Findings Export Fields and Associated CSV Keys
On the Export Findings page you can export data from the Findings page in either CSV or JSON format. When you export a CSV file, it will contain keys and their corresponding values. However, some of the keys used in the CSV may not clearly match the export fields selected for each Finding Type. The tables below provide a reference that maps the export fields to their corresponding CSV keys for each Finding Type.
Host Audit Findings Export Mapping
The following table shows the mapping of each Host Audit Export Field to the associated key in the exported CSV file.
| Host Audit Findings Export Fields | Host Audit Findings Export CSV Keys |
|---|---|
| Asset Agent Name | asset.agent_name |
| Asset ID | asset.id |
| Asset IP Address | asset.ip_addresses |
| Asset Name | asset.name |
| Audit Description | compliance.audit_description |
| Audit File | compliance.audit_file |
| Audit Name | compliance.audit_name |
| Benchmark | compliance.benchmark |
| Benchmark Specification Name | compliance.benchmark_name |
| Benchmark Version | compliance.benchmark_version |
| Compliance Check ID | compliance_check_id |
| Control ID | compliance.control_id |
| Db Type | compliance.db_type |
| DNS List | asset.fqdns |
| Error Value | error_value |
| Finding ID | id |
| First Audited | first_seen |
| FQDN | asset.display_fqdn |
| Full ID | compliance.full_id |
| Functional ID | compliance.functional_id |
| Host | asset.host_name |
| Info | compliance.info |
| Information ID | compliance.informational_id |
| Last Audited | last_observed |
| Last Fixed | last_fixed |
| MAC Address | asset.display_mac_address |
| Metadata ID | metadata_id |
| NetBIOS Name | asset.netbios_name |
| Operating Systems | asset.operating_systems |
| Original Result | original_compliance_result |
| Output | definition.output |
| Plugin ID | definition.id |
| Plugin Name | definition.name |
| Policy Expectation | compliance.policy_expectation |
| Profile Name | compliance.profile_name |
| Reference Information | definition.references |
| References | compliance.references |
| Result | compliance_result |
| Result Modified | result_modification |
| Result Modified Reason | result_modification_rule.comment |
| Result Modified Expires | result_modification_rule.expires_at |
| Solution | compliance.audit_solution |
| System Type | asset.system_type |
| Tags | asset.tags |
| Uname output | uname_output |
Use this link to download the CSV file for the Host Audit Findings Export Mappings.
Vulnerabilities Findings Export Mapping
The following table shows the mapping of each Vulnerabilities Findings Export Field to the associated key in the exported CSV file.
| Vulnerabilities Findings Export Fields | Vulnerabilities Findings Export CSV Keys |
|---|---|
| Age | age_in_days |
| FQDN | asset.display_fqdn |
| IPv4 Address | asset.ipv4_addresses |
| IPv6 Address | asset.ipv6_addresses |
| Last Authenticated Scan | asset.last_authenticated_scan_time |
| MAC Address | asset.display_mac_address |
| Host | asset.host_name |
| Asset ID | asset.id |
| Asset Name | asset.name |
| NetBIOS Name | asset.netbios_name |
| Type | asset.network.id |
| Network | asset.network.name |
| Operating Systems | asset.operating_systems |
| System Type | asset.system_type |
| Tags | asset.tags |
| Asset Inventory | asset_inventory |
| Default/Known Account | default_account |
| Bugtraq ID | definition.bugtraq |
| CPE | definition.cpe |
| CVE | definition.cve |
| CVSSv2 Base Score | definition.cvss2.base_score |
| CVSSv2 Vector | definition.cvss2.base_vector |
| CVSSv2 Temporal Score | definition.cvss2.temporal_score |
| CVSSv2 Temporal Vector | definition.cvss2.temporal_vector |
| CVSSv3 Base Score | definition.cvss3.base_score |
| CVSSv3 Vector | definition.cvss3.base_vector |
| CVSSv3 Temporal Score | definition.cvss3.temporal_score |
| CVSSv3 Temporal Vector | definition.cvss3.temporal_vector |
| CVSSv4 Base Score | definition.cvss4.base_score |
| CVSSv4 Vector | definition.cvss4.base_vector |
| CWE | definition.cwe |
| Plugin Description | definition.description |
| EPSS | definition.epss.score |
| Exploitability Ease | definition.exploitability_ease |
| Exploited By Malware | definition.exploited_by_malware |
| Exploited By Nessus | definition.exploited_by_nessus |
| Plugin Family | definition.family |
| Finding ID | id |
| IAVA ID | definition.iava |
| IAVB ID | definition.iavb |
| IAVM Severity | definition.iavm |
| IAVT ID | definition.iavt |
| Plugin ID | definition.id |
| In The News | definition.in_the_news |
| Malware | definition.malware |
| Plugin Name | definition.name |
| Patch Published | definition.patch_published |
| Plugin Published | definition.plugin_published |
| Plugin Updated | definition.plugin_updated |
| Plugin Version | definition.plugin_version |
| Reference Information | definition.references |
| See Also | definition.see_also |
| Original Severity | definition.severity |
| Solution | definition.solution |
| Stig Severity | definition.stig_severity |
| Synopsis | definition.synopsis |
| Plugin Type | definition.type |
| Unsupported By Vendor | definition.unsupported_by_vendor |
| Vendor Severity | definition.vendor_severity |
| Age of Vuln (High) | definition.vpr.drivers_age_of_vulns_high |
| Age of Vuln (Low) | definition.vpr.drivers_age_of_vulns_low |
| CVSSv3 Impact Score | definition.vpr.drivers_cvss3_impact_score |
| Exploit Code Maturity | definition.vpr.drivers_exploit_code_maturity |
| Product Coverage | definition.vpr.drivers_product_coverage |
| Threat Intensity | definition.vpr.drivers_threat_intensity |
| Threat Recency (High) | definition.vpr.drivers_threat_recency_high |
| Threat Recency (Low) | definition.vpr.drivers_threat_recency_low |
| Threat Sources | definition.vpr.drivers_threat_sources |
| VPR | definition.vpr.score |
| VPR (Beta) Key Driver CVE ID | definition.vpr_v2.drivers_cve_id |
| VPR (Beta) Key Driver Exploit Chain | definition.vpr_v2.drivers_exploit_chain |
| VPR (Beta) Key Driver Exploit Code Maturity | definition.vpr_v2.drivers_exploit_code_maturity |
| VPR (Beta) Key Driver Exploit Probability | definition.vpr_v2.drivers_exploit_probability |
| VPR (Beta) Key Driver In the News Intensity, last 30 days | definition.vpr_v2.drivers_in_the_news_intensity_last_30 |
| VPR (Beta) Key Driver In the News Recency | definition.vpr_v2.drivers_in_the_news_recency |
| VPR (Beta) Key Driver In the News Sources, last 30 days | definition.vpr_v2.drivers_in_the_news_sources_last_30 |
| VPR (Beta) Key Driver Malware Observations Intensity, last 30 days | definition.vpr_v2.drivers_malware_observations_intensity_last_30 |
| VPR (Beta) Key Driver Malware Observations Recency | definition.vpr_v2.drivers_malware_observations_recency |
| VPR (Beta) Key Driver On CISA KEV | definition.vpr_v2.drivers_on_cisa_kev |
| VPR (Beta) Key Driver Targeted Industries | definition.vpr_v2.drivers_targeted_industries |
| VPR (Beta) Key Driver Targeted Regions | definition.vpr_v2.drivers_targeted_regions |
| VPR (Beta) Key Driver VPR Percentile | definition.vpr_v2.drivers_vpr_percentile |
| VPR (Beta) Key Driver VPR Severity | definition.vpr_v2.drivers_vpr_severity |
| VPR (Beta) | definition.vpr_v2.score |
| Vulnerability Published | definition.vulnerability_published |
| Workaround | definition.workaround |
| Workaround Published | definition.workaround_published |
| Workaround Type | definition.workaround_type |
| First Seen | first_observed |
| Scan ID | scan.id |
| Last Fixed | last_fixed |
| Last Seen | last_seen |
| Plugin Output | output |
| Port | port |
| Protocol | protocol |
| Recast Reason | recast_reason |
| Resurfaced Date | resurfaced_date |
| Risk Modified | risk_modified |
| Scan ID | scan.id |
| Last Scan Target | scan.target |
| Severity | severity |
| Software Information | software_vulns |
| Source | source |
| State | state |
| Time Taken to Fix | time_to_fix |
| Vulnerability Age | vuln_age |
| Vuln SLA Date | vuln_sla_date |
Use this link to download the CSV file for the Vulnerabilities Findings Export Mappings.
Web Application Findings Export Mapping
The following table shows the mapping of each Web Application Finding Export Field to the associated key in the exported CSV file.
| Web App Findings Export Fields in UI | Web App Findings Export CSV Keys |
|---|---|
| Age | age_in_days |
| Asset ID | asset_id |
| Asset Name | asset.name |
| CVSSv2 Base Score | definition.cvss2.base_score |
| CVSSv2 Vector | definition.cvss2.base_vector |
| CVSSv3 Base Score | definition.cvss3.base_score |
| CVSSv3 Vector | definition.cvss3.base_vector |
| CVSSv4 Base Score | definition.cvss4.base_score |
| CVSSv4 Vector | definition.cvss4.base_vector |
| Finding ID | finding_id |
| First Seen | first_observed |
| FQDN | asset.display_fqdn |
| Host | asset.host_name |
| IPv4 Address | asset.display_ipv4_addresses |
| Last Fixed | last_fixed |
| Last Seen | last_seen |
| MAC Address | asset.display_mac_address |
| Operating System | asset.operating_system |
| Original Severity | severity |
| Plugin Description | definition.description |
| Plugin Family | definition.family |
| Plugin ID | definition.id |
| Plugin Updated | definition.plugin_updated |
| Plugin Name | definition.name |
| Plugin Output | output |
| Plugin Published | definition.plugin_published |
| Reference Information | definition.references |
| Resurfaced Date | resurfaced_date |
| Risk Modified | risk_modified |
| See Also | definition.see_also |
| Severity | definition.severity |
| Solution | definition.solution |
| State | state |
| System Type | asset.system_type |
| Tags | asset.tags |
| VPR | definition.vpr.score |
| VPR (Beta) Key Driver CVE ID | definition.vpr_v2.drivers_cve_id |
| VPR (Beta) Key Driver Exploit Chain | definition.vpr_v2.drivers_exploit_chain |
| VPR (Beta) Key Driver Exploit Code Maturity | definition.vpr_v2.drivers_exploit_code_maturity |
| VPR (Beta) Key Driver Exploit Probability | definition.vpr_v2.drivers_exploit_probability |
| VPR (Beta) Key Driver In the News Intensity, last 30 days | definition.vpr_v2.drivers_in_the_news_intensity_last_30 |
| VPR (Beta) Key Driver In the News Recency | definition.vpr_v2.drivers_in_the_news_recency |
| VPR (Beta) Key Driver In the News Sources, last 30 days | definition.vpr_v2.drivers_in_the_news_sources_last_30 |
| VPR (Beta) Key Driver Malware Observations Intensity, last 30 days | definition.vpr_v2.drivers_malware_observations_intensity_last_30 |
| VPR (Beta) Key Driver Malware Observations Recency | definition.vpr_v2.drivers_malware_observations_recency |
| VPR (Beta) Key Driver On CISA KEV | definition.vpr_v2.drivers_on_cisa_kev |
| VPR (Beta) Key Driver Targeted Industries | definition.vpr_v2.drivers_targeted_industries |
| VPR (Beta) Key Driver Targeted Regions | definition.vpr_v2.drivers_targeted_regions |
| VPR (Beta) Key Driver VPR Percentile | definition.vpr_v2.drivers_vpr_percentile |
| VPR (Beta) Key Driver VPR Severity | definition.vpr_v2.drivers_vpr_severity |
| VPR (Beta) | definition.vpr_v2.score |
| Vuln SLA Date | vuln_sla_date |
Use this link to download the CSV file for the Web Application Findings Export Mappings.