Findings Export Fields and Associated CSV Keys

On the Export Findings page you can export data from the Findings page in either CSV or JSON format. When you export a CSV file, it will contain keys and their corresponding values. However, some of the keys used in the CSV may not clearly match the export fields selected for each Finding Type. The tables below provide a reference that maps the export fields to their corresponding CSV keys for each Finding Type.

Host Audit Findings Export Mapping

The following table shows the mapping of each Host Audit Export Field to the associated key in the exported CSV file.

Host Audit Findings Export Fields Host Audit Findings Export CSV Keys
Asset Agent Name asset.agent_name
Asset ID asset.id
Asset IP Address asset.ip_addresses
Asset Name asset.name
Audit Description compliance.audit_description
Audit File compliance.audit_file
Audit Name compliance.audit_name
Benchmark compliance.benchmark
Benchmark Specification Name compliance.benchmark_name
Benchmark Version compliance.benchmark_version
Compliance Check ID compliance_check_id
Control ID compliance.control_id
Db Type compliance.db_type
DNS List asset.fqdns
Error Value error_value
Finding ID id
First Audited first_seen
FQDN asset.display_fqdn
Full ID compliance.full_id
Functional ID compliance.functional_id
Host asset.host_name
Info compliance.info
Information ID compliance.informational_id
Last Audited last_observed
Last Fixed last_fixed
MAC Address asset.display_mac_address
Metadata ID metadata_id
NetBIOS Name asset.netbios_name
Operating Systems asset.operating_systems
Original Result original_compliance_result
Output definition.output
Plugin ID definition.id
Plugin Name definition.name
Policy Expectation compliance.policy_expectation
Profile Name compliance.profile_name
Reference Information definition.references
References compliance.references
Result compliance_result
Result Modified result_modification
Result Modified Reason result_modification_rule.comment
Result Modified Expires result_modification_rule.expires_at
Solution compliance.audit_solution
System Type asset.system_type
Tags asset.tags
Uname output uname_output

Use this link to download the CSV file for the Host Audit Findings Export Mappings.

Vulnerabilities Findings Export Mapping

The following table shows the mapping of each Vulnerabilities Findings Export Field to the associated key in the exported CSV file.

Vulnerabilities Findings Export Fields Vulnerabilities Findings Export CSV Keys
Age age_in_days
FQDN asset.display_fqdn
IPv4 Address asset.ipv4_addresses
IPv6 Address asset.ipv6_addresses
Last Authenticated Scan asset.last_authenticated_scan_time
MAC Address asset.display_mac_address
Host asset.host_name
Asset ID asset.id
Asset Name asset.name
NetBIOS Name asset.netbios_name
Type asset.network.id
Network asset.network.name
Operating Systems asset.operating_systems
System Type asset.system_type
Tags asset.tags
Asset Inventory asset_inventory
Default/Known Account default_account
Bugtraq ID definition.bugtraq
CPE definition.cpe
CVE definition.cve
CVSSv2 Base Score definition.cvss2.base_score
CVSSv2 Vector definition.cvss2.base_vector
CVSSv2 Temporal Score definition.cvss2.temporal_score
CVSSv2 Temporal Vector definition.cvss2.temporal_vector
CVSSv3 Base Score definition.cvss3.base_score
CVSSv3 Vector definition.cvss3.base_vector
CVSSv3 Temporal Score definition.cvss3.temporal_score
CVSSv3 Temporal Vector definition.cvss3.temporal_vector
CVSSv4 Base Score definition.cvss4.base_score
CVSSv4 Vector definition.cvss4.base_vector
CWE definition.cwe
Plugin Description definition.description
EPSS definition.epss.score
Exploitability Ease definition.exploitability_ease
Exploited By Malware definition.exploited_by_malware
Exploited By Nessus definition.exploited_by_nessus
Plugin Family definition.family
Finding ID id
IAVA ID definition.iava
IAVB ID definition.iavb
IAVM Severity definition.iavm
IAVT ID definition.iavt
Plugin ID definition.id
In The News definition.in_the_news
Malware definition.malware
Plugin Name definition.name
Patch Published definition.patch_published
Plugin Published definition.plugin_published
Plugin Updated definition.plugin_updated
Plugin Version definition.plugin_version
Reference Information definition.references
See Also definition.see_also
Original Severity definition.severity
Solution definition.solution
Stig Severity definition.stig_severity
Synopsis definition.synopsis
Plugin Type definition.type
Unsupported By Vendor definition.unsupported_by_vendor
Vendor Severity definition.vendor_severity
Age of Vuln (High) definition.vpr.drivers_age_of_vulns_high
Age of Vuln (Low) definition.vpr.drivers_age_of_vulns_low
CVSSv3 Impact Score definition.vpr.drivers_cvss3_impact_score
Exploit Code Maturity definition.vpr.drivers_exploit_code_maturity
Product Coverage definition.vpr.drivers_product_coverage
Threat Intensity definition.vpr.drivers_threat_intensity
Threat Recency (High) definition.vpr.drivers_threat_recency_high
Threat Recency (Low) definition.vpr.drivers_threat_recency_low
Threat Sources definition.vpr.drivers_threat_sources
VPR definition.vpr.score
VPR (Beta) Key Driver CVE ID definition.vpr_v2.drivers_cve_id
VPR (Beta) Key Driver Exploit Chain definition.vpr_v2.drivers_exploit_chain
VPR (Beta) Key Driver Exploit Code Maturity definition.vpr_v2.drivers_exploit_code_maturity
VPR (Beta) Key Driver Exploit Probability definition.vpr_v2.drivers_exploit_probability
VPR (Beta) Key Driver In the News Intensity, last 30 days definition.vpr_v2.drivers_in_the_news_intensity_last_30
VPR (Beta) Key Driver In the News Recency definition.vpr_v2.drivers_in_the_news_recency
VPR (Beta) Key Driver In the News Sources, last 30 days definition.vpr_v2.drivers_in_the_news_sources_last_30
VPR (Beta) Key Driver Malware Observations Intensity, last 30 days definition.vpr_v2.drivers_malware_observations_intensity_last_30
VPR (Beta) Key Driver Malware Observations Recency definition.vpr_v2.drivers_malware_observations_recency
VPR (Beta) Key Driver On CISA KEV definition.vpr_v2.drivers_on_cisa_kev
VPR (Beta) Key Driver Targeted Industries definition.vpr_v2.drivers_targeted_industries
VPR (Beta) Key Driver Targeted Regions definition.vpr_v2.drivers_targeted_regions
VPR (Beta) Key Driver VPR Percentile definition.vpr_v2.drivers_vpr_percentile
VPR (Beta) Key Driver VPR Severity definition.vpr_v2.drivers_vpr_severity
VPR (Beta) definition.vpr_v2.score
Vulnerability Published definition.vulnerability_published
Workaround definition.workaround
Workaround Published definition.workaround_published
Workaround Type definition.workaround_type
First Seen first_observed
Scan ID scan.id
Last Fixed last_fixed
Last Seen last_seen
Plugin Output output
Port port
Protocol protocol
Recast Reason recast_reason
Resurfaced Date resurfaced_date
Risk Modified risk_modified
Scan ID scan.id
Last Scan Target scan.target
Severity severity
Software Information software_vulns
Source source
State state
Time Taken to Fix time_to_fix
Vulnerability Age vuln_age
Vuln SLA Date vuln_sla_date

Use this link to download the CSV file for the Vulnerabilities Findings Export Mappings.

Web Application Findings Export Mapping

The following table shows the mapping of each Web Application Finding Export Field to the associated key in the exported CSV file.

Web App Findings Export Fields in UI Web App Findings Export CSV Keys
Age age_in_days
Asset ID asset_id
Asset Name asset.name
CVSSv2 Base Score definition.cvss2.base_score
CVSSv2 Vector definition.cvss2.base_vector
CVSSv3 Base Score definition.cvss3.base_score
CVSSv3 Vector definition.cvss3.base_vector
CVSSv4 Base Score definition.cvss4.base_score
CVSSv4 Vector definition.cvss4.base_vector
Finding ID finding_id
First Seen first_observed
FQDN asset.display_fqdn
Host asset.host_name
IPv4 Address asset.display_ipv4_addresses
Last Fixed last_fixed
Last Seen last_seen
MAC Address asset.display_mac_address
Operating System asset.operating_system
Original Severity severity
Plugin Description definition.description
Plugin Family definition.family
Plugin ID definition.id
Plugin Updated definition.plugin_updated
Plugin Name definition.name
Plugin Output output
Plugin Published definition.plugin_published
Reference Information definition.references
Resurfaced Date resurfaced_date
Risk Modified risk_modified
See Also definition.see_also
Severity definition.severity
Solution definition.solution
State state
System Type asset.system_type
Tags asset.tags
VPR definition.vpr.score
VPR (Beta) Key Driver CVE ID definition.vpr_v2.drivers_cve_id
VPR (Beta) Key Driver Exploit Chain definition.vpr_v2.drivers_exploit_chain
VPR (Beta) Key Driver Exploit Code Maturity definition.vpr_v2.drivers_exploit_code_maturity
VPR (Beta) Key Driver Exploit Probability definition.vpr_v2.drivers_exploit_probability
VPR (Beta) Key Driver In the News Intensity, last 30 days definition.vpr_v2.drivers_in_the_news_intensity_last_30
VPR (Beta) Key Driver In the News Recency definition.vpr_v2.drivers_in_the_news_recency
VPR (Beta) Key Driver In the News Sources, last 30 days definition.vpr_v2.drivers_in_the_news_sources_last_30
VPR (Beta) Key Driver Malware Observations Intensity, last 30 days definition.vpr_v2.drivers_malware_observations_intensity_last_30
VPR (Beta) Key Driver Malware Observations Recency definition.vpr_v2.drivers_malware_observations_recency
VPR (Beta) Key Driver On CISA KEV definition.vpr_v2.drivers_on_cisa_kev
VPR (Beta) Key Driver Targeted Industries definition.vpr_v2.drivers_targeted_industries
VPR (Beta) Key Driver Targeted Regions definition.vpr_v2.drivers_targeted_regions
VPR (Beta) Key Driver VPR Percentile definition.vpr_v2.drivers_vpr_percentile
VPR (Beta) Key Driver VPR Severity definition.vpr_v2.drivers_vpr_severity
VPR (Beta) definition.vpr_v2.score
Vuln SLA Date vuln_sla_date

Use this link to download the CSV file for the Web Application Findings Export Mappings.