Returns a paginated list of the controls from a knowledge base in the system.
URL
{RMUrl}/api/knowledge/knowledgebases/<KnowledgeBaseCode>/controls/[?[[&]$filter=<filter>][[&]page=<Page>][[&]page_size=<PageSize>][[&]$orderby=<field1[desc],field2[desc]…fieldN[desc]>]]
REQUEST METHOD
GET
URL PARAMETERS
KnowledgeBaseID: This parameter is provided in the URL and does not need to be sent through GET.
page: Number of the page to be displayed. Valid values: 1 to the maximum number of pages. If omitted, the value 1 is used. If the value is greater than the maximum number of pages, a blank list will be returned.
page_size: Number of items displayed per page. Valid values: 1 to 1,000. If omitted, the default value of 10 is used.
filter: Query based on the OData protocol syntax for configuring filters. The fields supported are listed below. See the examples to view the operations allowed.
orderby: Orders the controls listed on the page by field. To order by more than one field, use a comma between the field names. For descending order, add the word "desc" to each field. The supported fields are listed below.
FIELDS SUPPORTED BY FILTER
Guid Id;
string Grouping;
string Name;
int Probability;
string Reference;
string ControlID;
int Severity;
string Source;
For detailed information on filters as supported operators, which filters apply to which data types, and more examples, see Appendix 3: Filters.
REQUEST EXAMPLES
The first ten controls in a knowledge base (by default, ten controls are listed at a time):
{RMUrl}/api/knowledge/knowledgebases/e2e2b0f9-2578-4caa-b5d1-99d13166620e/controls
Controls 11 through 20 (second page):
{RMUrl}/api/knowledge/knowledgebases/e2e2b0f9-2578-4caa-b5d1-99d13166620e/controls?page=2
Filter by "Access permissions" in the "Name" field for the control:
{RMUrl}/api/knowledge/knowledgebases/e2e2b0f9-2578-4caa-b5d1-99d13166620e/controls?$filter=substringof('Access permissions',Name)
SUCCESS RESPONSE
List of objects with information on the controls according to the filters and page size specified.
Control[].
The Control object is in the following format:
Control
{
Guid Id;
string Name;
int Probability;
int Severity;
string Reference;
int Severity;
string Source;
string ControlID;
string Grouping;
}
SUCCESS RESPONSE EXAMPLE
{
"ControlID":"MOD_EN.00010926",
"Grouping":"System and Data Integrity",
"Id":"54458887-c6ed-47cd-9559-9d573b86a46e",
"Name":"Passwords should be complex",
"Probability":5,
"Reference":"Modulo Security Lab",
"Severity":4,
"Source":"Apache Tomcat Security Guide"
},
{
"ControlID":"MOD_EN.00020966",
"Grouping":"Monitoring Performance and Service",
"Id":"4906f3da-d765-41e5-aabe-904d9c65949c",
"Name":"The MS SQL Server 2005 should be configured to send warnings in case of high severity events.",
"Probability":4,
"Reference":"no references",
"Severity":4,
"Source":"Apache Tomcat Security Guide"
}