export button.

Exporting All Findings Across Your Environment

You can leverage the Kion Public API to grab all active findings in the environment and filter by project ID or standard ID using the GET /api/v4/compliance/finding endpoint.

To export compliance findings using the Kion public API:

  1. Create a new Kion API Key. For more information, see Getting Started with the Kion Public API.
  2. Run the following cURL command and parse it to a .json file. Be sure to replace YOUR-CLOUDTAMER-URL and APP_API_KEY_HERE:
     curl -X GET "https://YOUR-CLOUDTAMER-URL.com/api/v4/compliance/finding?finding_type=active" -H "accept: application/json" -H "Authorization: Bearer APP_API_KEY_HERE" > findings.json       
  3. Install jq using package managers, like brew install jq, or via the github project here: https://stedolan.github.io/jq/download/.
    jq is used to get more advanced parsing of the .json output and to parse the file to .csv.
  4. Once jq has been installed, cat the findings.json file in formatted json using:
    cat findings.json|jq
  5. Take the following fields from the findings.json file and parse them to a new file, findings.csv :
    jq -r '.data.items[] | [.check_name, .project_id,.project_name, .finding.resource_type, .finding.resource_name, .standard_name, .check_name, .severity_type_id, .account_number, .parent_ou_name, .region, .created_at ] | @csv' findings.json > findings.csv