Device
Backup
Config
Configlets
Controllers
ComplianceIQ
Dashboard
Client
- Get Api Client Grid
Password Manager
Tags
Settings
Reports

ComplianceIQ

Run Compliance Check

API EndPoint : exeComplianceCheck

Executes compliance check for the given policy id, rule group id, rule id, resource id and device group id

HTTP Method

POST

API URL

http://localhost:8060/api/json/v2/ncmcompliance/exeComplianceCheck?apiKey=********&COMPRULE_ID=[101,102]&COMPPOLICY_IDS=[201]&COMP_RULE_GROUP_IDS=[301]&RESOURCEID=[305,309]

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
COMPRULE_ID	Unique identifier of the rules	JSONArray	-	No
COMPPOLICY_IDS	Unique identifier of the policies	JSONArray	-	No
COMP_RULE_GROUP_IDS	Unique identifier of the rule groups	JSONArray	-	No
RESOURCEID	Unique identifier of the devices	JSONArray	-	No
DEVICE_GROUP_ID	Unique identifier of the device group	long	-	No

Sample Response

HTTP Code: 200

{ "statusMsg": "Compliance Check operation is in progress. Refresh the page after sometime", "isEmpty": false, "isPartial": false, "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get List of Compliance Rules

API EndPoint : getCmpRules

Returns complete list of compliance rules

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getCmpRules?apiKey=********&hideStandard=true

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
hideStandard	Boolean value indicating if standard items are to be hidden in the result data	boolean	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "3", "page": 1, "rows": [ { "id": 902, "cell": [ 902, ".clone", "test description", null, null, "admin", "admin", "[NA]", "FLOW", "[NA]", "[NA]", ".clone" ]}, { "id": 904, "cell": [ 904, "Test compliance rule", "[NA]", null, null, "admin", "admin", "[NA]", "FLOW", "[NA]", "[NA]", "Test compliance rule" ]}, { "id": 901, "cell": [ 901, "Test rule", "test description", null, null, "admin", "admin", "[NA]", "FLOW", "[NA]", "[NA]", "Test rule" ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get All Compliance Rules V2

API EndPoint : getCmpRules

Returns a list of all compliance rules based on the provided filter

HTTP Method

GET

API URL

http://localhost:8060/api/json/v2/ncmcompliance/getCmpRules?apiKey=********&filter=STANDARD

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
filter	Used to filter rules	-	^(CUSTOM\|STANDARD)$	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "1", "page": 1, "rows": [ { "CRITERIA_TYPE": "FLOW", "DESCRIPTION": "Test description", "TAGNAME": "[NA]", "id": 601, "isDisabled": false, "IS_STANDARD": true, "isRestricted": false, "COMPRULE_NAME": "Test Rule"} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get All of Compliance Rule Groups

API EndPoint : getComplianceGroups

Returns complete list of compliance groups

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getComplianceGroups?apiKey=********&hideStandard=true

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
hideStandard	Boolean value indicating if standard items are to be hidden in the result data	boolean	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "3", "page": 1, "rows": [ { "id": 303, "cell": [ 303, "Test RG 2", "[NA]", "admin", "admin", "[NA]" ]}, { "id": 305, "cell": [ 305, "Test Rule group", "[NA]", "admin", "admin", "[NA]" ]}, { "id": 302, "cell": [ 302, "Test rule group", "test description", "admin", "admin", "[NA]" ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get All Compliance Rule Groups V2

API EndPoint : getComplianceGroups

Returns a list of all compliance rule groups based on the provided filter

HTTP Method

GET

API URL

http://localhost:8060/api/json/v2/ncmcompliance/getComplianceGroups?apiKey=********&filter=STANDARD

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
filter	Used to filter rule groups	-	^(CUSTOM\|STANDARD)$	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "1", "page": 1, "rows": [ { "CREATED_BY": "admin", "COMPRULEGROUP_NAME": "Test rule group", "LAST_MODIFIED_BY": "admin", "DESCRIPTION": "test description", "TAGNAME": "[NA]", "id": 301, "isDisabled": false, "isRestricted": false} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Compliance Tree JSON Data

API EndPoint : getCompTreeData

Returns complete JSONObject of compliance policy tree data for every policy standards along with favourites, custom and all policies

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getCompTreeData?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{ "data": [ { "data":{ "isCompCheckDone": false, "isStandard": false, "isCompCheckInProgress": false, "isDeviceAssociated": false, "isDisabled": false, "complianceState": "COMP_CHECK_NOT_DONE", "isFavourite": true, "isRestricted": false}, "id": "policyGroup_FAVOURITE", "text": "Favourites (0)"}, { "data":{ "isCompCheckDone": false, "isStandard": false, "isCompCheckInProgress": false, "isDeviceAssociated": false, "isDisabled": false, "complianceState": "COMP_CHECK_NOT_DONE", "isFavourite": false, "isRestricted": false}, "children": [ { "data":{ "isCompCheckDone": false, "isStandard": false, "isCompCheckInProgress": false, "isDeviceAssociated": false, "isDisabled": false, "complianceState": "COMP_CHECK_NOT_DONE", "isFavourite": false, "isRestricted": false}, "children": [ { "data":{ "isCompCheckDone": false, "isStandard": false, "isCompCheckInProgress": false, "isDeviceAssociated": false, "isDisabled": false, "complianceState": "COMP_CHECK_NOT_DONE", "isFavourite": false, "isRestricted": false}, "id": "policyGroup_ALL_policy_301_rule_901", "text": "Test rule"} ], "id": "policyGroup_ALL_policy_301", "text": "Test policy (1)"} ], "id": "policyGroup_ALL", "text": "All Policies (1)"}, { "data":{ "isCompCheckDone": false, "isStandard": false, "isCompCheckInProgress": false, "isDeviceAssociated": false, "isDisabled": false, "complianceState": "COMP_CHECK_NOT_DONE", "isFavourite": false, "isRestricted": false}, "children": [ { "data":{ "isCompCheckDone": false, "isStandard": false, "isCompCheckInProgress": false, "isDeviceAssociated": false, "isDisabled": false, "complianceState": "COMP_CHECK_NOT_DONE", "isFavourite": false, "isRestricted": false}, "children": [ { "data":{ "isCompCheckDone": false, "isStandard": false, "isCompCheckInProgress": false, "isDeviceAssociated": false, "isDisabled": false, "complianceState": "COMP_CHECK_NOT_DONE", "isFavourite": false, "isRestricted": false}, "id": "policyGroup_CUSTOM_policy_301_rule_901", "text": "Test rule"} ], "id": "policyGroup_CUSTOM_policy_301", "text": "Test policy (1)"} ], "id": "policyGroup_CUSTOM", "text": "Custom Policies (1)"}, { "data":{ "isCompCheckDone": false, "isStandard": false, "isCompCheckInProgress": false, "isDeviceAssociated": false, "isDisabled": false, "complianceState": "COMP_CHECK_NOT_DONE", "isFavourite": false, "isRestricted": false}, "id": "policyGroup_CIS", "text": "CIS (0)"}, { "data":{ "isCompCheckDone": false, "isStandard": false, "isCompCheckInProgress": false, "isDeviceAssociated": false, "isDisabled": false, "complianceState": "COMP_CHECK_NOT_DONE", "isFavourite": false, "isRestricted": false}, "id": "policyGroup_STIG", "text": "STIG (0)"}, { "data":{ "isCompCheckDone": false, "isStandard": false, "isCompCheckInProgress": false, "isDeviceAssociated": false, "isDisabled": false, "complianceState": "COMP_CHECK_NOT_DONE", "isFavourite": false, "isRestricted": false}, "id": "policyGroup_HIPAA", "text": "HIPAA (0)"}, { "data":{ "isCompCheckDone": false, "isStandard": false, "isCompCheckInProgress": false, "isDeviceAssociated": false, "isDisabled": false, "complianceState": "COMP_CHECK_NOT_DONE", "isFavourite": false, "isRestricted": false}, "id": "policyGroup_SOX", "text": "SOX (0)"} ], "message": "Compliance tree data fetched successfully", "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Policy Group Metadata

API EndPoint : getPolicyGroupMetaData

Returns policy group metadata which includes violation count and percentage of policies, devices, critical policies and critical devices

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getPolicyGroupMetaData?apiKey=********&POLICY_STANDARD=CUSTOM

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_STANDARD	Indicates the policy standard	-	^(ALL\|FAVOURITE\|CUSTOM\|CIS\|STIG\|HIPAA\|SOX)$	yes

Sample Response

HTTP Code: 200

{ "noOfPoliciesViolated": 1, "noOfCriticalPoliciesViolatedPercent": 100, "noOfCriticalDevicesViolatedPercent": 100, "noOfCriticalPoliciesViolated": 1, "noOfDevicesViolated": 1, "noOfDevicesViolatedPercent": 100, "noOfCriticalDevicesViolated": 1, "message": "Policy group meta data successfully retrieved", "noOfPoliciesViolatedPercent": 100, "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Policy Metadata

API EndPoint : getPolicyMetaData

Returns policy metadata which includes violation count and percentage of rules, devices, critical rules and critical devices

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getPolicyMetaData?apiKey=********&POLICY_ID=102

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_ID	Unique identifier of the policy	long	-	yes

Sample Response

HTTP Code: 200

{ "noOfCriticalRulesViolatedPercent": 100, "noOfCriticalDevicesViolatedPercent": 100, "noOfDevicesViolated": 1, "noOfRulesViolatedPercent": 100, "noOfRulesViolated": 1, "noOfDevicesViolatedPercent": 100, "noOfCriticalDevicesViolated": 1, "message": "Policy meta data successfully retrieved", "noOfCriticalRulesViolated": 1, "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Rule Group Metadata

API EndPoint : getRuleGroupMetaData

Returns rule group metadata which includes violation count and percentage of rules, devices, critical rules and critical devices

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getRuleGroupMetaData?apiKey=********&POLICY_ID=102&RULE_GROUP_ID=105

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_ID	Unique identifier of the policy	long	-	yes
RULE_GROUP_ID	Unique identifier of the rule group	long	-	yes

Sample Response

HTTP Code: 200

{ "noOfCriticalRulesViolatedPercent": 100, "noOfCriticalDevicesViolatedPercent": 100, "noOfDevicesViolated": 1, "noOfRulesViolatedPercent": 100, "noOfRulesViolated": 1, "noOfDevicesViolatedPercent": 100, "noOfCriticalDevicesViolated": 1, "message": "Rule group meta data successfully retrieved", "noOfCriticalRulesViolated": 1, "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Rule Metadata

API EndPoint : getRuleMetaData

Returns rule metadata which includes compliant, violation count and percentage of devices and successful, pending count and percentage of remediations

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getRuleMetaData?apiKey=********&POLICY_ID=201&RULE_GROUP_ID=301&RULE_ID=601

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_ID	Unique identifier of the policy	long	-	yes
RULE_GROUP_ID	Unique identifier of the rule group	long	-	yes
RULE_ID	Unique identifier of the rule	long	-	yes

Sample Response

HTTP Code: 200

{ "noOfDevicesCompliant": 0, "noOfPendingRemediation": 0, "noOfDevicesCompliantPercent": 0, "noOfDevicesViolated": 1, "noOfDevicesViolatedPercent": 100, "message": "Rule meta data successfully retrieved", "noOfSuccessfulRemediationPercent": 0, "noOfPendingRemediationPercent": 0, "noOfSuccessfulRemediation": 0, "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get All Command Template Names

API EndPoint : getCommandTemplates

Returns a list of all command templates

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getCommandTemplates?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "1", "page": 1, "rows": [ { "TEMPLATE_NAME": "Test command template", "DESCRIPTION": "test description", "id": 301} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get All Global Variables

API EndPoint : getGlobalVariables

Returns a list of all global variables

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getGlobalVariables?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{ "globalVariables": [ { "variableType": "USER_INPUT", "displayName": "", "name": "$globalVariable", "isGlobal": true, "description": "", "id": 1763532658567579, "value": "S+", "isUsed": true} ], "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Adhoc Result For Rules

API EndPoint : getAdhocRulesList

Returns list of rules along with compliance status that are retrieved from ad hoc test against the selected resource

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getAdhocRulesList?apiKey=********&resultId=101&resourceId=301

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
resourceId	Unique identifier of the device	long	-	No
resultId	Unique identifier of policy, rule, resource and their corresponding result mapping	-	^d+_[0-9]{1,4}$	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "1", "page": 1, "rows": [ { "STATUS": "VIOLATION", "DESCRIPTION": "test description", "id": 901, "COMPRULE_NAME": "Test rule"} ], "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get All Compliance Policy Names

API EndPoint : getAllPolicyNames

Returns a list of all available policies

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getAllPolicyNames?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{"policies":[{"name":"Test policy","id":301}],"isSuccess":true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Complete Rule Result Details

API EndPoint : getRuleResult

Return the rule result object for every validation items configured for the rule

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getRuleResult?apiKey=********&ruleId=601&resultId=1001&complianceResult=Violation

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
policyId	Unique identifier of the policy	long	-	No
resPolicyId	Unique identifier of the resource and policy mapping	long	-	No
ruleId	Unique identifier of the rule	long	-	yes
resourceId	Unique identifier of the device	long	-	No
itemId	Unique identifier of the rule item	long	-	No
pageNo	Grid page number	int	-	No
viewsPerPage	Views per page present in grid. Lists only selected number of data per page.	int	-	No
uniqueId	Identifies each children of an item result like each block result of block match item	-	^d+_[0-9]{1,4}$	No
resultId	Unique identifier of policy, rule, resource and their corresponding result mapping	-	^d+_[0-9]{1,4}$	No
complianceResult	Used to filter result data based on compliance status	-	(All\|Violation\|Compliant)	No

Sample Response

HTTP Code: 200

{ "result": [ { "variableValues":{ "globalVariable": "S+"}, "result":{ "conditionsResult": [ { "result": false, "criteria":{ "condition": "SHOULD_CONTAIN", "pattern": "test pattern S+", "count": -1, "id": "1", "operator": "false"}, "matcherInfos": []} ], "finalResult": false}, "itemId": 1763531855124848, "itemDetails":{ "trueLink": 1763531865276536, "scope":{ "details":{ "commandTemplatedId": 301, "selectedField": "", "selectedVariable": ""}, "type": "COMMAND_OUTPUT"}, "falseLink": 1763531867052379, "id": 1763531855124848, "operation":{ "details":{ "criteria":{ "criteriaList": [ { "condition": "SHOULD_CONTAIN", "pattern": "test pattern $globalVariable", "count": -1, "id": "1", "operator": "false"} ], "criteriaExpression": ""}, "name": "Test"}, "type": "CONDITION"}}, "type": "CONDITION"}, { "itemId": 1763531867052379, "remediationProcedure": "", "remediationConfiglet": -1, "BULK_EXECUTION_ID": -1, "remediationExecuted": false, "itemDetails":{ "trueLink": false, "scope":{ "type": "STARTUP"}, "falseLink": false, "id": 1763531867052379, "operation":{ "details":{ "remediationProcedure": "", "remediationConfiglet": -1, "remediationConfigletVariablesMap":{}, "isAutoRemediate": false, "violationMessage": "Rule is violated", "violationSeverity": "CRITICAL"}, "type": "VIOLATION"}}, "type": "VIOLATION", "remediationPending": false, "violationMessage": "Rule is violated", "violationSeverity": "CRITICAL"} ], "resourceId": 8, "resultId": "91200580768400_4493", "policyId": 301, "ruleType": "FLOW", "complianceStatus": "VIOLATION", "ruleName": "Test rule", "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Command Execution Output

API EndPoint : getRuleCommandOutputResult

Returns the command template execution for the selected rule's selected item's selected result item for the selected device

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getRuleCommandOutputResult?apiKey=********&ruleId=601&itemId=1763531855124848&resourceId=8&resultId=91200580768400_4493

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
ruleId	Unique identifier of the rule	long	-	yes
itemId	Unique identifier of the rule item	long	-	No
resourceId	Unique identifier of the device	long	-	No
uniqueId	Identifies each children of an item result like each block result of block match item	-	^d+_[0-9]{1,4}$	No
resultId	Unique identifier of policy, rule, resource and their corresponding result mapping	-	^d+_[0-9]{1,4}$	No

Sample Response

HTTP Code: 200

{ "commandOutput": "n-bash: test: response: unary operator expectednroot@abc-ef12-1:~# ", "templateName": "Test command template", "isDistributed": false, "templateDesc": "test description", "commandsList": [ { "recordId": "ComplianceScriptExecution_Test_command_template_rec_0_90054919353100", "messageSuffix": "${LF}", "interactionId": "ComplianceScriptExecution_Test_command_template_ispec_0_90054919353100", "executionGroupId": 2401, "promptActionId": "NA", "id": 0, "sequenceId": 0, "prompt": "${UserInput:EnablePrompt}", "command": "test paging command", "timeout": 20000, "cliRequestTimeout": 20000}, { "recordId": "ComplianceScriptExecution_Test_command_template_rec_1_90054919353100", "messageSuffix": "${LF}", "interactionId": "ComplianceScriptExecution_Test_command_template_ispec_1_90054919353100", "executionGroupId": 2401, "responseSelection": true, "promptActionId": "NA", "id": 1, "sequenceId": 1, "prompt": "${UserInput:EnablePrompt}", "command": "test response command", "timeout": 20000, "cliRequestTimeout": 20000} ], "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Command Template Details

API EndPoint : getCommandTemplateDetails

Returns complete data of the command template

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getCommandTemplateDetails?apiKey=********&templateId=301

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
templateId	Unique identifier of the command template	long	-	yes

Sample Response

HTTP Code: 200

{ "msg": "Command Template Details Retrieved Successfully", "templateName": "Test command template", "isDistributed": false, "templateDesc": "test description", "commandsList": [ { "recordId": "ComplianceScriptExecution_Test_command_template_rec_0_90054919353100", "messageSuffix": "${LF}", "interactionId": "ComplianceScriptExecution_Test_command_template_ispec_0_90054919353100", "executionGroupId": 2401, "promptActionId": "NA", "id": 0, "sequenceId": 0, "prompt": "${UserInput:EnablePrompt}", "command": "test paging command", "timeout": 20000, "cliRequestTimeout": 20000}, { "recordId": "ComplianceScriptExecution_Test_command_template_rec_1_90054919353100", "messageSuffix": "${LF}", "interactionId": "ComplianceScriptExecution_Test_command_template_ispec_1_90054919353100", "executionGroupId": 2401, "responseSelection": true, "promptActionId": "NA", "id": 1, "sequenceId": 1, "prompt": "${UserInput:EnablePrompt}", "command": "test response command $COMMAND", "timeout": 20000, "cliRequestTimeout": 20000} ], "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Compliance Details

API EndPoint : getComplianceDetails

Returns complete list of devices with each of its associated policy along with its compliance status counts which include compliant, violation and not applicable counts

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getComplianceDetails?apiKey=********&hideStandard=true

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
compolicyId	Unique identifier of the policy	long	-	No
resourceId	Unique identifier of the device	long	-	No
status	Used to filter data based on compliance status	-	^(Compliant\|Violation\|notavailable)$	No
hideStandard	Boolean value indicating if standard items are to be hidden in the result data	boolean	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "3", "page": 1, "rows": [ { "id": 604, "cell": [ 604, "ncmd-CCC-D", "Test compliance policy", false, 1, 0, 0, 0, "2025-11-19 15:01:16.194", false, 8, "" ]}, { "id": 605, "cell": [ 605, "ncmd-AAA-B", ".clone", false, 1, 0, 0, 0, "2025-11-19 15:01:16.194", false, 8, "" ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Policy Compliance Metadata V2

API EndPoint : getComplianceDetails

Returns list all the associated policies for a specific device along with it's execution meta data including compliance status and other counts

HTTP Method

GET

API URL

http://localhost:8060/api/json/v2/ncmcompliance/getComplianceDetails?apiKey=********&resourceId=201&hideStandard=true&compolicyId=101&status=Violation

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
compolicyId	Unique identifier of the policy	long	-	No
resourceId	Unique identifier of the device	long	-	No
status	Used to filter data based on compliance status	-	^(Compliant\|Violation\|notavailable)$	No
hideStandard	Boolean value indicating if standard items are to be hidden in the result data	boolean	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "1", "page": 1, "rows": [ { "WARNING_COUNT": 0, "NOT_REQUIRED_COUNT": 0, "ATTENTION_COUNT": 0, "CRITICAL_COUNT": 1, "SUCCESS_COUNT": 0, "COMPLIANCE_STATUS": false, "RESOURCENAME": "ncmd-MMM-N", "LAST_CHECKED_TIME": "2025-11-19 14:09:07.674", "COMPPOLICY_NAME": "Test policy", "id": 602, "MAJOR_COUNT": 0, "RESOURCEID": 8} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Policies of a Policy Standard

API EndPoint : getCompliancePoliciesList

Returns a list of compliance policies that are available in the given policy standard

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getCompliancePoliciesList?apiKey=********&POLICY_STANDARD=CUSTOM

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_STANDARD	Indicates the policy standard	-	^(ALL\|FAVOURITE\|CUSTOM\|CIS\|STIG\|HIPAA\|SOX)$	yes
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "1", "page": 1, "rows": [ { "attentionPercent": 0, "isCompCheckRunning": false, "TAGNAME": "[NA]", "notRequiredPercent": 0, "violationPercent": 100, "POLICY_STANDARD": "CUSTOM", "DESCRIPTION": "test description", "isDeviceAssociated": true, "COMPPOLICY_NAME": "Test policy", "id": 301, "isDisabled": false, "compliantPercent": 0, "ASSOCIATED_DEVICES": 1, "isRestricted": false} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Policy Column Model

API EndPoint : getColModelForPolicy

Returns the complete column model data for a given policy based the severity and compliance status

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getColModelForPolicy?apiKey=********&POLICY_ID=301&COMP_STATUS=VIOLATION,COMPLIANT

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_ID	Unique identifier of the policy	long	-	yes
SEVERITY	String separated by comma indicating the severities based on which the data will be filtered	-	(((CRITICAL\|Critical\|MAJOR\|Major\|WARNING\|Warning)+)(,(CRITICAL\|Critical\|MAJOR\|Major\|WARNING\|Warning)+)*)\|(ALL\|All)	No
COMP_STATUS	String separated by comma indicating the compliance status based on which the data will be filtered	-	(((COMPLIANT\|Compliant\|VIOLATION\|Violation\|NOT_REQUIRED\|Not_required\|ATTENTION\|Attention)+)(,(COMPLIANT\|Compliant\|VIOLATION\|Violation\|NOT_REQUIRED\|Not_required\|ATTENTION\|Attention)+)*)\|(ALL\|All)	No

Sample Response

HTTP Code: 200

{ "dataUrl": "", "identifier": ".opmGraph-details.ncm_table_ui", "listcolNamesList": "", "colModelList": [ { "search": false, "hidden": true, "displayName": "id", "classes": "pointer", "searchtype": "", "hidedlg": true, "name": "id", "width": 0, "index": "id", "sortable": false}, { "search": false, "hidden": false, "displayName": "Device Name", "classes": "pointer", "searchtype": "", "hidedlg": false, "name": "Device Name", "width": 150, "index": "Device Name", "sortable": false}, { "formatter": "compPolicyPercentageFormatter", "search": false, "hidden": false, "displayName": "Total Rule Results", "classes": "pointer", "searchtype": "", "hidedlg": false, "name": "Total Rule Result", "width": 300, "index": "Total Rule Result", "sortable": false}, { "search": false, "hidden": true, "displayName": "IpAddress", "classes": "pointer", "searchtype": "", "hidedlg": true, "name": "IpAddress", "width": 0, "index": "IpAddress", "sortable": false}, { "formatter": "compRuleResultFormatter", "search": false, "hidden": false, "displayName": "Test rule", "classes": "pointer", "searchtype": "", "hidedlg": false, "name": "Test rule", "width": 190, "index": "Test rule", "sortable": false} ], "isv2Grid": true, "groupsList": [ { "startColumnName": "Test rule", "numberOfColumns": "1", "titleText": "Test rule group
"} ], "remote": true, "grouping": true, "listcolModelList": "", "apiUrl": "/client/api/json/ncmcompliance/getCompliancePolicyResult", "statusMsg": "Policy column model list retrieval success", "gridSorting": "", "gridPageSize": "10", "id": "NcmCompliancePolicyResult", "colNamesList": [ "id", "Device Name", "Total Rule Results", "IpAddress", "Test rule" ], "v2translateColNames": true, "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Policy Result Data

API EndPoint : getCompliancePolicyResult

Returns a list of data containing compliance results of all the resources that are associated to the policy for all the rules that are associated to the policy

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getCompliancePolicyResult?apiKey=********&POLICY_ID=301&COMP_STATUS=VIOLATION,COMPLIANT

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_ID	Unique identifier of the policy	long	-	yes
SEVERITY	String separated by comma indicating the severities based on which the data will be filtered	-	(((CRITICAL\|Critical\|MAJOR\|Major\|WARNING\|Warning)+)(,(CRITICAL\|Critical\|MAJOR\|Major\|WARNING\|Warning)+)*)\|(ALL\|All)	No
COMP_STATUS	String separated by comma indicating the compliance status based on which the data will be filtered	-	(((COMPLIANT\|Compliant\|VIOLATION\|Violation\|NOT_REQUIRED\|Not_required\|ATTENTION\|Attention)+)(,(COMPLIANT\|Compliant\|VIOLATION\|Violation\|NOT_REQUIRED\|Not_required\|ATTENTION\|Attention)+)*)\|(ALL\|All)	No
DEVICE_NAME	Hostname of the device used for filter	-	^([p{L}p{N}P{InBasicLatin}s.:-_])+$	No

Sample Response

HTTP Code: 200

{ "total": 1, "statusMsg": "Policy result data retrieval success", "records": 1, "page": 1, "rows": [ { "attentionPercent": 0, "notRequiredPercent": 0, "Test rule":{ "compResult": "VIOLATION", "isCompCheckRunning": false, "isManualReviewRequired": false, "ruleId": 901}, "isDeviceAssociated": true, "IpAddress": "10.A.B.C", "violationPercent": 100, "id": "8", "compliantPercent": 0, "Device Name": "ncmd-AAA-B", "isEmptyData": false} ], "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Rule Group Column Model

API EndPoint : getColModelForRuleGroup

Returns the complete column model data for a given rule group based the severity and compliance status

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getColModelForRuleGroup?apiKey=********&POLICY_ID=301&RULE_GROUP_ID=201&COMP_STATUS=VIOLATION,COMPLIANT

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_ID	Unique identifier of the policy	long	-	yes
RULE_GROUP_ID	Unique identifier of the rule group	long	-	yes
SEVERITY	String separated by comma indicating the severities based on which the data will be filtered	-	(((CRITICAL\|Critical\|MAJOR\|Major\|WARNING\|Warning)+)(,(CRITICAL\|Critical\|MAJOR\|Major\|WARNING\|Warning)+)*)\|(ALL\|All)	No
COMP_STATUS	String separated by comma indicating the compliance status based on which the data will be filtered	-	(((COMPLIANT\|Compliant\|VIOLATION\|Violation\|NOT_REQUIRED\|Not_required\|ATTENTION\|Attention)+)(,(COMPLIANT\|Compliant\|VIOLATION\|Violation\|NOT_REQUIRED\|Not_required\|ATTENTION\|Attention)+)*)\|(ALL\|All)	No

Sample Response

HTTP Code: 200

{ "dataUrl": "", "identifier": ".opmGraph-details.ncm_table_ui", "listcolNamesList": "", "colModelList": [ { "search": false, "hidden": true, "displayName": "id", "classes": "pointer", "searchtype": "", "hidedlg": true, "name": "id", "width": 0, "index": "id", "sortable": false}, { "search": false, "hidden": false, "displayName": "Device Name", "classes": "pointer", "searchtype": "", "hidedlg": false, "name": "Device Name", "width": 150, "index": "Device Name", "sortable": false}, { "formatter": "compPolicyPercentageFormatter", "search": false, "hidden": false, "displayName": "Total Rule Results", "classes": "pointer", "searchtype": "", "hidedlg": false, "name": "Total Rule Result", "width": 300, "index": "Total Rule Result", "sortable": false}, { "search": false, "hidden": true, "displayName": "IpAddress", "classes": "pointer", "searchtype": "", "hidedlg": true, "name": "IpAddress", "width": 0, "index": "IpAddress", "sortable": false}, { "formatter": "compRuleResultFormatter", "search": false, "hidden": false, "displayName": "Test rule", "classes": "pointer", "searchtype": "", "hidedlg": false, "name": "Test rule", "width": 190, "index": "Test rule", "sortable": false} ], "isv2Grid": true, "groupsList": [ { "startColumnName": "Test rule", "numberOfColumns": "1", "titleText": "Test RG 2
"} ], "remote": true, "grouping": true, "listcolModelList": "", "apiUrl": "/client/api/json/ncmcompliance/getComplianceRuleGroupResult", "statusMsg": "Rule group column model list retrieval success", "gridSorting": "", "gridPageSize": "10", "id": "NcmComplianceRuleGroupResult", "colNamesList": [ "id", "Device Name", "Total Rule Results", "IpAddress", "Test rule" ], "v2translateColNames": true, "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Rule Group Result Data

API EndPoint : getComplianceRuleGroupResult

Returns a list of data containing compliance results of all the resources that are associated to the policy for all the rules that are associated to the rule group

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getComplianceRuleGroupResult?apiKey=********&POLICY_ID=301&RULE_GROUP_ID=201&COMP_STATUS=VIOLATION,COMPLIANT

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_ID	Unique identifier of the policy	long	-	yes
RULE_GROUP_ID	Unique identifier of the rule group	long	-	yes
SEVERITY	String separated by comma indicating the severities based on which the data will be filtered	-	(((CRITICAL\|Critical\|MAJOR\|Major\|WARNING\|Warning)+)(,(CRITICAL\|Critical\|MAJOR\|Major\|WARNING\|Warning)+)*)\|(ALL\|All)	No
COMP_STATUS	String separated by comma indicating the compliance status based on which the data will be filtered	-	(((COMPLIANT\|Compliant\|VIOLATION\|Violation\|NOT_REQUIRED\|Not_required\|ATTENTION\|Attention)+)(,(COMPLIANT\|Compliant\|VIOLATION\|Violation\|NOT_REQUIRED\|Not_required\|ATTENTION\|Attention)+)*)\|(ALL\|All)	No
DEVICE_NAME	Hostname of the device used for filter	-	^([p{L}p{N}P{InBasicLatin}s.:-_])+$	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": 1, "page": 1, "rows": [ { "attentionPercent": 0, "notRequiredPercent": 0, "Test rule":{ "compResult": "VIOLATION", "isCompCheckRunning": false, "isManualReviewRequired": false, "ruleId": 901}, "isDeviceAssociated": true, "IpAddress": "10.D.C.B", "violationPercent": 100, "id": "8", "compliantPercent": 0, "Device Name": "ncmd-HHH-J", "isEmptyData": false} ], "message": "Rule group result data successfully retrieved", "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Compliance Rule Result

API EndPoint : getComplianceRuleResult

Returns a list of data containing compliance results of all the resources that are associated to the policy for the specific selected rule in the policy

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getComplianceRuleResult?apiKey=********&POLICY_ID=301&RULE_ID=901

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_ID	Unique identifier of the policy	long	-	yes
RULE_ID	Unique identifier of the rule	long	-	yes
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "1", "page": 1, "rows": [ { "isCompCheckRunning": false, "isManualReviewRequired": false, "OSVERSION": "[NA]", "ADDRESS": "10.H.I.J", "RemediationDetails": "No remediation details available", "RESOURCENAME": "ncmd-LLL-M", "OSTYPE": "[NA]", "CONSOLIDATE_RESULT": "VIOLATION", "id": 8, "VENDORNAME": "HP"} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Mark or Unmark a Policy as Favourite

API EndPoint : addRemovePolicyAsFavourite

Allows to add or remove a policy as favourite

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/addRemovePolicyAsFavourite?apiKey=********&POLICY_ID=301&ADD_AS_FAV=true

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_ID	Unique identifier of the policy	long	-	yes
ADD_AS_FAV	Boolean value indicating if the policy is to be added as favourite or not	boolean	-	yes

Sample Response

HTTP Code: 200

{"statusMsg":"Policy successfully marked as favourite.","isSuccess":true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Rule Compliance Details

API EndPoint : getRuleCompliances

Returns list of rules along with it's compliance status for a given policy of a device

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getRuleCompliances?apiKey=********&resPolicyId=101&compliant=true

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
resPolicyId	Unique identifier of the resource and policy mapping	long	-	yes
severity	Filters data based on the violation severity of the rule	-	^(All)$	No
compliant	Boolean value used to filter rules based on compliance status value is compliant or violated	boolean	-	No
details	Unused param	boolean	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "1", "page": 1, "rows": [ { "id": 901, "cell": [ 901, "Test rule", "[NA]", "test description", "CRITICAL", "Click to view", "Click to view", "-1L", 8, false ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Rule Compliance Details V2

API EndPoint : getRuleCompliances

Returns a list of data containing rule details along with the compliance result data for the selected policy and resource or for the selected policy, rule group and resource

HTTP Method

GET

API URL

http://localhost:8060/api/json/v2/ncmcompliance/getRuleCompliances?apiKey=********&resourceId=8&policyId=301&compStatus=VIOLATION,COMPLIANT

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
resourceId	Unique identifier of the device	long	-	yes
policyId	Unique identifier of the policy	long	-	yes
ruleGroupId	Unique identifier of the rule group	long	-	No
severity	String separated by comma indicating the severities based on which the data will be filtered	-	(((CRITICAL\|Critical\|MAJOR\|Major\|WARNING\|Warning)+)(,(CRITICAL\|Critical\|MAJOR\|Major\|WARNING\|Warning)+)*)\|(ALL\|All)	No
compStatus	String separated by comma indicating the compliance status based on which the data will be filtered	-	(((COMPLIANT\|Compliant\|VIOLATION\|Violation\|NOT_REQUIRED\|Not_required\|ATTENTION\|Attention)+)(,(COMPLIANT\|Compliant\|VIOLATION\|Violation\|NOT_REQUIRED\|Not_required\|ATTENTION\|Attention)+)*)\|(ALL\|All)	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "statusMsg": "Rule compliance details retrieval success", "records": "1", "page": 1, "rows": [ { "DESCRIPTION": "test description", "REMEDIATION_DESCR": "[NA]", "LAST_CHECKED_TIME": "2025-11-19 14:09:07.671", "CONSOLIDATE_RESULT": "VIOLATION", "id": 901, "VIOLATION_SEVERITY": "CRITICAL", "COMPRULE_NAME": "Test rule"} ], "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Export a Policy as XML

API EndPoint : exportPolicy

Exports the selected policy in an XML format which can be used to import it in other servers. All the rule groups, rules and command templates will also be exported and imported.

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/exportPolicy?apiKey=********&POLICY_IDS=[301,302]

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_IDS	Unique identifier of the policies	JSONArray	-	No

Sample Response

HTTP Code: 200

""

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Export Rule Groups as XML

API EndPoint : exportRuleGroup

Exports the selected rule group in an XML format which can be used to import it in other servers. All the sub rule groups, rules and command templates will also be exported and imported.

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/exportRuleGroup?apiKey=********&RULE_GROUP_IDS=[201,202]

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
RULE_GROUP_IDS	Unique identifier of the rule groups	JSONArray	-	No

Sample Response

HTTP Code: 200

""

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Export Rules as XML

API EndPoint : exportRule

Exports the selected rule in an XML format which can be used to import it in other servers. All the command templates will also be exported and imported.

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/exportRule?apiKey=********&RULE_IDS=[901,902]

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
RULE_IDS	Unique identifier of the rules	JSONArray	-	No

Sample Response

HTTP Code: 200

""

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Update Rule Compliance Status

API EndPoint : updateRuleComplianceStatus

Allows to manually update the compliance status for specific resource of a rule of a policy

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/updateRuleComplianceStatus?apiKey=********&POLICY_ID=301&RULE_ID=901&RESOURCE_ID=8&STATUS=COMPLIANT

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
POLICY_ID	Unique identifier of the policy	long	-	yes
RULE_ID	Unique identifier of the rule	long	-	yes
RESOURCE_ID	Unique identifier of the device	long	-	yes
STATUS	Indicates new status to update to	-	^(COMPLIANT\|VIOLATION\|NOT_APPLICABLE\|APPLICABLE\|NOT_REQUIRED)$	yes

Sample Response

HTTP Code: 200

{"statusMsg":"Rule compliance status updated successfully","isSuccess":true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Enable a Policy or Rule Group or Rule

API EndPoint : enableComplianceEntity

Allows to enable a policy or rule group or rule which have been already disabled.

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/enableDisableComplianceEntity?apiKey=********&SELECTED_ITEM=RULE_GROUP&SELECTED_ITEM_ID=[201]&IS_ENABLE=true

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
SELECTED_ITEM	Indicates the item which is to be enabled or disabled	-	^(POLICY\|RULE_GROUP\|RULE)$	yes
SELECTED_ITEM_ID	Unique identifier of the selected items	JSONArray	-	yes
IS_ENABLE	Boolean value indicating if the selected items are to be enabled or disabled	boolean	-	yes

Sample Response

HTTP Code: 200

{ "ENABLE":{ "statusMsg": "Rule enabled successfully", "isSuccess": true}}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Disable a Policy or Rule Group or Rule

API EndPoint : disableComplianceEntity

Allows to disable a policy or rule group or rule. Disabling a rule will disable it from all the rule groups and policies where it has been associated

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/enableDisableComplianceEntity?apiKey=********&SELECTED_ITEM=RULE&SELECTED_ITEM_ID=[901]&IS_ENABLE=false

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
SELECTED_ITEM	Indicates the item which is to be enabled or disabled	-	^(POLICY\|RULE_GROUP\|RULE)$	yes
SELECTED_ITEM_ID	Unique identifier of the selected items	JSONArray	-	yes
IS_ENABLE	Boolean value indicating if the selected items are to be enabled or disabled	boolean	-	yes

Sample Response

HTTP Code: 200

{"DISABLE":{ "statusMsg": "Rule disabled successfully", "isSuccess": true}}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Compliance Popup Table

API EndPoint : getCompliancePopupTable

Returns list resources that has filtered status as it's compliance status along with meta result data like success count, critical count etc,.

HTTP Method

GET

API URL

http://localhost:8060/api/json/v2/ncmcompliance/getCompliancePopupTable?apiKey=********&status=Violation

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
status	Used to filter data based on compliance status	-	^(Compliant\|Violation\|NA)$	No
DG_ID	Unique identifier of the device group	long	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "rows": [ { "WARNING_COUNT": 0, "ATTENTION_COUNT": 0, "COMPLIANCE_STATUS": "VIOLATION", "CRITICAL_COUNT": 0, "SUCCESS_COUNT": 0, "RESOURCENAME": "ncmd-JJJ-K", "LAST_CHECKED_TIME": "2025-11-19 14:09:07.674", "id": 8, "NOT_APPLICABLE_COUNT": 0, "MAJOR_COUNT": 0} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Rule Prerender Data

API EndPoint : getRulePreRenders

Returns all the prerender data of a rule

HTTP Method

GET

API URL

http://localhost:8060/api/json/v2/ncmcompliance/getRulePreRenders?apiKey=********&COMPRULE_ID=901&IS_SAMPLE=true

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
COMPRULE_ID	Unique identifier of the rule	long	-	yes
IS_SAMPLE	Boolean value indicating if the rule is sample rule. By default it is false for the standard and custom rules.	boolean	-	No

Sample Response

HTTP Code: 200

{ "variables": [ { "variableType": "USER_INPUT", "displayName": "", "name": "$globalVariable", "isGlobal": true, "description": "", "id": 1763532658567579, "value": "S+", "isUsed": true} ], "isStandard": false, "isManualReviewRequired": false, "isDistributed": false, "ruleType": "FLOW", "name": ".clone", "description": "test description", "groups": [ { "trueLink": false, "scope":{ "type": "STARTUP"}, "falseLink": false, "id": 99761657597675, "operation":{ "details":{}, "type": "COMPLIANT"}}, { "trueLink": 99761657669431, "scope":{ "type": "STARTUP"}, "falseLink": false, "id": 99761657666923, "operation":{ "details":{}, "type": "START"}}, { "trueLink": 99761657597675, "scope":{ "details":{ "commandTemplatedId": 301, "selectedField": "", "selectedVariable": ""}, "type": "COMMAND_OUTPUT"}, "falseLink": 99761657671237, "id": 99761657669431, "operation":{ "details":{ "criteria":{ "criteriaList": [ { "condition": "SHOULD_CONTAIN", "pattern": "test pattern $globalVariable", "count": -1, "id": "1", "operator": "false"} ], "criteriaExpression": ""}, "name": "Test"}, "type": "CONDITION"}}, { "trueLink": false, "scope":{ "type": "STARTUP"}, "falseLink": false, "id": 99761657671237, "operation":{ "details":{ "remediationProcedure": "", "remediationConfiglet": -1, "remediationConfigletVariablesMap":{}, "isAutoRemediate": false, "violationMessage": "Rule is violated", "violationSeverity": "CRITICAL"}, "type": "VIOLATION"}} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Rule Group Associations

API EndPoint : getRuleGroupAssociation

Returns all the available and associated rule groups and policies for the given rule group

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getRuleGroupAssociation?apiKey=********&RULE_GROUP_ID=201

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
RULE_GROUP_ID	Unique identifier of the rule group	long	-	yes

Sample Response

HTTP Code: 200

{ "associatedPolicyIds": [ 305, 301, 302 ], "statusMsg": "Rule group association details retrieval is success", "associatedRgIds": [], "isDistributed": false, "availableRuleGroups": [ { "name": "Test RG 2", "ID": 303} ], "associatedPolicies": [ { "name": "Test compliance policy", "ID": 305}, { "name": "Test policy", "ID": 301}, { "name": ".clone", "ID": 302} ], "associatedRuleGroups": [], "availablePolicies": [ { "name": "Test Policy", "ID": 304} ], "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Rule Associations

API EndPoint : getRuleAssociation

Returns all the available and associated rule groups and policies for the given rule

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getRuleAssociation?apiKey=********&RULE_ID=901

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
RULE_ID	Unique identifier of the rule	long	-	yes

Sample Response

HTTP Code: 200

{ "associatedPolicyIds": [], "statusMsg": "Rule association details retrieval is success", "associatedRgIds": [], "isDistributed": false, "availableRuleGroups": [ { "name": "Test rule group", "ID": 302}, { "name": "Test RG 2", "ID": 303} ], "associatedPolicies": [], "associatedRuleGroups": [], "availablePolicies": [ { "name": "Test Policy", "ID": 304}, { "name": "Test compliance policy", "ID": 305}, { "name": "Test policy", "ID": 301}, { "name": ".clone", "ID": 302} ], "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Update Rule Group Associations

API EndPoint : ruleGroupAssociation

Allows to associate the give rule group to selected rule groups and policies

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/ruleGroupAssociation?apiKey=********&RULE_GROUP_ID=201&SELECTED_POLICY_IDS=[301,302]&SELECTED_RG_IDS=[202,203]

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
RULE_GROUP_ID	Unique identifier of the rule group	long	-	yes
SELECTED_POLICY_IDS	Unique identifier of the policies	JSONArray	-	No
SELECTED_RG_IDS	Unique identifier of the rule groups	JSONArray	-	No

Sample Response

HTTP Code: 200

{"statusMsg":"Successfully updated Rule Group associations.","isSuccess":true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Update Rule Associations

API EndPoint : ruleAssociation

Allows to associate the give rule to selected rule groups and policies

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/ruleAssociation?apiKey=********&RULE_ID=901&SELECTED_POLICY_IDS=[301,302]&SELECTED_RG_IDS=[201,202]

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
RULE_ID	Unique identifier of the rule	long	-	yes
SELECTED_POLICY_IDS	Unique identifier of the policies	JSONArray	-	No
SELECTED_RG_IDS	Unique identifier of the rule groups	JSONArray	-	No

Sample Response

HTTP Code: 200

{"statusMsg":"Rule association updated successfully.","isSuccess":true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Unassociated Policies List

API EndPoint : getComplianceList

Returns list of policies that are not associated to the selected device or device group

HTTP Method

GET

API URL

http://localhost:8060/api/json/v2/ncmcompliance/getComplianceList?apiKey=********&ASSOCIATION=false&RESOURCEID=8

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
ASSOCIATION	Boolean value used to filter result data based on device or device group association	boolean	-	No
RESOURCEID	Unique identifier of the device	long	-	No
DG_ID	Unique identifier of the device group	long	-	No
hideStandard	Boolean value indicating if standard items are to be hidden in the result data	boolean	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "1", "page": 1, "rows": [ { "id": 302, "cell": [ 302, ".clone", "test description", "RUNNING", "admin", "admin", "", "", "[NA]", false ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Associate Policies

API EndPoint : exeAssociatePolicies

Allows to associate a device or device group to the selected policies

HTTP Method

POST

API URL

http://localhost:8060/api/json/v2/ncmcompliance/exeAssociatePolicies?apiKey=********&ASSIGNED_POLICIES=[301,302]&RESOURCEID=8

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
ASSIGNED_POLICIES	Unique identifier of the policies	JSONArray	-	No
RESOURCEID	Unique identifier of the device	long	-	No

Sample Response

HTTP Code: 200

{ "statusMsg": "Selected policies associated to the device successfully.", "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Associate Policies and Run Compliance Check

API EndPoint : exeAssociatePolicies

Allows to associate a device or device group to the selected policies

HTTP Method

POST

API URL

http://localhost:8060/api/json/v2/ncmcompliance/exeAssociatePolicies?apiKey=********&ASSIGNED_POLICIES=[301,302]&DG_ID=8&RUNCOMPCHECK_STATUS=true

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
ASSIGNED_POLICIES	Unique identifier of the policies	JSONArray	-	No
DG_ID	Unique identifier of the device group	long	-	No
RUNCOMPCHECK_STATUS	Boolean value to run compliance check	boolean	-	No

Sample Response

HTTP Code: 200

{ "statusMsg": "Selected policies associated to the device group successfully. Compliance check operation is in progress.", "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Add Rule Group Prerender Data

API EndPoint : getRuleGroupPreRenders

Returns all the prerender data for add operations of rule group

HTTP Method

GET

API URL

http://localhost:8060/api/json/v2/ncmcompliance/getRuleGroupPreRenders?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{ "addRuleGroup":{ "allRuleGroups": [ { "ruleGroupName": "Test rule group", "ruleGroupId": 302}, { "ruleGroupName": "Test RG 2", "ruleGroupId": 303}, { "ruleGroupName": "Test Rule group", "ruleGroupId": 305} ], "allRules": [ { "ruleName": "Test rule", "ruleId": 901}, { "ruleName": ".clone", "ruleId": 902}, { "ruleName": "Test compliance rule", "ruleId": 904} ]}}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Edit Rule Group Prerender Data

API EndPoint : getRuleGroupPreRenders

Returns all the prerender data for edit operations of rule group

HTTP Method

GET

API URL

http://localhost:8060/api/json/v2/ncmcompliance/getRuleGroupPreRenders?apiKey=********&COMPRULEGROUP_ID=305

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
COMPRULEGROUP_ID	Unique identifier of the rule group	long	-	yes

Sample Response

HTTP Code: 200

{ "editRuleGroup":{ "ruleGroupId": 305, "ruleGroupName": "Test Rule group", "ruleGroupDesc": "[NA]", "isStandard": false, "isDistributed": false, "associatedRuleGroups": [ 302 ], "associatedRules": [], "allRuleGroups": [ { "ruleGroupName": "Test rule group", "ruleGroupId": 302}, { "ruleGroupName": "Test RG 2", "ruleGroupId": 303} ], "allRules": [ { "ruleName": "Test rule", "ruleId": 901}, { "ruleName": ".clone", "ruleId": 902}, { "ruleName": "Test compliance rule", "ruleId": 904} ]}}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Edit Policy Prerender Data

API EndPoint : getPolicyPreRenders

Returns all the prerender data for edit operations of policy

HTTP Method

GET

API URL

http://localhost:8060/api/json/v2/ncmcompliance/getPolicyPreRenders?apiKey=********&COMPPOLICY_ID=301

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
COMPPOLICY_ID	Unique identifier of the policy	long	-	No

Sample Response

HTTP Code: 200

{ "editPolicy":{ "resourceAssociationDetails":{ "deviceAssociationDetails":{ "deviceFilterId": 602, "selectedDeviceIds": [8], "selectedDeviceList": [ { "name": "ncmd-LLL-K", "ID": "8"} ]}}, "policyDetails":{ "policyId": 301, "policyName": "Test policy", "policyDesc": "test description", "isStandard": false, "isDistributed": false, "isDisabled": false, "isRestricted": false, "autoRemediate": false, "configType": "RUNNING", "violationCriteria": "ANY_FAILURE"}, "autoRemResourceAssociationDetails":{}, "ruleGroupRuleAssociationDetails":{ "selectedRuleGroupIds": [302], "selectedRuleIds": [901], "selectedRuleGroupList": [ { "name": "Test rule group", "ID": "302"} ], "selectedRuleList": [ { "name": "Test rule", "ID": "901"} ], "availableRuleGroupList": [ { "name": "Test RG 2", "ID": "303"}, { "name": "Test Rule group", "ID": "305"} ], "availableRuleList": [ { "name": ".clone", "ID": "902"}, { "name": "Test compliance rule", "ID": "904"} ]}, "availableResourceDetails":{ "availableDeviceGroupList": [ { "name": "All Devices Group", "ID": "1"}, { "name": "Backup Failure Group", "ID": "4"}, { "name": "CiscoRouter Group", "ID": "2"}, { "name": "CiscoSwitch Group", "ID": "3"} ], "availableDeviceList": [ { "name": "192.A.B.C", "ID": "3"} ]}}}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Add Policy Prerender Details

API EndPoint : getPolicyPreRenders

Returns all the prerender data for add operations of policy

HTTP Method

GET

API URL

http://localhost:8060/api/json/v2/ncmcompliance/getPolicyPreRenders?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{"addPolicy":{ "policyDetails":{ "autoRemediate": false, "configType": "RUNNING", "violationCriteria": "ANY_FAILURE"}, "ruleGroupRuleAssociationDetails":{ "availableRuleGroupList": [ { "name": "Test rule group", "ID": "302"}, { "name": "Test RG 2", "ID": "303"}, { "name": "Test Rule group", "ID": "305"} ], "availableRuleList": [ { "name": "Test rule", "ID": "901"}, { "name": ".clone", "ID": "902"}, { "name": "Test compliance rule", "ID": "904"} ]}, "availableResourceDetails":{ "availableDeviceGroupList": [ { "name": "All Devices Group", "ID": "1"}, { "name": "Backup Failure Group", "ID": "4"}, { "name": "CiscoRouter Group", "ID": "2"}, { "name": "CiscoSwitch Group", "ID": "3"} ], "availableDeviceList": [ { "name": "192.A.B.C", "ID": "3"} ]}}}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Resource Policy Information

API EndPoint : getResPolicyInfo

Returns all the details related to the specific resource and policy from snapshot

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getResPolicyInfo?apiKey=********&snapType=ConfigResCompliance&resPolicyId=605

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
snapType	Snapshot Name	-	^(ConfigResCompliance)$	No
resPolicyId	Unique identifier of the resource and policy mapping	long	-	No

Sample Response

HTTP Code: 200

{ "LastCheckedAt": "Nov 19, 2025 15:01 PM", "Warning": 0, "Major": 0, "ComplianceStatus": false, "ResourceName": "ncmd-MMM-N", "snapDetails":{ "snapList": [ { "indexCount": 0, "ondemandWidget": false, "refresh": false, "type": "ResPolicySummary", "sizex": 10, "expand": false, "apiurl": "/client/api/json/ncmcompliance/getResPolicyInfo", "rowNum": 1, "parameter": "resPolicyId", "isEnabled": true, "colNum": 1, "name": "ncm.respolicy.summary", "header": false, "id": 416, "snapid": 416, "expandtime": false, "parameters": [], "sizey": 10, "timeSelection": false, "desc": "webclient.snapshot.name.Device.Policy.Summary"}, { "indexCount": 1, "ondemandWidget": false, "refresh": false, "type": "Remotegrid", "sizex": 5, "expand": false, "apiurl": "/client/api/json/ncmcompliance/getRuleCompliances", "rowNum": 11, "parameter": "resPolicyId", "isEnabled": true, "colNum": 1, "name": "ncm.resource.violations", "header": true, "id": 417, "snapid": 417, "snapshotData":{ "colModelList": [ { "formatter": "", "search": "", "hidden": true, "classes": "", "searchtype": "", "name": "id", "width": "", "index": "id", "sortable": ""}, { "formatter": "ruleNameStatusFomatter", "search": "", "hidden": false, "classes": "pointer", "searchtype": "", "name": "NCMComplianceRule__COMPRULE_NAME", "width": "", "index": "NCMComplianceRule__COMPRULE_NAME", "sortable": ""}, { "formatter": "groupNameFomatter", "search": "", "hidden": true, "classes": "pointer", "searchtype": "", "name": "NCMCompRuleGroup__COMPRULEGROUP_NAME", "width": "", "index": "NCMCompRuleGroup__COMPRULEGROUP_NAME", "sortable": ""}, { "formatter": "sortDescription", "search": "", "hidden": false, "classes": "pointer", "searchtype": "", "name": "NCMComplianceRule__DESCRIPTION", "width": "", "index": "NCMComplianceRule__DESCRIPTION", "sortable": ""}, { "formatter": "cmpRuleSeverityFormatter", "search": "", "hidden": true, "classes": "pointer", "searchtype": "", "name": "NCMComplianceRule__VIOLATION_SEVERITY", "width": "", "index": "NCMComplianceRule__VIOLATION_SEVERITY", "sortable": ""}, { "formatter": "remediationFormatter", "search": "", "hidden": false, "classes": "pointer", "searchtype": "", "name": "NCMComplianceRule__REMEDIATION_DESCR", "width": "", "index": "NCMComplianceRule__REMEDIATION_DESCR", "sortable": ""}, { "formatter": "remediationTemplate", "search": false, "hidden": false, "classes": "pointer", "searchtype": "", "name": "RemediationTemplate", "width": "", "index": "RemediationTemplate", "sortable": false}, { "formatter": "", "search": false, "hidden": true, "classes": "pointer", "searchtype": "", "name": "NCMComplianceRule__REMEDIATION_TEMPLATE_ID", "width": "", "index": "NCMComplianceRule__REMEDIATION_TEMPLATE_ID", "sortable": false}, { "formatter": "", "search": false, "hidden": true, "classes": "pointer", "searchtype": "", "name": "NCMResourcePolicyMap__RESOURCEID", "width": "", "index": "NCMResourcePolicyMap__RESOURCEID", "sortable": false}, { "formatter": "", "search": false, "hidden": true, "classes": "pointer", "searchtype": "", "name": "NCMComplianceRule__CRITERIA_TYPE", "width": "", "index": "NCMComplianceRule__CRITERIA_TYPE", "sortable": false} ], "colNamesList": [ "", "ncm.acd.Rule_Name", "ncm.acd.Rule_Group_Name", "jsp.admin.sharedprofile.SharedProfileAdd.Desc", "jsp.commonstr.ViolationSeverity", "jsp.compliance.AddCompRule.RemediationDescription", "jsp.compliance.AddCompRule.RemediationTemplate", "RemediationTemplate_Id", "RESOURCEID", "RULE_TYPE" ], "onselectfunction": "resourceViolations", "EE_PROBE_REQ": "true"}, "expandtime": false, "parameters": [ { "param": "compliant", "paramData": [], "value": "false"}, { "param": "severity", "paramData": [], "value": "All"} ], "sizey": 2, "timeSelection": false, "desc": "webclient.snapshot.name.Device.Policy.Violations"}, { "indexCount": 2, "ondemandWidget": false, "refresh": false, "type": "Remotegrid", "sizex": 5, "expand": false, "apiurl": "/client/api/json/ncmcompliance/getRuleCompliances", "rowNum": 11, "parameter": "resPolicyId", "isEnabled": true, "colNum": 6, "name": "ncm.resource.compliances", "header": true, "id": 418, "snapid": 418, "snapshotData":{ "colModelList": [ { "formatter": "", "search": "", "hidden": true, "classes": "", "searchtype": "", "name": "id", "width": "", "index": "id", "sortable": ""}, { "formatter": "ruleNameStatusFomatter", "search": "", "hidden": false, "classes": "pointer", "searchtype": "", "name": "NCMComplianceRule__COMPRULE_NAME", "width": "", "index": "NCMComplianceRule__COMPRULE_NAME", "sortable": ""}, { "formatter": "groupNameFomatter", "search": "", "hidden": true, "classes": "pointer", "searchtype": "", "name": "NCMCompRuleGroup__COMPRULEGROUP_NAME", "width": "", "index": "NCMCompRuleGroup__COMPRULEGROUP_NAME", "sortable": ""}, { "formatter": "sortDescription", "search": "", "hidden": false, "classes": "pointer", "searchtype": "", "name": "NCMComplianceRule__DESCRIPTION", "width": "", "index": "NCMComplianceRule__DESCRIPTION", "sortable": ""}, { "formatter": "cmpRuleSeverityFormatter", "search": "", "hidden": true, "classes": "pointer", "searchtype": "", "name": "NCMComplianceRule__VIOLATION_SEVERITY", "width": "", "index": "NCMComplianceRule__VIOLATION_SEVERITY", "sortable": ""}, { "formatter": "remediationFormatter", "search": "", "hidden": false, "classes": "pointer", "searchtype": "", "name": "NCMComplianceRule__REMEDIATION_DESCR", "width": "", "index": "NCMComplianceRule__REMEDIATION_DESCR", "sortable": ""}, { "formatter": "remediationTemplate", "search": false, "hidden": false, "classes": "pointer", "searchtype": "", "name": "RemediationTemplate", "width": "", "index": "RemediationTemplate", "sortable": false}, { "formatter": "", "search": false, "hidden": true, "classes": "pointer", "searchtype": "", "name": "NCMComplianceRule__REMEDIATION_TEMPLATE_ID", "width": "", "index": "NCMComplianceRule__REMEDIATION_TEMPLATE_ID", "sortable": false}, { "formatter": "", "search": false, "hidden": true, "classes": "pointer", "searchtype": "", "name": "NCMResourcePolicyMap__RESOURCEID", "width": "", "index": "NCMResourcePolicyMap__RESOURCEID", "sortable": false}, { "formatter": "", "search": false, "hidden": true, "classes": "pointer", "searchtype": "", "name": "NCMComplianceRule__CRITERIA_TYPE", "width": "", "index": "NCMComplianceRule__CRITERIA_TYPE", "sortable": false} ], "colNamesList": [ "", "ncm.acd.Rule_Name", "ncm.acd.Rule_Group_Name", "jsp.admin.sharedprofile.SharedProfileAdd.Desc", "jsp.commonstr.ViolationSeverity", "jsp.compliance.AddCompRule.RemediationDescription", "jsp.compliance.AddCompRule.RemediationTemplate", "RemediationTemplate_Id", "RESOURCEID", "RULE_TYPE" ], "onselectfunction": "resourceViolations", "EE_PROBE_REQ": "true"}, "expandtime": false, "parameters": [ { "param": "compliant", "paramData": [], "value": "true"}, { "param": "severity", "paramData": [], "value": "All"} ], "sizey": 2, "timeSelection": false, "desc": "webclient.snapshot.name.Device.Policy.Compliant.Rules"} ], "snapshotID": "34", "snapshotDesc": "snapshot.desc.configresCompliance", "snapshotName": "ConfigResCompliance", "tabs":{ "tabs": [], "tabWidgets":{}}, "timeSelectionNeeded": false, "yScale": 25, "maxColumns": 10}, "PolicyName": ".clone", "Critical": 1, "id": 605, "Success": 0}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Central Policies List

API EndPoint : getCentralComplianceList

Returns list of devices along with its compliance status data. Used only in central servers

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getCentralComplianceList?apiKey=********&Status=VIOLATION

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
Status	Used to filter data based on compliance status	String	-	No
DG_ID	Unique identifier of the device group	long	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "1", "rows": [ { "id": 10000000003, "cell": [ 10000000003, "CiscoRouter140.manageenginge.com", "C2951", "CISCO2951/K9", "VIOLATION", "2025-11-19 17:01:13.495", "P1" ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Compliance Policy Violations

API EndPoint : getCompliancePolicyViolations

Returns list of policy with compliance data which includes count of rules of that policy that are compliant, and in case of violation, counts of critical, major and warning

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getCompliancePolicyViolations?apiKey=********&ResourceId=8

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
ResourceId	Unique identifier of the device	long	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "page": 1, "rows": [ { "id": 305, "cell": [ "305", "Test compliance policy", "1", "0", "0", "0" ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Grid Severity Count

API EndPoint : getFirmwareVulnerabilityGridSeverityCount

Retrieves a summary of firmware vulnerabilities detected across network devices, grouped by device group.

The response provides overall counts of vulnerabilities—including severity breakdowns (such as “critical” and “exploit” counts)—and supports metadata for device group selection, enabling integration with dashboards, reports, and vulnerability management views.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmwareVulnerabilityGridSeverityCount?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{ "IsDeviceGroupSelected": false, "LoginId": 1, "GROUPS": [ { "value": "All Devices Group", "key": "1", "selected": false}, { "value": "Backup Failure Group", "key": "4", "selected": false}, { "value": "Chennai Devices Group", "key": "306", "selected": false}, { "value": "Chennai DG", "key": "307", "selected": false}, { "value": "CIS Cisco ASA Group", "key": "6", "selected": false}, { "value": "CIS Cisco IOS Group", "key": "5", "selected": false}, { "value": "Cisco Only Group", "key": "305", "selected": false}, { "value": "CiscoRouter Group", "key": "2", "selected": false} ], "exploitCount": 2, "DG_DESCRIPTION":{ "1": "ncm.default_devicegroup.description", "2": "ncm.ciscorouter_group.description", "4": "This device group contains all the backup failed devices", "5": "ncm.devicegroup.cisco.ios.desc", "6": "ncm.devicegroup.cisco.asa.desc", "305": "Cisco Only Group", "306": "Chennai Devices Group", "307": "Chennai DG"}, "DG_INFO":{ "1": "All Devices Group", "2": "CiscoRouter Group", "4": "Backup Failure Group", "5": "CIS Cisco IOS Group", "6": "CIS Cisco ASA Group", "305": "Cisco Only Group", "306": "Chennai Devices Group", "307": "Chennai DG"}, "totalCount": 426, "criticalCount": 35, "SHOW_ONLY_PUBLIC_DEVICE_GROUP": false}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Details

API EndPoint : getFirmVulnDetails

Fetches firmware vulnerability details

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulnDetails?apiKey=********&SEVERITY=critical,important

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
SEVERITY	Filter by severity: "critical", "important", "moderate", "low", or "all". Comma separated values. Example: critical,important or all	-	(((critical\|important\|moderate\|low)+)(,(critical\|important\|moderate\|low)+)*)\|(all)	No
EXPLOIT	Filter by exploit presence: true or false	boolean	-	No
pageNo	Page number for paginated results.	int	-	No
viewsPerPage	Number of records per page	int	-	No
searchkey	Keyword search for CVE identifiers (e.g., CVE-2021-12345).	-	^[p{L}p{N}-]+$	No

Sample Response

HTTP Code: 200

{ "records": 10, "total_rec": 426, "details": [ { "severity": "Critical", "summary": "JSA series devices or virtual machines with JSA software releases: 2013.2, 2014.1, 2014.2 and STRM series devices or virtual machines with STRM software releases: 2012.1, 2013.1, 2013.2", "devicecount": 2, "cveid": "CVE-2010-5298", "vulType": [ "Denial Of Service" ], "truncateLinks": false, "basescore": 10, "exploit": false, "vulid": 1099, "url": [ "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", "https://supportportal.juniper.net/s/article/2014-08-Security-Bulletin-Juniper-Secure-Analytics-JSA-Security-Threat-Response-Manager-STRM-Multiple-vulnerabilities-resolved-by-third-party-software-upgrades", "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", "https://nvd.nist.gov/vuln/detail/CVE-2010-5298" ]}, { "severity": "Critical", "summary": "OpenSSL ECDSA nonce disclosure via cache side-channel attacks vulnerability.", "devicecount": 2, "cveid": "CVE-2014-0076", "vulType": [ "Denial Of Service" ], "truncateLinks": false, "basescore": 10, "exploit": false, "vulid": 1843, "url": [ "https://supportportal.juniper.net/s/article/2014-11-Security-Bulletin-CTPOS-Multiple-vulnerabilities-resolved-by-third-party-software-upgrades", "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", "https://nvd.nist.gov/vuln/detail/CVE-2014-0076" ]}, { "severity": "Critical", "summary": "OpenSSL does not properly restrict processing of ChangeCipherSpec messages aka the CCS Injection vulnerability.", "devicecount": 2, "cveid": "CVE-2014-0224", "vulType": [ "Denial Of Service" ], "truncateLinks": false, "basescore": 10, "exploit": false, "vulid": 1849, "url": [ "https://supportportal.juniper.net/s/article/2014-11-Security-Bulletin-CTPOS-Multiple-vulnerabilities-resolved-by-third-party-software-upgrades", "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29217", "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", "https://nvd.nist.gov/vuln/detail/CVE-2014-0224", "https://csaf.arubanetworking.hpe.com/2014/hpe_aruba_networking_-_2014-004-aid06062014.txt", "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm" ]}, { "severity": "Critical", "summary": "QFabric 3100 Director: CUPS printing system Improper Update of Reference Count leads to remote chained vulnerability attack via XSS against authenticated users (CVE-2015-1158, CVE-2015-1159)", "devicecount": 2, "cveid": "CVE-2015-1158", "vulType": [ "Not Defined" ], "truncateLinks": false, "basescore": 10, "exploit": false, "vulid": 27957, "url": [ "https://supportportal.juniper.net/s/article/2020-07-Security-Bulletin-Junos-Space-and-Junos-Space-Security-Director-Multiple-vulnerabilities-resolved-in-20-1R1-release?language=en_US", "https://supportportal.juniper.net/s/article/2015-10-Security-Bulletin-QFabric-3100-Director-CUPS-printing-system-Improper-Update-of-Reference-Count-leads-to-remote-chained-vulnerability-attack-via-XSS-against-authenticated-users-CVE-2015-1158-CVE-2015-1159", "https://nvd.nist.gov/vuln/detail/CVE-2015-1158" ]}, { "severity": "Critical", "summary": "An information leak vulnerability in J-Web may allow unauthenticated remote users with network access to the J-Web service to gain administrative privileges or perform certain administrative actions on the device.", "devicecount": 2, "cveid": "CVE-2016-1279", "vulType": [ "Denial Of Service" ], "truncateLinks": false, "basescore": 10, "exploit": false, "vulid": 2666, "url": [ "https://supportportal.juniper.net/s/article/2016-07-Security-Bulletin-Junos-J-Web-Privilege-Escalation-due-to-information-leak-CVE-2016-1279", "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10754", "https://nvd.nist.gov/vuln/detail/CVE-2016-1279" ]}, { "severity": "Critical", "summary": "Multiple vulnerabilities have been fixed in Juniper Networks NSM products (NSMXpress, NSMXpress II, NSM3000, and NSMserver) as a result of upgrading base operating system to CentOS 5.7 on NSM Appliances and RedHat EL 5.7 on software NSM installations.", "devicecount": 2, "cveid": "CVE-2011-1944", "vulType": [ "Overflow" ], "truncateLinks": false, "basescore": 9.8, "exploit": false, "vulid": 27795, "url": [ "https://supportportal.juniper.net/s/article/2012-11-Security-Bulletin-NSM-Products-Multiple-vulnerabilities-in-Network-and-Security-Manager-products", "https://supportportal.juniper.net/s/article/2021-04-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-21-1R1", "https://nvd.nist.gov/vuln/detail/CVE-2011-1944" ]}, { "severity": "Critical", "summary": "Denial of service vulnerability related to hash collisions.", "devicecount": 2, "cveid": "CVE-2012-0841", "vulType": [ "Denial Of Service" ], "truncateLinks": false, "basescore": 9.8, "exploit": false, "vulid": 27813, "url": [ "https://supportportal.juniper.net/s/article/2015-01-Security-Bulletin-Junos-Multiple-vulnerabilities-in-libxml2-library", "https://supportportal.juniper.net/s/article/2021-04-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-21-1R1", "https://nvd.nist.gov/vuln/detail/CVE-2012-0841" ]}, { "severity": "Critical", "summary": "Denial of service or arbitrary code execution vulnerability.", "devicecount": 2, "cveid": "CVE-2012-5134", "vulType": [ "Overflow" ], "truncateLinks": false, "basescore": 9.8, "exploit": false, "vulid": 27837, "url": [ "https://supportportal.juniper.net/s/article/2015-01-Security-Bulletin-Junos-Multiple-vulnerabilities-in-libxml2-library", "https://supportportal.juniper.net/s/article/2021-04-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-21-1R1", "https://nvd.nist.gov/vuln/detail/CVE-2012-5134" ]}, { "severity": "Critical", "summary": "Denial of service vulnerability related to entity expansion.", "devicecount": 2, "cveid": "CVE-2013-0338", "vulType": [ "Overflow" ], "truncateLinks": false, "basescore": 9.8, "exploit": false, "vulid": 27845, "url": [ "https://supportportal.juniper.net/s/article/2015-01-Security-Bulletin-Junos-Multiple-vulnerabilities-in-libxml2-library", "https://supportportal.juniper.net/s/article/2021-04-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-21-1R1", "https://nvd.nist.gov/vuln/detail/CVE-2013-0338" ]}, { "severity": "Critical", "summary": "Denial of service related to documents that end abruptly.", "devicecount": 2, "cveid": "CVE-2013-2877", "vulType": [ "Overflow" ], "truncateLinks": false, "basescore": 9.8, "exploit": false, "vulid": 27856, "url": [ "https://supportportal.juniper.net/s/article/2015-01-Security-Bulletin-Junos-Multiple-vulnerabilities-in-libxml2-library", "https://supportportal.juniper.net/s/article/2021-04-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-21-1R1", "https://nvd.nist.gov/vuln/detail/CVE-2013-2877" ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get NCM FV List All Sub Grid

API EndPoint : getNCMFirmwareVulListAllSubGrid

Retrieves a list of all devices affected by a specific firmware vulnerability (specified by vulnerability ID).

The response provides details for each device/resource, including model, vendor, firmware version, host name, patch info, and vulnerability state.

This API is useful for drilling down from a vulnerability summary to the specific devices impacted, enabling targeted remediation and reporting.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getNCMFirmwareVulListAllSubGrid?apiKey=********&vulId=942

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
vulId	The unique identifier of the firmware vulnerability	long	-	No

Sample Response

HTTP Code: 200

{ "Result": [ { "Series": "[NA]", "resourceID": "2", "Version": "[NA]", "Model": "[NA]", "STATE": "Reported", "Vendor": "Fortinet", "vulid": "942", "HostName": "10.5.X.X", "PATCH": "Patch finding not supported for this vendor", "PATCH_ID": 13146782}, { "Series": "[NA]", "resourceID": "4", "Version": "[NA]", "Model": "[NA]", "STATE": "Reported", "Vendor": "Juniper", "vulid": "376", "HostName": "10.5.X.X", "PATCH_ID": 13146782, "PATCH": "14.1R1"} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Last Update Details

API EndPoint : getFVLastUpdatedDetails

Retrieves the last and next scheduled update times, current sync status messages, and database sync configuration for the firmware vulnerability database.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFVLastUpdatedDetails?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{ "nextUpdateTime_monthDay": "Nov 16, 2025", "stratusConnFailure": "false", "lastUpdateStatus": "SUCCESS", "nextUpdateTime_time": "03:00:00", "lastUpdateTime": "Nov 12, 2025 03:00:00", "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Save FV Cve State Values

API EndPoint : saveFirmwareVulnerabilityCveStateValues

Saves or updates the state/status of one or more firmware vulnerabilities (CVEs) for network devices.

This endpoint allows you to set the vulnerability status to values such as "Reported," "Confirmed," "Resolution planned," "Resolved," or "Not applicable" for tracking and remediation workflows.

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/saveFirmwareVulnerabilityCveStateValues?apiKey=********&STATEDETAILS=[{vulid:1099,state:Resolved},{vulid:1843,state:Confirmed}]

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
STATEDETAILS	An array of vulnerability state objects. Each object must include. vulid - Unique identifier of the firmware vulnerability state - Vulnerability status. Allowed: `Reported`, `Confirmed`, `Resolution planned`, `Resolved`, `Not applicable` Eg:[ { "vulid": 1099, "state": "Resolved"}, { "vulid": 1843, "state": "Confirmed"}]	JSONArray	-	No

Sample Response

HTTP Code: 200

{"isSuccess":true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Cve Details For FV Cve Search Tool

API EndPoint : getCveDetailsForFirmwareVulnerabilityCveSearchTool

This API initiates a search process for detailed information about firmware vulnerabilities using specific criteria—such as CVE ID, vendor, OS type, or OS version.

Upon submitting a search request, the API processes the input and returns a status indicating completion. The actual search results are delivered asynchronously via a webhook, including affected versions and additional vulnerability details.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getCveDetailsForFirmwareVulnerabilityCveSearchTool?apiKey=********&CVE_ID=CVE-2010-5298

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
CVE_ID	Unique CVE identifier to search	String	-	No
resourceId	Resource ID on which the operation was performed	long	-	No

Sample Response

HTTP Code: 200

{"isProcessCompleted":false}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Stop Cve Search Tool

API EndPoint : stopCveSearchTool

This Api cancels any ongoing search operation started via the CVE search tool

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/stopCveSearchTool?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{"isSuccess":true,"msg":"Search is stopped"}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Cve Grid Details For Search

API EndPoint : getCveGridDetailsForSearchTool

Returns key details about matched CVEs including summary, severity, base score, affected products, vulnerability type, and external reference URLs, enabling efficient lookup and triage for vulnerability management.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getCveGridDetailsForSearchTool?apiKey=********&searchStr=CVE-2023-12345

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
searchStr	Keyword search string (CVE ID, summary, vendor, etc.)	String	-	No

Sample Response

HTTP Code: 200

{ "LAST_UPDATED_DATE": "Aug 14, 2025 00:00:00", "SUMMARY": "Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities", "PUBLISHED_DATE": "Aug 14, 2025 00:00:00", "BASESCORE2": 8.6, "SEVERITYNAME": "Important", "VULTYPE": [ "Denial Of Service" ], "URL": [ "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-DOESHWHy" ], "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Dashboard Table

API EndPoint : getFirmwareVulnerabilityDashBoardTable

Returns summary details for each vulnerability, such as CVE ID, base score, severity, exploit status, and affected device count.

Supports filtering the vulnerabilities list by severity.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmwareVulnerabilityDashBoardTable?apiKey=********&SEVERITY=critical,important

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
SEVERITY	Filter by severity: "critical", "important", "moderate", "low", or "all". Comma separated values. Example: critical,important or all	String	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 23, "records": "227", "page": 1, "rows": [ { "cell": [ 1099, "CVE-2010-5298", 10, 4, false, 2 ]}, { "cell": [ 1843, "CVE-2014-0076", 10, 4, false, 2 ]}, { "cell": [ 1849, "CVE-2014-0224", 10, 4, false, 2 ]}, { "cell": [ 27957, "CVE-2015-1158", 10, 4, false, 2 ]}, { "cell": [ 2666, "CVE-2016-1279", 10, 4, false, 2 ]}, { "cell": [ 27795, "CVE-2011-1944", 9.8, 4, false, 2 ]}, { "cell": [ 27813, "CVE-2012-0841", 9.8, 4, false, 2 ]}, { "cell": [ 27837, "CVE-2012-5134", 9.8, 4, false, 2 ]}, { "cell": [ 27845, "CVE-2013-0338", 9.8, 4, false, 2 ]}, { "cell": [ 27856, "CVE-2013-2877", 9.8, 4, false, 2 ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Grid

API EndPoint : getFirmVulnGrid

Retrieves a paginated grid of firmware vulnerabilities, including CVE IDs, severity scores, vulnerability types, exploit status, and affected device counts.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulnGrid?apiKey=********&SEVERITY=critical,important

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
SEVERITY	Filter by severity: "critical", "important", "moderate", "low", or "all". Comma separated values. Example: critical,important or all	String	-	No
EXPLOIT	Filters vulnerabilities by exploit available (`true` or `false`).	boolean	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": 10, "page": 1, "rows": [ { "cell": [ 29040, "CVE-2021-23839", 3.7, 1, [ "Not Defined" ], false, 2 ]}, { "cell": [ 29538, "CVE-2024-2511", 3.7, 1, [ "Denial Of Service" ], false, 2 ]}, { "cell": [ 2203, "CVE-2015-0209", 2.6, 1, [ "Gain privileges" ], false, 2 ]}, { "cell": [ 2206, "CVE-2015-0287", 2.6, 1, [ "Cross Site Scripting" ], false, 2 ]}, { "cell": [ 2207, "CVE-2015-0288", 2.6, 1, [ "Directory traversal" ], false, 2 ]}, { "cell": [ 2208, "CVE-2015-0289", 2.6, 1, [ "Cross Site Scripting" ], false, 2 ]}, { "cell": [ 2211, "CVE-2015-0292", 2.6, 1, [ "Execute Code" ], false, 2 ]}, { "cell": [ 2212, "CVE-2015-0293", 2.6, 1, [ "Execute Code" ], false, 2 ]}, { "cell": [ 27706, "CVE-2006-4304", 1, 1, [ "Overflow" ], false, 2 ]}, { "cell": [ 29489, "CVE-2023-3824", 1, 1, [ "Overflow" ], false, 2 ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Snap Shot FV Details

API EndPoint : getSnapshotFirmwareVulnerabilityDetails

Retrieves a snapshot listing of firmware vulnerabilities affecting a specific device/resource.

For the provided resource ID, the response includes paginated vulnerability records with CVE details, vulnerability type, score, severity, and firmware version.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getSnapshotFirmwareVulnerabilityDetails?apiKey=********&resourceId=305

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
resourceId	Resource id of the device	long	-	No

Sample Response

HTTP Code: 200

{ "total": 10, "records": "92", "page": 1, "rows": [ { "cell": [ 305, "CVE-2017-12240", "CVE-2017-12240", [ "Denial Of Service" ], 9.8, "Critical", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2020-3198", "CVE-2020-3198", [ "Execute Code" ], 9.8, "Critical", "15.6(3)M2a" ]}, { "cell": [ 305, "CVE-2020-3258", "CVE-2020-3258", [ "Execute Code" ], 9.8, "Critical", "15.6(3)M2a" ]}, { "cell": [ 305, "CVE-2025-20363", "CVE-2025-20363", [], 9, "Critical", "NA" ]}, { "cell": [ 305, "CVE-2020-3205", "CVE-2020-3205", [ "Execute Code" ], 8.8, "Important", "15.6(3)M2a" ]}, { "cell": [ 305, "CVE-2020-3217", "CVE-2020-3217", [ "Overflow" ], 8.8, "Important", "15.6(3)M8" ]}, { "cell": [ 305, "CVE-2017-6736", "CVE-2017-6736", [ "Gain privileges" ], 8.8, "Important", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2017-6737", "CVE-2017-6737", [ "Denial Of Service" ], 8.8, "Important", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2017-6738", "CVE-2017-6738", [ "Denial Of Service" ], 8.8, "Important", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2017-6739", "CVE-2017-6739", [ "Obtain Information" ], 8.8, "Important", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2017-6740", "CVE-2017-6740", [ "Obtain Information" ], 8.8, "Important", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2017-6741", "CVE-2017-6741", [ "Denial Of Service" ], 8.8, "Important", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2017-6742", "CVE-2017-6742", [ "Denial Of Service" ], 8.8, "Important", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2017-6743", "CVE-2017-6743", [ "Bypass a restriction or similar" ], 8.8, "Important", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2017-6744", "CVE-2017-6744", [ "Execute Code" ], 8.8, "Important", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2018-0167", "CVE-2018-0167", [ "Execute Code" ], 8.8, "Important", "15.4(3)M9" ]}, { "cell": [ 305, "CVE-2018-0175", "CVE-2018-0175", [ "Obtain Information" ], 8.8, "Important", "15.4(3)M9" ]}, { "cell": [ 305, "CVE-2019-16009", "CVE-2019-16009", [ "Denial Of Service" ], 8.8, "Important", "15.6(3)M8" ]}, { "cell": [ 305, "CVE-2020-3234", "CVE-2020-3234", [ "Denial Of Service" ], 8.8, "Important", "15.6(3)M2a" ]}, { "cell": [ 305, "CVE-2017-12228", "CVE-2017-12228", [ "Obtain Information" ], 8.7, "Important", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2020-3408", "CVE-2020-3408", [ "Bypass a restriction or similar" ], 8.6, "Important", "15.6(3)M9" ]}, { "cell": [ 305, "CVE-2025-20252", "CVE-2025-20252", [ "Denial Of Service" ], 8.6, "Important", "NA" ]}, { "cell": [ 305, "CVE-2019-1751", "CVE-2019-1751", [ "Denial Of Service" ], 8.6, "Important", "15.5(3)M9" ]}, { "cell": [ 305, "CVE-2019-1752", "CVE-2019-1752", [ "Gain privileges" ], 8.6, "Important", "15.5(3)M0a" ]}, { "cell": [ 305, "CVE-2025-20253", "CVE-2025-20253", [ "Denial Of Service" ], 8.6, "Important", "NA" ]}, { "cell": [ 305, "CVE-2020-3226", "CVE-2020-3226", [ "Denial Of Service" ], 8.6, "Important", "15.5(3)M0a" ]}, { "cell": [ 305, "CVE-2019-1737", "CVE-2019-1737", [ "Cross Site Scripting" ], 8.6, "Important", "15.4(3)M9" ]}, { "cell": [ 305, "CVE-2017-3864", "CVE-2017-3864", [ "Denial Of Service" ], 8.6, "Important", "15.4(3)M7" ]}, { "cell": [ 305, "CVE-2024-20311", "CVE-2024-20311", [ "Denial Of Service" ], 8.6, "Important", "15.9(3)M8" ]}, { "cell": [ 305, "CVE-2024-20308", "CVE-2024-20308", [ "Denial Of Service" ], 8.6, "Important", "15.9(3)M9" ]}, { "cell": [ 305, "CVE-2018-0485", "CVE-2018-0485", [ "Bypass a restriction or similar" ], 8.6, "Important", "15.4(3)M10" ]}, { "cell": [ 305, "CVE-2024-20307", "CVE-2024-20307", [ "Denial Of Service" ], 8.6, "Important", "15.9(3)M9" ]}, { "cell": [ 305, "CVE-2019-12654", "CVE-2019-12654", [ "Denial Of Service" ], 8.6, "Important", "15.5(3)M10" ]}, { "cell": [ 305, "CVE-2023-20080", "CVE-2023-20080", [ "Execute Code" ], 8.6, "Important", "15.8(3)M9" ]}, { "cell": [ 305, "CVE-2025-20154", "CVE-2025-20154", [ "Denial Of Service" ], 8.6, "Important", "15.9(3)M11" ]}, { "cell": [ 305, "CVE-2024-20433", "CVE-2024-20433", [ "Overflow" ], 8.6, "Important", "15.9(3)M10" ]}, { "cell": [ 305, "CVE-2018-0154", "CVE-2018-0154", [ "Denial Of Service" ], 8.6, "Important", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2025-20254", "CVE-2025-20254", [ "Denial Of Service" ], 8.6, "Important", "NA" ]}, { "cell": [ 305, "CVE-2025-20239", "CVE-2025-20239", [ "Denial Of Service" ], 8.6, "Important", "NA" ]}, { "cell": [ 305, "CVE-2025-20225", "CVE-2025-20225", [ "Denial Of Service" ], 8.6, "Important", "NA" ]}, { "cell": [ 305, "CVE-2017-12231", "CVE-2017-12231", [ "CSRF" ], 8.6, "Important", "15.4(3)M7" ]}, { "cell": [ 305, "CVE-2025-20224", "CVE-2025-20224", [ "Denial Of Service" ], 8.6, "Important", "NA" ]}, { "cell": [ 305, "CVE-2025-20182", "CVE-2025-20182", [ "Denial Of Service" ], 8.6, "Important", "15.9(3)M11" ]}, { "cell": [ 305, "CVE-2017-12237", "CVE-2017-12237", [ "CSRF" ], 8.6, "Important", "15.4(3)M8" ]}, { "cell": [ 305, "CVE-2017-3857", "CVE-2017-3857", [ "Bypass a restriction or similar" ], 8.6, "Important", "15.4(3)M7" ]}, { "cell": [ 305, "CVE-2016-6380", "CVE-2016-6380", [ "Execute Code" ], 8.3, "Important", "15.4(3)M6" ]}, { "cell": [ 305, "CVE-2020-3199", "CVE-2020-3199", [ "Execute Code" ], 8.1, "Important", "15.6(3)M2a" ]}, { "cell": [ 305, "CVE-2020-3257", "CVE-2020-3257", [ "Obtain Information" ], 8.1, "Important", "15.6(3)M2a" ]}, { "cell": [ 305, "CVE-2023-20186", "CVE-2023-20186", [ "Bypass" ], 8, "Important", "15.9(3)M8" ]}, { "cell": [ 305, "CVE-2016-6382", "CVE-2016-6382", [ "Obtain Information" ], 7.8, "Important", "15.4(3)M6" ]}, { "cell": [ 305, "CVE-2016-6415", "CVE-2016-6415", [ "Bypass a restriction or similar" ], 7.8, "Important", "15.4(3)M6a" ]}, { "cell": [ 305, "CVE-2016-6392", "CVE-2016-6392", [ "Obtain Information" ], 7.8, "Important", "15.4(3)M6" ]}, { "cell": [ 305, "CVE-2016-6384", "CVE-2016-6384", [ "Denial Of Service" ], 7.8, "Important", "15.4(3)M6" ]}, { "cell": [ 305, "CVE-2025-20171", "CVE-2025-20171", [ "Denial Of Service" ], 7.7, "Important", "15.9(3)M11" ]}, { "cell": [ 305, "CVE-2020-3200", "CVE-2020-3200", [ "Execute Code" ], 7.7, "Important", "15.6(3)M8" ]}, { "cell": [ 305, "CVE-2021-1620", "CVE-2021-1620", [ "Bypass a restriction or similar" ], 7.7, "Important", "15.7(3)M9" ]}, { "cell": [ 305, "CVE-2021-34699", "CVE-2021-34699", [ "Denial Of Service" ], 7.7, "Important", "15.5(3)M0a" ]}, { "cell": [ 305, "CVE-2022-20920", "CVE-2022-20920", [ "Not Defined" ], 7.7, "Important", "15.8(3)M9" ]}, { "cell": [ 305, "CVE-2025-20169", "CVE-2025-20169", [ "Denial Of Service" ], 7.7, "Important", "15.9(3)M11" ]}, { "cell": [ 305, "CVE-2025-20170", "CVE-2025-20170", [ "Denial Of Service" ], 7.7, "Important", "15.9(3)M11" ]}, { "cell": [ 305, "CVE-2025-20172", "CVE-2025-20172", [ "Denial Of Service" ], 7.7, "Important", "15.9(3)M11" ]}, { "cell": [ 305, "CVE-2025-20173", "CVE-2025-20173", [ "Denial Of Service" ], 7.7, "Important", "15.9(3)M11" ]}, { "cell": [ 305, "CVE-2025-20174", "CVE-2025-20174", [ "Denial Of Service" ], 7.7, "Important", "15.9(3)M11" ]}, { "cell": [ 305, "CVE-2025-20175", "CVE-2025-20175", [ "Denial Of Service" ], 7.7, "Important", "15.9(3)M11" ]}, { "cell": [ 305, "CVE-2025-20176", "CVE-2025-20176", [ "Denial Of Service" ], 7.7, "Important", "15.9(3)M11" ]}, { "cell": [ 305, "CVE-2025-20352", "CVE-2025-20352", [], 7.7, "Important", "NA" ]}, { "cell": [ 305, "CVE-2020-3230", "CVE-2020-3230", [ "Denial Of Service" ], 7.5, "Important", "15.5(3)M10" ]}, { "cell": [ 305, "CVE-2020-3511", "CVE-2020-3511", [ "Cross Site Scripting" ], 7.4, "Important", "15.5(3)M0a" ]}, { "cell": [ 305, "CVE-2017-12232", "CVE-2017-12232", [ "Cross Site Scripting" ], 7.4, "Important", "15.4(3)M7" ]}, { "cell": [ 305, "CVE-2024-20312", "CVE-2024-20312", [ "Denial Of Service" ], 7.4, "Important", "15.6(3)M2a" ]}, { "cell": [ 305, "CVE-2019-1748", "CVE-2019-1748", [ "Denial Of Service" ], 7.4, "Important", "15.5(3)M8" ]}, { "cell": [ 305, "CVE-2022-20761", "CVE-2022-20761", [ "Execute Code" ], 7.4, "Important", "15.5(3)M0a" ]}, { "cell": [ 305, "CVE-2018-0466", "CVE-2018-0466", [ "Obtain Information" ], 7.4, "Important", "15.4(3)M7" ]}, { "cell": [ 305, "CVE-2018-15373", "CVE-2018-15373", [ "Gain privileges" ], 7.4, "Important", "15.4(3)M10" ]}, { "cell": [ 305, "CVE-2016-6381", "CVE-2016-6381", [ "Cross Site Scripting" ], 7.1, "Important", "15.4(3)M6" ]}, { "cell": [ 305, "CVE-2016-6393", "CVE-2016-6393", [ "Obtain Information" ], 7.1, "Important", "15.4(3)M6" ]}, { "cell": [ 305, "CVE-2020-3228", "CVE-2020-3228", [ "Obtain Information" ], 6.8, "Moderate", "15.5(3)M0a" ]}, { "cell": [ 305, "CVE-2019-12669", "CVE-2019-12669", [ "Directory traversal" ], 6.8, "Moderate", "15.5(3)M10" ]}, { "cell": [ 305, "CVE-2021-34703", "CVE-2021-34703", [ "Denial Of Service" ], 6.8, "Moderate", "15.7(3)M9" ]}, { "cell": [ 305, "CVE-2023-20081", "CVE-2023-20081", [ "Obtain Information" ], 6.8, "Moderate", "15.8(3)M10" ]}, { "cell": [ 305, "CVE-2018-15369", "CVE-2018-15369", [ "Denial Of Service" ], 6.8, "Moderate", "15.4(3)M9" ]}, { "cell": [ 305, "CVE-2018-0282", "CVE-2018-0282", [ "Cross Site Scripting" ], 6.8, "Moderate", "15.4(3)M10" ]}, { "cell": [ 305, "CVE-2020-3204", "CVE-2020-3204", [ "Execute Code" ], 6.7, "Moderate", "15.6(3)M8" ]}, { "cell": [ 305, "CVE-2023-20109", "CVE-2023-20109", [ "Execute Code" ], 6.6, "Moderate", "15.9(3)M8" ]}, { "cell": [ 305, "CVE-2020-3201", "CVE-2020-3201", [ "Execute Code" ], 6.5, "Moderate", "15.6(3)M8" ]}, { "cell": [ 305, "CVE-2025-20149", "CVE-2025-20149", [], 6.5, "Moderate", "NA" ]}, { "cell": [ 305, "CVE-2016-1409", "CVE-2016-1409", [ "CSRF" ], 5.8, "Moderate", "15.4(3)M6" ]}, { "cell": [ 305, "CVE-2021-34705", "CVE-2021-34705", [ "Bypass a restriction or similar" ], 5.3, "Moderate", "15.7(3)M8" ]}, { "cell": [ 305, "CVE-2019-12665", "CVE-2019-12665", [ "Denial Of Service" ], 4.8, "Moderate", "15.5(3)M9" ]}, { "cell": [ 305, "CVE-2019-1761", "CVE-2019-1761", [ "Obtain Information" ], 4.3, "Moderate", "15.5(3)M9" ]}, { "cell": [ 305, "CVE-2025-20151", "CVE-2025-20151", [ "Not Defined" ], 4.3, "Moderate", "NA" ]}, { "cell": [ 305, "CVE-2017-6770", "CVE-2017-6770", [ "Obtain Information" ], 4.2, "Moderate", "15.4(3)M8" ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Cve Details For FV

API EndPoint : getCveDetailsForFirmwareVulnerability

Retrieves comprehensive details for a specified CVE (Common Vulnerabilities and Exposures) ID related to firmware vulnerabilities.

The response includes summary, affected devices, vulnerability state, severity, score, update dates, comments, and reference URLs to aid vulnerability research and remediation tracking.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getCveDetailsForFirmwareVulnerability?apiKey=********&CVEID=CVE-2010-5298

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
CVEID	Unique identifier of CVE	String	-	No

Sample Response

HTTP Code: 200

{ "LAST_UPDATED_DATE": "Mar 28, 2015 02:50:00", "Vulnerable_devices_ID": 942, "SUMMARY": "JSA series devices or virtual machines with JSA software releases: 2013.2, 2014.1, 2014.2 and STRM series devices or virtual machines with STRM software releases: 2012.1, 2013.1, 2013.2", "CVEID": "CVE-2010-5298", "PUBLISHED_DATE": "Jun 06, 2014 05:40:00", "BASESCORE2": 10, "STATE": "Resolved", "SEVERITYNAME": "Critical", "COMMENT": "[NA]", "URL": [ "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", "https://supportportal.juniper.net/s/article/2014-08-Security-Bulletin-Juniper-Secure-Analytics-JSA-Security-Threat-Response-Manager-STRM-Multiple-vulnerabilities-resolved-by-third-party-software-upgrades", "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl", "http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195", "https://nvd.nist.gov/vuln/detail/CVE-2010-5298" ], "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Cve Affected Device Details

API EndPoint : getCveAffectedDeviceDetails

Retrieves a list of devices affected by a specific firmware vulnerability, based on the provided CVE ID.

The response includes paginated details for each matched device such as resource ID, IP/hostname, vendor, firmware version, patch version, and vulnerability state.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getCveAffectedDeviceDetails?apiKey=********&CVEID=CVE-2010-5298

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
CVEID	Unique identifier of CVE	String	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "2", "page": 1, "rows": [ { "cell": [ 942, 2, "10.5.X.X", "Fortinet", "[NA]", "[NA]", "[NA]", "Patch finding not supported for this vendor", "Resolved", "Resolved" ]}, { "cell": [ 376, 4, "10.5.X.X", "Juniper", "[NA]", "[NA]", "[NA]", "14.1R1", "Reported", "Reported" ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Start FV Sync Process

API EndPoint : startFirmwareVulDataSyncProcess

Initiates synchronization of firmware vulnerability data with the NCM Data Center.

This API should be used to trigger an immediate sync to update the local vulnerability information with the latest available data from NCM Data Center.

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/startFirmwareVulDataSyncProcess?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{"showMsg":true,"isSuccess":true,"status":""}

Error Response

View common error responses

Rate limit: 5 requests per minute. Exceeding this limit will block requests for 1 minute

Set FV Periodic Update Time

API EndPoint : setFirmwareVulnerabilityPeriodicUpdateTime

Sets the scheduled periodic update time for firmware vulnerability data synchronization.

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/setFirmwareVulnerabilityPeriodicUpdateTime?apiKey=********&newTime=03:04:00

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
newTime	Scheduled update time (format: `HrsMinSec`). E.g., `03:04:00` for 3:04:00 AM.	-	^([01][0-9]\|2[0-3]):([0-5][0-9]):([0-5][0-9])$	yes

Sample Response

HTTP Code: 200

{"nextScheduleTime":"Nov 16, 2025 03:04:00","isSuccess":true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Save Comment Val Cve Details

API EndPoint : saveCommentValCveDetails

Adds a user comment to a specific CVE record in the firmware vulnerability database. This API is used to annotate CVE entries with custom comments for tracking, notes, internal review, or operational documentation.

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/saveCommentValCveDetails?apiKey=********&cveId=CVE-2021-23839&comment=Review%20required%20for%20this%20CVE

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
cveId	Unique identifier of CVE	String	-	yes
comment	Comment text to save for the CVE. Max length: 500 characters.	String	-	yes

Sample Response

HTTP Code: 200

{"isSuccess":true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Device Report Table

API EndPoint : getFirmVulDeviceReportTable

Retrieves data of devices and their associated counts of firmware vulnerabilities by severity (Critical, Important, Moderate, Low).

Supports filtering by exploit presence and device group for targeted security analysis and reporting.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulDeviceReportTable?apiKey=********&EXPLOIT=true

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
EXPLOIT	Filters vulnerabilities by exploit available (`true` or `false`).	boolean	-	No
DG_ID	Device Group ID for filtering devices by group.	long	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "rows": [ { "cell": [ 305, "CiscoRouter140.manageenginge.com", 4, 72, 16, 0 ]}, { "cell": [ 2, "10.5.X.X", 31, 120, 173, 10 ]}, { "cell": [ 4, "10.5.X.X", 31, 120, 173, 10 ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Version Dash Table

API EndPoint : getFirmVulVersionDashTable

Returns a list of firmware vulnerability information, grouped by vendor and version, including the number of vulnerabilities and affected devices for each combination.The response includes vendor name, version, total vulnerabilities, and device count for each entry.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulVersionDashTable?apiKey=********&SEVERITY=critical,important

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
SEVERITY	Filter by severity: "critical", "important", "moderate", "low", or "all". Comma separated values. Example: critical,important or all	String	-	No
EXPLOIT	Filters vulnerabilities by exploit available (`true` or `false`).	boolean	-	No
DG_ID	Device Group ID for filtering devices by group.	long	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "3", "page": 1, "rows": [ { "cell": [ "Cisco", "15.4(3)M5", 92, 1 ]}, { "cell": [ "Fortinet", "[NA]", 334, 1 ]}, { "cell": [ "Juniper", "[NA]", 334, 1 ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Cve Severity Status

API EndPoint : getFirmVulCveSeverityStatus

Returns an overview of firmware vulnerabilities grouped by on CVEs (vulnerabilities).

Provides counts for critical, important, moderate, and low severity vulnerabilities, including exploit-specific counts for each level.

The response includes aggregated CVE statistics, display labels, color coding, and supports optional customized views.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulCveSeverityStatus?apiKey=********&CUSTOMIZE_DATA_VIEWNAME=CustomizeDataViewName

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
CUSTOMIZE_DATA_VIEWNAME	Indicates the specific report type and the page or tab within the application from which the report was generated.	String	-	No

Sample Response

HTTP Code: 200

{ "Color": [ "#F34848", "#FAAD5A", "#FFE89E", "#AC4CAB" ], "Label": "Vulnerabilities Count", "moderateCveCount": 189, "Data": [ [ "Critical", 35 ], [ "Important", 192 ], [ "Moderate", 189 ], [ "Low", 10 ] ], "totalCount": 426, "exploitModerateCount": 0, "exploitImportantCount": 1, "importantCveCount": 192, "DescriptionName": "Vulnerabilities", "exploitCriticalCount": 1, "criticalCveCount": 35, "lowCveCount": 10, "exploitLowCount": 0}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Device Severity Status

API EndPoint : getFirmVulDeviceSeverityStatus

Returns a summary of firmware vulnerability status, grouped by devices. The response provides counts of devices impacted by each severity category (critical, important, moderate, low), as well as exploit-specific device counts and additional metadata.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulDeviceSeverityStatus?apiKey=********&DG_ID=301

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
DG_ID	Device Group ID for filtering devices by group.	long	-	yes
CUSTOMIZE_DATA_VIEWNAME	Indicates the specific report type and the page or tab within the application from which the report was generated.	String	-	No

Sample Response

HTTP Code: 200

{ "Color": [ "#F34848", "#FAAD5A", "#FFE89E", "#AC4CAB" ], "Label": "Vulnerable Devices Count", "moderateCveCount": 0, "Data": [ [ "Critical", 3 ], [ "Important", 0 ], [ "Moderate", 0 ], [ "Low", 0 ] ], "totalCount": 760, "exploitModerateCount": 0, "exploitImportantCount": 0, "importantCveCount": 0, "DescriptionName": "Devices", "exploitCriticalCount": 2, "criticalCveCount": 3, "lowCveCount": 0, "exploitLowCount": 0}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Version Severity Status

API EndPoint : getFirmVulVersionSeverityStatus

Returns a summary of vulnerable firmware information grouped by OS version. The response provides counts of vulnerable firmware versions affected by each severity category (critical, important, moderate, low), exploit-specific version counts, color coding, and additional metadata.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulVersionSeverityStatus?apiKey=********&DG_ID=301

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
DG_ID	Device Group ID for filtering devices by group.	long	-	yes
CUSTOMIZE_DATA_VIEWNAME	Indicates the specific report type and the page or tab within the application from which the report was generated.	String	-	No

Sample Response

HTTP Code: 200

{ "Color": [ "#F34848", "#FAAD5A", "#FFE89E", "#AC4CAB" ], "Label": "Vulnerable Firmware Versions Count", "moderateCveCount": 0, "Data": [ [ "Critical", 3, "#F34848" ], [ "Important", 0, "#FAAD5A" ], [ "Moderate", 0, "#FFE89E" ], [ "Low", 0, "#AC4CAB" ] ], "totalCount": 1, "exploitModerateCount": 0, "exploitImportantCount": 0, "importantCveCount": 0, "DescriptionName": "Firmware Versions", "exploitCriticalCount": 2, "criticalCveCount": 3, "lowCveCount": 0, "exploitLowCount": 0}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Dash Data Count

API EndPoint : getFirmVulDashDataCount

Returns summary counts for the firmware vulnerability dashboard, including:

- Total number of affected devices

- Total number of exploitable vulnerabilities

- Total number of known vulnerabilities

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulDashDataCount?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{"deviceCount":3,"exploitCount":2,"vulerabilityCount":426}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV HV Device Dash Table

API EndPoint : getFirmVulHighVulDeviceDashTable

Returns a list of devices identified with the highest counts of firmware vulnerabilities.

For each device, the response includes its ID, hostname or IP, vendor, firmware version, and total vulnerability count.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulHighVulDeviceDashTable?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "3", "page": 1, "rows": [ { "cell": [ 2, "10.5.X.X", "Fortinet", "[NA]", 334 ]}, { "cell": [ 4, "10.5.X.X", "Juniper", "[NA]", 334 ]}, { "cell": [ 305, "CiscoRouter140.manageenginge.com", "Cisco", "15.4(3)M5", 92 ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Discover Dash Wid Get Count

API EndPoint : getFirmVulDiscoverDashWidgetCount

Returns the count of newly discovered firmware vulnerabilities for a specified time duration. The response enables tracking how many vulnerabilities were identified within the given period.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulDiscoverDashWidgetCount?apiKey=********&TIME_DURATION=1701043200,1701133200

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
TIME_DURATION	Preset time range for the report filter. Allowed values: "today", "yesterday", "last_7_days", "last_30_days" or start time(in epoch) , end time (in epoch)	String	-	No

Sample Response

HTTP Code: 200

{"VulCount":0}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Request FV Data Update

API EndPoint : requestFirmVulDataUpdate

Allows users to request an update of vulnerability data for a particular vendor, OS type, and OS version that is not currently listed in Network Configuration Manager.The devices' OS information list will be sent to the Network Configuration Manager support team.

HTTP Method

POST

API URL

http://localhost:8060/api/json/ncmcompliance/requestFirmVulDataUpdate?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{"msg":"Vulnerability Data Requested Successfully","isSuccess":true}

Error Response

View common error responses

Rate limit: 12 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Exposed Devices List

API EndPoint : getFirmVulnExposedDevicesList

Returns a list of exposed devices based on firmware vulnerability, optionally filtered by severity, exploit presence, and device group. The response includes details per device such as host name, vendor, OS version, device series, model, and vulnerability count.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulnExposedDevicesList?apiKey=********&SEVERITY=critical,important

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
SEVERITY	Filter by severity: "critical", "important", "moderate", "low", or "all". Comma separated values. Example: critical,important or all	String	-	No
EXPLOIT	Filters vulnerabilities by exploit available (`true` or `false`).	boolean	-	No
DG_ID	Device Group ID for filtering devices by group.	long	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "26", "rows": [ { "cell": [ 23701, "10.15.20.25", "Fortinet", "v4.0", "[NA]", "51B", 1 ]}, { "cell": [ 39304, "10.15.20.25", "Fortinet", "v7.2.6", "[NA]", "[NA]", 153 ]}, { "cell": [ 62101, "12.A.B.C", "F5", "17.1.3-0.20.11", "[NA]", "[NA]", 5 ]}, { "cell": [ 61803, "12.M.N.O", "Nokia", "22.9.R2", "[NA]", "[NA]", 2 ]}, { "cell": [ 61202, "12.23.23.23", "F5", "17.5.1", "[NA]", "[NA]", 38 ]}, { "cell": [ 44704, "172.2.2.2", "Fortinet", "v7.0.14", "2810Q24", "[NA]", 61 ]}, { "cell": [ 45624, "172.2.2.2", "Fortinet", "v7.0.13", "[NA]", "[NA]", 164 ]}, { "cell": [ 48905, "172.2.2.2", "Arista", "4.32.1F", "[NA]", "DCS-7050SX3-48C8-F", 5 ]}, { "cell": [ 45001, "172.2.2.2", "HP", "KB.16.11.0002", "[NA]", "5406Rzl2 J9850A", 6 ]}, { "cell": [ 18004, "172.2.2.2", "Mikrotik", "6.45.9", "[NA]", "[NA]", 5 ]}, { "cell": [ 19201, "172.2.2.2", "PaloAlto", "11.1.5-h1", "[NA]", "[NA]", 14 ]}, { "cell": [ 25201, "172.2.2.2", "HP", "KB.16.11.0002", "HP MSR 1002-4", "HP MSR 1002-4", 6 ]}, { "cell": [ 48001, "172.2.2.2", "PaloAlto", "7.1.0", "[NA]", "[NA]", 120 ]}, { "cell": [ 60304, "192.A.B.C", "Aruba", "8.A.B.C", "[NA]", "[NA]", 40 ]}, { "cell": [ 39014, "192.M.N.O", "Fortinet", "v4.0", "51B", "Fortigate-51B", 1 ]}, { "cell": [ 54903, "192.J.K.L", "Juniper", "15.1R5.5", "cat9k_iosxe", "c9300-24t", 568 ]}, { "cell": [ 9006, "192.A.B.C", "Cisco", "15.1(3)T1", "2801", "2801", 142 ]}, { "cell": [ 54004, "192.A.B.C", "PaloAlto", "7.0.5-h2", "3000", "PA-3020", 65 ]}, { "cell": [ 19501, "192.M.N.O", "PaloAlto", "7.0.5-h2", "[NA]", "[NA]", 65 ]}, { "cell": [ 901, "192.A.B.C", "Cisco", "15.4(3)M5", "C2951", "CISCO2951/K9", 92 ]}, { "cell": [ 6012, "27.A.B.C", "Cisco", "9.3(8)", "2500", "2612", 27 ]}, { "cell": [ 2848, "27.A.B.C", "Cisco", "15.1(3)t", "2500", "2612", 143 ]}, { "cell": [ 602, "ciscoDEvice", "Cisco", "12.0(1)T", "[NA]", "[NA]", 46 ]}, { "cell": [ 39003, "FMANX-ARZ-SV-01", "Fortinet", "5.2.0", "C1000", "C1000-48T-4G-L", 25 ]}, { "cell": [ 7205, "test123", "Cisco", "[NA]", "CAT9K_LITE_IOSXE", "C9200L-48P-4X", 113 ]}, { "cell": [ 609, "Test.B.C.D", "Cisco", "15.3(2)T", "C2951", "CISCO2951/K9", 133 ]} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Exposed Device Vul

API EndPoint : getFirmVulExposedDeviceVul

Returns a list of firmware vulnerabilities for a specific exposed device based on resourceid, optionally filtered by severity, exploit status, and device group.

The response includes details for each CVE such as CVE ID, base score, vulnerability type, severity, exploit status, and patch availability.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulExposedDeviceVul?apiKey=********&rsId=602&SEVERITY=critical,important

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
rsId	Resource id of the device	long	-	No
SEVERITY	Filter by severity: "critical", "important", "moderate", "low", or "all". Comma separated values. Example: critical,important or all	String	-	No
EXPLOIT	Filters vulnerabilities by exploit available (`true` or `false`).	boolean	-	No
DG_ID	Device Group ID for filtering devices by group.	long	-	No

Sample Response

HTTP Code: 200

{ "rows": [ { "BASESCORE": 8.8, "CVEID": "CVE-2025-0108", "EXPLOIT": false, "VULTYPE": [ "Execute Code" ], "SEVERITY": 3, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 8.4, "CVEID": "CVE-2025-4230", "EXPLOIT": false, "VULTYPE": [ "Not Defined" ], "SEVERITY": 3, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 8.2, "CVEID": "CVE-2025-0130", "EXPLOIT": false, "VULTYPE": [ "Not Defined" ], "SEVERITY": 3, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 7.1, "CVEID": "CVE-2025-0111", "EXPLOIT": false, "VULTYPE": [ "Not Defined" ], "SEVERITY": 3, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 6.9, "CVEID": "CVE-2025-0109", "EXPLOIT": false, "VULTYPE": [ "Not Defined" ], "SEVERITY": 2, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 6.9, "CVEID": "CVE-2025-4615", "EXPLOIT": false, "SEVERITY": 2, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 6.8, "CVEID": "CVE-2025-0116", "EXPLOIT": false, "VULTYPE": [ "Denial Of Service" ], "SEVERITY": 2, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 6.8, "CVEID": "CVE-2025-2182", "EXPLOIT": false, "VULTYPE": [ "Not Defined" ], "SEVERITY": 2, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 6, "CVEID": "CVE-2025-4229", "EXPLOIT": false, "VULTYPE": [ "Information leak" ], "SEVERITY": 2, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 5.9, "CVEID": "CVE-2025-0123", "EXPLOIT": false, "VULTYPE": [ "Not Defined" ], "SEVERITY": 2, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 5.1, "CVEID": "CVE-2025-0133", "EXPLOIT": false, "VULTYPE": [ "Cross site scripting (XSS)" ], "SEVERITY": 2, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 4.8, "CVEID": "CVE-2025-0137", "EXPLOIT": false, "VULTYPE": [ "Not Defined" ], "SEVERITY": 2, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 4.8, "CVEID": "CVE-2025-4614", "EXPLOIT": false, "SEVERITY": 2, "PATCH": "Patch finding not supported for this vendor"}, { "BASESCORE": 3.5, "CVEID": "CVE-2020-2035", "EXPLOIT": false, "VULTYPE": [ "Execute Code" ], "SEVERITY": 1, "PATCH": "Patch finding not supported for this vendor"} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Version Sub Table

API EndPoint : getFirmVulVersionSubTable

Returns a list of firmware vulnerabilities and affected device details based on a specified OS version and vendor, with optional filters for severity, exploit status, and device group. The response includes vendor, OS version, device information, CVE details, base score, vulnerability type, severity, exploit status, and patch information.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulVersionSubTable?apiKey=********&osVer=17.1.3-0.20.11&vendor=F5&SEVERITY=critical,important

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
osVer	OS Version of the device	String	-	No
vendor	Device Vendor Name	String	-	No
SEVERITY	Filter by severity: "critical", "important", "moderate", "low", or "all". Comma separated values. Example: critical,important or all	String	-	No
EXPLOIT	Filters vulnerabilities by exploit available (`true` or `false`).	boolean	-	No
DG_ID	Device Group ID for filtering devices by group.	long	-	No

Sample Response

HTTP Code: 200

{ "rows": [ { "resourceID": 48905, "SERIES": "[NA]", "BASESCORE": 8.1, "HOSTNAME": "172.1.1.1", "CVEID": "CVE-2024-6387", "EXPLOIT": false, "IPADDRESS": "172.1.1.1", "MODEL": "DCS-7050SX3-48C8-F", "VULTYPE": [ "Not Defined" ], "SEVERITY": 3, "PATCH": "Patch finding not supported for this vendor"}, { "resourceID": 48905, "SERIES": "[NA]", "BASESCORE": 7.5, "HOSTNAME": "172.1.1.1", "CVEID": "CVE-2025-6188", "EXPLOIT": false, "IPADDRESS": "172.1.1.1", "MODEL": "DCS-7050SX3-48C8-F", "VULTYPE": [ "Not Defined" ], "SEVERITY": 3, "PATCH": "Patch finding not supported for this vendor"}, { "resourceID": 48905, "SERIES": "[NA]", "BASESCORE": 6.5, "HOSTNAME": "172.1.1.1", "CVEID": "CVE-2024-5872", "EXPLOIT": false, "IPADDRESS": "172.1.1.1", "MODEL": "DCS-7050SX3-48C8-F", "VULTYPE": [ "Not Defined" ], "SEVERITY": 2, "PATCH": "Patch finding not supported for this vendor"}, { "resourceID": 48905, "SERIES": "[NA]", "BASESCORE": 4.3, "HOSTNAME": "172.1.1.1", "CVEID": "CVE-2024-7095", "EXPLOIT": false, "IPADDRESS": "172.1.1.1", "MODEL": "DCS-7050SX3-48C8-F", "VULTYPE": [ "Not Defined" ], "SEVERITY": 2, "PATCH": "Patch finding not supported for this vendor"}, { "resourceID": 48905, "SERIES": "[NA]", "BASESCORE": 3.8, "HOSTNAME": "172..1.1.1", "CVEID": "CVE-2025-3456", "EXPLOIT": false, "IPADDRESS": "172.1.1.1", "MODEL": "DCS-7050SX3-48C8-F", "VULTYPE": [ "Not Defined" ], "SEVERITY": 1, "PATCH": "Patch finding not supported for this vendor"} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Exposed Device Dash Count

API EndPoint : getFirmVulnExposedDeviceDashCount

Returns counts and grouping information based on exposed devices with firmware vulnerabilities. The response includes the total number of exposed devices, number of exploitable devices along with device group-based metadata .

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulnExposedDeviceDashCount?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{ "IsDeviceGroupSelected": false, "LoginId": 24307, "GROUPS": [ { "value": "All Devices Group", "key": "1", "selected": false}, { "value": "Backup Failure _Group", "key": "4", "selected": false}, { "value": "Branch Devices ", "key": "15903", "selected": false}, { "value": "CIS Cisco ASA Group", "key": "14102", "selected": false}, { "value": "CIS Cisco IOS Group", "key": "14101", "selected": false}, { "value": "Cisco Test ", "key": "9301", "selected": false}, { "value": "CiscoGroup", "key": "4201", "selected": false}, { "value": "CiscoRouter Group", "key": "2", "selected": false}, { "value": "CiscoSwitch Group", "key": "3", "selected": false}, { "value": "Compliance Group", "key": "13501", "selected": false}, { "value": "Core Devices", "key": "15904", "selected": false}, { "value": "er vvr", "key": "4801", "selected": false}, { "value": "Firewall", "key": "10801", "selected": false}, { "value": "grp1", "key": "13219", "selected": false}, { "value": "HP Switch", "key": "6901", "selected": false}, { "value": "HpSwitch", "key": "7202", "selected": false}, { "value": "Los Angels DG", "key": "13211", "selected": false}, { "value": "Madurai DG", "key": "13213", "selected": false}, { "value": "maggigrp", "key": "11101", "selected": false}, { "value": "Naveen Fortigate ", "key": "10502", "selected": false}, { "value": "Naveen test", "key": "7502", "selected": false}, { "value": "New Privat Oper", "key": "9601", "selected": false}, { "value": "NewCheck", "key": "8403", "selected": false}, { "value": "Operator DG new testinggg", "key": "9901", "selected": false}, { "value": "Private", "key": "5702", "selected": false}, { "value": "PrivateDG", "key": "7201", "selected": false}, { "value": "PrivateDG_Sunil", "key": "6602", "selected": false}, { "value": "raj", "key": "4802", "selected": false}, { "value": "Switch - Group", "key": "11401", "selected": false}, { "value": "TagGroup", "key": "16501", "selected": false}, { "value": "TagGroup1", "key": "16803", "selected": false}, { "value": "TagPublicGroup", "key": "16804", "selected": false}, { "value": "Tejas ", "key": "15905", "selected": false}, { "value": "Tenkasi DG", "key": "13214", "selected": false}, { "value": "test Oper", "key": "5703", "selected": false}, { "value": "Test Private", "key": "6301", "selected": false}, { "value": "test_123", "key": "12301", "selected": false}, { "value": "test_ishwarya", "key": "6001", "selected": false}, { "value": "test_suresh_complianceIq", "key": "16801", "selected": false}, { "value": "Testdpu", "key": "2701", "selected": false}, { "value": "Testing", "key": "3607", "selected": false}, { "value": "Testing gg", "key": "11402", "selected": false}, { "value": "testing_nested", "key": "5704", "selected": false}, { "value": "testSureshNew", "key": "13801", "selected": false}, { "value": "Tirunelveli DG", "key": "13215", "selected": false}, { "value": "varu test", "key": "5706", "selected": false} ], "deviceCount": 26, "exploitCount": 11, "DG_DESCRIPTION":{ "9301": "", "7202": "", "9601": "", "7201": "abcde", "15905": "", "2701": "", "15904": "", "15903": "Routers switches", "11101": "", "6602": "", "11401": "", "4801": "WVR", "6901": "Test", "13801": "", "13501": "", "4802": "", "11402": "", "6001": "", "14101": "ncm.devicegroup.cisco.ios.desc", "8403": "", "4201": "", "6301": "", "5706": "Test", "1": "ncm.default_devicegroup.description", "10502": "", "2": "This device group contains all the cisco routers present in the inventory", "13219": "", "3": "This device group contains all the cisco switches present in the inventory", "10801": "fortigate", "4": "This device group contains all the cisco routers present in the inventory", "13213": "Device group for Madurai", "7502": "", "13214": "tenkasi DG", "14102": "ncm.devicegroup.cisco.asa.desc", "13211": "Devices of LA tag", "16501": "abcde", "12301": "", "9901": "", "5702": "", "16804": "", "16803": "", "5703": "test", "3607": "SS", "5704": "tt", "13215": "user created group", "16801": ""}, "DG_INFO":{ "9301": "Cisco Test ", "7202": "HpSwitch", "9601": "New Privat Oper", "7201": "PrivateDG", "15905": "Tejas ", "2701": "Testdpu", "15904": "Core Devices", "15903": "Branch Devices ", "11101": "maggigrp", "6602": "PrivateDG_Sunil", "11401": "Switch - Group", "4801": "er vvr", "6901": "HP Switch", "13801": "testSureshNew", "13501": "Compliance Group", "4802": "raj", "11402": "Testing gg", "6001": "test_ishwarya", "14101": "CIS Cisco IOS Group", "8403": "NewCheck", "4201": "CiscoGroup", "6301": "Test Private", "5706": "varu test", "1": "All Devices Group", "10502": "Naveen Fortigate ", "2": "CiscoRouter Group", "13219": "grp1", "3": "CiscoSwitch Group", "10801": "Firewall", "4": "Backup Failure _Group", "13213": "Madurai DG", "7502": "Naveen test", "13214": "Tenkasi DG", "14102": "CIS Cisco ASA Group", "13211": "Los Angels DG", "16501": "TagGroup", "12301": "test_123", "9901": "Operator DG new testinggg", "5702": "Private", "16804": "TagPublicGroup", "16803": "TagGroup1", "5703": "test Oper", "3607": "Testing", "5704": "testing_nested", "13215": "Tirunelveli DG", "16801": "test_suresh_complianceIq"}, "highVulnDeviceCount": 26, "SHOW_ONLY_PUBLIC_DEVICE_GROUP": false}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Version Dist Dash Count

API EndPoint : getFirmVulnVersionDistDashCount

Returns counts and grouping information for firmware vulnerabilities distributed by OS version. The response includes the total number of vulnerabilities, affected devices, and exploitable vulnerabilities, along with device group metadata.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulnVersionDistDashCount?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{ "IsDeviceGroupSelected": false, "vulCount": 1217, "LoginId": 24307, "GROUPS": [ { "value": "All Devices Group", "key": "1", "selected": false}, { "value": "Backup Failure _Group", "key": "4", "selected": false}, { "value": "Branch Devices ", "key": "15903", "selected": false}, { "value": "CIS Cisco ASA Group", "key": "14102", "selected": false}, { "value": "CIS Cisco IOS Group", "key": "14101", "selected": false}, { "value": "Cisco Test ", "key": "9301", "selected": false}, { "value": "CiscoGroup", "key": "4201", "selected": false}, { "value": "CiscoRouter Group", "key": "2", "selected": false}, { "value": "CiscoSwitch Group", "key": "3", "selected": false}, { "value": "Compliance Group", "key": "13501", "selected": false}, { "value": "Core Devices", "key": "15904", "selected": false}, { "value": "er vvr", "key": "4801", "selected": false}, { "value": "Firewall", "key": "10801", "selected": false}, { "value": "grp1", "key": "13219", "selected": false}, { "value": "HP Switch", "key": "6901", "selected": false}, { "value": "HpSwitch", "key": "7202", "selected": false}, { "value": "Los Angels DG", "key": "13211", "selected": false}, { "value": "Madurai DG", "key": "13213", "selected": false}, { "value": "maggigrp", "key": "11101", "selected": false}, { "value": "Naveen Fortigate ", "key": "10502", "selected": false}, { "value": "Naveen test", "key": "7502", "selected": false}, { "value": "New Privat Oper", "key": "9601", "selected": false}, { "value": "NewCheck", "key": "8403", "selected": false}, { "value": "Operator DG new testinggg", "key": "9901", "selected": false}, { "value": "Private", "key": "5702", "selected": false}, { "value": "PrivateDG", "key": "7201", "selected": false}, { "value": "PrivateDG_Sunil", "key": "6602", "selected": false}, { "value": "raj", "key": "4802", "selected": false}, { "value": "Switch - Group", "key": "11401", "selected": false}, { "value": "TagGroup", "key": "16501", "selected": false}, { "value": "TagGroup1", "key": "16803", "selected": false}, { "value": "TagPublicGroup", "key": "16804", "selected": false}, { "value": "Tejas ", "key": "15905", "selected": false}, { "value": "Tenkasi DG", "key": "13214", "selected": false}, { "value": "test Oper", "key": "5703", "selected": false}, { "value": "Test Private", "key": "6301", "selected": false}, { "value": "test_123", "key": "12301", "selected": false}, { "value": "test_ishwarya", "key": "6001", "selected": false}, { "value": "test_suresh_complianceIq", "key": "16801", "selected": false}, { "value": "Testdpu", "key": "2701", "selected": false}, { "value": "Testing", "key": "3607", "selected": false}, { "value": "Testing gg", "key": "11402", "selected": false}, { "value": "testing_nested", "key": "5704", "selected": false}, { "value": "testSureshNew", "key": "13801", "selected": false}, { "value": "Tirunelveli DG", "key": "13215", "selected": false}, { "value": "varu test", "key": "5706", "selected": false} ], "deviceCount": 26, "exploitCount": 11, "DG_DESCRIPTION":{ "9301": "", "7202": "", "9601": "", "7201": "abcde", "15905": "", "2701": "", "15904": "", "15903": "Routers switches", "11101": "", "6602": "", "11401": "", "4801": "WVR", "6901": "Test", "13801": "", "13501": "", "4802": "", "11402": "", "6001": "", "14101": "ncm.devicegroup.cisco.ios.desc", "8403": "", "4201": "", "6301": "", "5706": "Test", "1": "ncm.default_devicegroup.description", "10502": "", "2": "This device group contains all the cisco routers present in the inventory", "13219": "", "3": "This device group contains all the cisco switches present in the inventory", "10801": "fortigate", "4": "This device group contains all the cisco routers present in the inventory", "13213": "Device group for Madurai", "7502": "", "13214": "tenkasi DG", "14102": "ncm.devicegroup.cisco.asa.desc", "13211": "Devices of LA tag", "16501": "abcde", "12301": "", "9901": "", "5702": "", "16804": "", "16803": "", "5703": "test", "3607": "SS", "5704": "tt", "13215": "user created group", "16801": ""}, "DG_INFO":{ "9301": "Cisco Test ", "7202": "HpSwitch", "9601": "New Privat Oper", "7201": "PrivateDG", "15905": "Tejas ", "2701": "Testdpu", "15904": "Core Devices", "15903": "Branch Devices ", "11101": "maggigrp", "6602": "PrivateDG_Sunil", "11401": "Switch - Group", "4801": "er vvr", "6901": "HP Switch", "13801": "testSureshNew", "13501": "Compliance Group", "4802": "raj", "11402": "Testing gg", "6001": "test_ishwarya", "14101": "CIS Cisco IOS Group", "8403": "NewCheck", "4201": "CiscoGroup", "6301": "Test Private", "5706": "varu test", "1": "All Devices Group", "10502": "Naveen Fortigate ", "2": "CiscoRouter Group", "13219": "grp1", "3": "CiscoSwitch Group", "10801": "Firewall", "4": "Backup Failure _Group", "13213": "Madurai DG", "7502": "Naveen test", "13214": "Tenkasi DG", "14102": "CIS Cisco ASA Group", "13211": "Los Angels DG", "16501": "TagGroup", "12301": "test_123", "9901": "Operator DG new testinggg", "5702": "Private", "16804": "TagPublicGroup", "16803": "TagGroup1", "5703": "test Oper", "3607": "Testing", "5704": "testing_nested", "13215": "Tirunelveli DG", "16801": "test_suresh_complianceIq"}, "SHOW_ONLY_PUBLIC_DEVICE_GROUP": false}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Device With Patches Count

API EndPoint : getFirmVulnDevicesWithPatchesCount

Returns counts and group information for devices with available patches for firmware vulnerabilities. The response includes the total number of devices with patches, counts of high vulnerability devices with patches, total vulnerabilities with patches, and device group metadata for further analysis.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulnDevicesWithPatchesCount?apiKey=********

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes

Sample Response

HTTP Code: 200

{ "deviceCountWithPatches": 10, "IsDeviceGroupSelected": false, "LoginId": 24307, "GROUPS": [ { "value": "All Devices Group", "key": "1", "selected": false}, { "value": "Backup Failure _Group", "key": "4", "selected": false}, { "value": "Branch Devices ", "key": "15903", "selected": false}, { "value": "CIS Cisco ASA Group", "key": "14102", "selected": false}, { "value": "CIS Cisco IOS Group", "key": "14101", "selected": false}, { "value": "Cisco Test ", "key": "9301", "selected": false}, { "value": "CiscoGroup", "key": "4201", "selected": false}, { "value": "CiscoRouter Group", "key": "2", "selected": false}, { "value": "CiscoSwitch Group", "key": "3", "selected": false}, { "value": "Compliance Group", "key": "13501", "selected": false}, { "value": "Core Devices", "key": "15904", "selected": false}, { "value": "er vvr", "key": "4801", "selected": false}, { "value": "Firewall", "key": "10801", "selected": false}, { "value": "grp1", "key": "13219", "selected": false}, { "value": "HP Switch", "key": "6901", "selected": false}, { "value": "HpSwitch", "key": "7202", "selected": false}, { "value": "Los Angels DG", "key": "13211", "selected": false}, { "value": "Madurai DG", "key": "13213", "selected": false}, { "value": "maggigrp", "key": "11101", "selected": false}, { "value": "Naveen Fortigate ", "key": "10502", "selected": false}, { "value": "Naveen test", "key": "7502", "selected": false}, { "value": "New Privat Oper", "key": "9601", "selected": false}, { "value": "NewCheck", "key": "8403", "selected": false}, { "value": "Operator DG new testinggg", "key": "9901", "selected": false}, { "value": "Private", "key": "5702", "selected": false}, { "value": "PrivateDG", "key": "7201", "selected": false}, { "value": "PrivateDG_Sunil", "key": "6602", "selected": false}, { "value": "raj", "key": "4802", "selected": false}, { "value": "Switch - Group", "key": "11401", "selected": false}, { "value": "TagGroup", "key": "16501", "selected": false}, { "value": "TagGroup1", "key": "16803", "selected": false}, { "value": "TagPublicGroup", "key": "16804", "selected": false}, { "value": "Tejas ", "key": "15905", "selected": false}, { "value": "Tenkasi DG", "key": "13214", "selected": false}, { "value": "test Oper", "key": "5703", "selected": false}, { "value": "Test Private", "key": "6301", "selected": false}, { "value": "test_123", "key": "12301", "selected": false}, { "value": "test_ishwarya", "key": "6001", "selected": false}, { "value": "test_suresh_complianceIq", "key": "16801", "selected": false}, { "value": "Testdpu", "key": "2701", "selected": false}, { "value": "Testing", "key": "3607", "selected": false}, { "value": "Testing gg", "key": "11402", "selected": false}, { "value": "testing_nested", "key": "5704", "selected": false}, { "value": "testSureshNew", "key": "13801", "selected": false}, { "value": "Tirunelveli DG", "key": "13215", "selected": false}, { "value": "varu test", "key": "5706", "selected": false} ], "DG_DESCRIPTION":{ "9301": "", "7202": "", "9601": "", "7201": "abcde", "15905": "", "2701": "", "15904": "", "15903": "Routers switches", "11101": "", "6602": "", "11401": "", "4801": "WVR", "6901": "Test", "13801": "", "13501": "", "4802": "", "11402": "", "6001": "", "14101": "ncm.devicegroup.cisco.ios.desc", "8403": "", "4201": "", "6301": "", "5706": "Test", "1": "ncm.default_devicegroup.description", "10502": "", "2": "This device group contains all the cisco routers present in the inventory", "13219": "", "3": "This device group contains all the cisco switches present in the inventory", "10801": "fortigate", "4": "This device group contains all the cisco routers present in the inventory", "13213": "Device group for Madurai", "7502": "", "13214": "tenkasi DG", "14102": "ncm.devicegroup.cisco.asa.desc", "13211": "Devices of LA tag", "16501": "abcde", "12301": "", "9901": "", "5702": "", "16804": "", "16803": "", "5703": "test", "3607": "SS", "5704": "tt", "13215": "user created group", "16801": ""}, "DG_INFO":{ "9301": "Cisco Test ", "7202": "HpSwitch", "9601": "New Privat Oper", "7201": "PrivateDG", "15905": "Tejas ", "2701": "Testdpu", "15904": "Core Devices", "15903": "Branch Devices ", "11101": "maggigrp", "6602": "PrivateDG_Sunil", "11401": "Switch - Group", "4801": "er vvr", "6901": "HP Switch", "13801": "testSureshNew", "13501": "Compliance Group", "4802": "raj", "11402": "Testing gg", "6001": "test_ishwarya", "14101": "CIS Cisco IOS Group", "8403": "NewCheck", "4201": "CiscoGroup", "6301": "Test Private", "5706": "varu test", "1": "All Devices Group", "10502": "Naveen Fortigate ", "2": "CiscoRouter Group", "13219": "grp1", "3": "CiscoSwitch Group", "10801": "Firewall", "4": "Backup Failure _Group", "13213": "Madurai DG", "7502": "Naveen test", "13214": "Tenkasi DG", "14102": "CIS Cisco ASA Group", "13211": "Los Angels DG", "16501": "TagGroup", "12301": "test_123", "9901": "Operator DG new testinggg", "5702": "Private", "16804": "TagPublicGroup", "16803": "TagGroup1", "5703": "test Oper", "3607": "Testing", "5704": "testing_nested", "13215": "Tirunelveli DG", "16801": "test_suresh_complianceIq"}, "highVulnDeviceCountWithPatches": 10, "highVulnCountWithPatches": 907, "totalVulnCountWithPatches": 907, "SHOW_ONLY_PUBLIC_DEVICE_GROUP": false}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Patches List

API EndPoint : getFirmVulnPatchesList

Returns a list of devices with available firmware patches addressing vulnerabilities.

The response includes device details (hostname/IP, vendor), OS version, count of vulnerabilities, number of patches available, and latest patch version for each device.

Devices can be filtered by severity, exploit status, and device group as optional parameters.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulnPatchesList?apiKey=********&SEVERITY=critical,important

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
SEVERITY	Filter by severity: "critical", "important", "moderate", "low", or "all". Comma separated values. Example: critical,important or all	-	(((critical\|important\|moderate\|low)+)(,(critical\|important\|moderate\|low)+)*)\|(all)	No
EXPLOIT	Filters vulnerabilities by exploit available (`true` or `false`).	boolean	-	No
DG_ID	Device Group ID for filtering devices by group.	long	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "10", "rows": [ { "PATCHES_COUNT": 6, "OSVERSION": "KB.16.11.0002", "VULN_COUNT": 6, "RESOURCENAME": "172.1.1.1", "rsId": 45001, "LATEST_PATCH": "YC.16.11.0016", "id": 45001, "VENDORNAME": "HP"}, { "PATCHES_COUNT": 6, "OSVERSION": "KB.16.11.0002", "VULN_COUNT": 6, "RESOURCENAME": "172.1.1.1", "rsId": 25201, "LATEST_PATCH": "NA", "id": 25201, "VENDORNAME": "HP"}, { "PATCHES_COUNT": 5, "OSVERSION": "8.10.0.11", "VULN_COUNT": 5, "RESOURCENAME": "192.1.1.1", "rsId": 60304, "LATEST_PATCH": "YC.16.11.0016", "id": 60304, "VENDORNAME": "Aruba"}, { "PATCHES_COUNT": 421, "OSVERSION": "15.1R5.5", "VULN_COUNT": 421, "RESOURCENAME": "192.1.1.1", "rsId": 54903, "LATEST_PATCH": "24.2R2", "id": 54903, "VENDORNAME": "Juniper"}, { "PATCHES_COUNT": 118, "OSVERSION": "15.1(3)T1", "VULN_COUNT": 118, "RESOURCENAME": "192.1.1.1", "rsId": 9006, "LATEST_PATCH": "15.9(3)M11", "id": 9006, "VENDORNAME": "Cisco"}, { "PATCHES_COUNT": 82, "OSVERSION": "15.4(3)M5", "VULN_COUNT": 82, "RESOURCENAME": "192.1.1.1", "rsId": 901, "LATEST_PATCH": "15.9(3)M11", "id": 901, "VENDORNAME": "Cisco"}, { "PATCHES_COUNT": 23, "OSVERSION": "9.3(8)", "VULN_COUNT": 23, "RESOURCENAME": "27.1.1.1", "rsId": 6012, "LATEST_PATCH": "10.5(2)", "id": 6012, "VENDORNAME": "Cisco"}, { "PATCHES_COUNT": 119, "OSVERSION": "15.1(3)t", "VULN_COUNT": 119, "RESOURCENAME": "27.1.1.1", "rsId": 2848, "LATEST_PATCH": "15.9(3)M11", "id": 2848, "VENDORNAME": "Cisco"}, { "PATCHES_COUNT": 4, "OSVERSION": "12.0(1)T", "VULN_COUNT": 4, "RESOURCENAME": "ciscoDEvice", "rsId": 602, "LATEST_PATCH": "15.9(3)M11", "id": 602, "VENDORNAME": "Cisco"}, { "PATCHES_COUNT": 123, "OSVERSION": "15.3(2)T", "VULN_COUNT": 123, "RESOURCENAME": "Test1.1.1.1", "rsId": 609, "LATEST_PATCH": "15.9(3)M11", "id": 609, "VENDORNAME": "Cisco"} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Device Patches

API EndPoint : getFirmVulnDevicePatches

Returns a list of firmware vulnerabilities with patch details for a specific device.

The response provides CVE identifiers, base scores, exploit status, vulnerability types, vendor, product, severity rating, patch ID, and patch version for each vulnerability affecting the device.

Optional filters include severity, exploit status, and device group.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getFirmVulnDevicePatches?apiKey=********&rsId=45001&SEVERITY=critical,important

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
rsId	Resource id of the device	long	-	yes
SEVERITY	Filter by severity: "critical", "important", "moderate", "low", or "all". Comma separated values. Example: critical,important or all	-	(((critical\|important\|moderate\|low)+)(,(critical\|important\|moderate\|low)+)*)\|(all)	No
EXPLOIT	Filters vulnerabilities by exploit available (`true` or `false`).	boolean	-	No
DG_ID	Device Group ID for filtering devices by group.	long	-	No
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "rows": [ { "product": "ArubaOS-S Switch", "CVEID": "CVE-2023-39268", "vendor": "HP", "BASESCORE2": 9.8, "EXPLOIT": false, "rsId": 45001, "VULTYPE": [ "Memory corruption" ], "SEVERITY": 4, "PATCH_ID": 1208114, "PATCH": "KB.16.11.0007"}, { "product": "ArubaOS-S Switch", "CVEID": "CVE-2022-23676", "vendor": "HP", "BASESCORE2": 9.3, "EXPLOIT": false, "rsId": 45001, "VULTYPE": [ "Overflow" ], "SEVERITY": 4, "PATCH_ID": 1196680, "PATCH": "KB.16.11.0004"}, { "product": "ArubaOS-S Switch", "CVEID": "CVE-2022-23677", "vendor": "HP", "BASESCORE2": 9.3, "EXPLOIT": false, "rsId": 45001, "VULTYPE": [ "Cross Site Scripting" ], "SEVERITY": 3, "PATCH_ID": 1196712, "PATCH": "KB.16.11.0004"}, { "product": "ArubaOS-S Switch", "CVEID": "CVE-2023-39267", "vendor": "HP", "BASESCORE2": 6.5, "EXPLOIT": false, "rsId": 45001, "VULTYPE": [ "Execute Code" ], "SEVERITY": 2, "PATCH_ID": 1208082, "PATCH": "KB.16.11.0013"}, { "product": "ArubaOS-S Switch", "CVEID": "CVE-2023-39266", "vendor": "HP", "BASESCORE2": 6.1, "EXPLOIT": false, "rsId": 45001, "VULTYPE": [ "Cross site scripting (XSS)" ], "SEVERITY": 2, "PATCH_ID": 1208050, "PATCH": "KB.16.11.0006"}, { "product": "ArubaOS-S Switch", "CVEID": "CVE-2024-26303", "vendor": "HP", "BASESCORE2": 4.9, "EXPLOIT": false, "rsId": 45001, "VULTYPE": [ "Denial Of Service" ], "SEVERITY": 2, "PATCH_ID": 1212540, "PATCH": "KB.16.11.0016"} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get Patch Tree Details

API EndPoint : getPatchTreeDetails

Returns details of vulnerabilities and corresponding available patches for a device firmware version, including patch tree relationships by resource, patch, vendor, and OS type.

For a given device/version, the response lists each vulnerability (CVE), the recommended patch version, associated vulnerability count, and severity, as well as summary information such as current device version and latest available patch.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getPatchTreeDetails?apiKey=********&id=45001&idType=resourceId&vendor=aruba&osType=arubaos-s switch

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
rsId	Resource id of the device	long	-	No
id	Device Id	long	-	yes
idType	Must be either `resourceId` or `patchId`	-	^(resourceId\|patchId)$	yes
vendor	Device Vendor Name	-	^([p{L}p{N}+_s()-])+$	No
osType	Device OS Type	-	^([p{L}p{N}P{InBasicLatin}.,/s-_[]()])+$	No
patchVersion	Remediation of vulnerability	-	^([p{L}p{N}P{InBasicLatin}.,:s-_()[]])+$	No

Sample Response

HTTP Code: 200

{ "product": "arubaos", "HOSTNAME": "172.1.1.1", "vendor": "aruba", "patches":{ "45001": [ { "VULN_COUNT": 4, "CVEID": "CVE-2022-23676", "patchVersion": "KB.16.11.0004", "vendor": "aruba", "osType": "arubaos-s switch", "PATCH_ID": 1196680, "SEVERITY": 4}, { "VULN_COUNT": 2, "CVEID": "CVE-2023-39268", "patchVersion": "KB.16.11.0007", "vendor": "aruba", "osType": "arubaos-s switch", "PATCH_ID": 1208114, "SEVERITY": 4}, { "VULN_COUNT": 4, "CVEID": "CVE-2022-23677", "patchVersion": "KB.16.11.0004", "vendor": "aruba", "osType": "arubaos-s switch", "PATCH_ID": 1196712, "SEVERITY": 3}, { "VULN_COUNT": 3, "CVEID": "CVE-2023-39266", "patchVersion": "KB.16.11.0006", "vendor": "aruba", "osType": "arubaos-s switch", "PATCH_ID": 1208050, "SEVERITY": 2}, { "VULN_COUNT": 1, "CVEID": "CVE-2023-39267", "patchVersion": "KB.16.11.0013", "vendor": "aruba", "osType": "arubaos-s switch", "PATCH_ID": 1208082, "SEVERITY": 2}, { "VULN_COUNT": 0, "CVEID": "CVE-2024-26303", "patchVersion": "KB.16.11.0016", "vendor": "aruba", "osType": "arubaos-s switch", "PATCH_ID": 1212540, "SEVERITY": 2} ]}, "LATEST_PATCH": "YC.16.11.0016", "osversion": "KB.16.11.2"}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Latest Patch Details

API EndPoint : getVulnLatestPatchDetails

Returns details of the latest available firmware vulnerability patch for a specified device.

The response provides the hostname, vendor, OS type, current OS version, and the latest patch version available for the device.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getVulnLatestPatchDetails?apiKey=********&rsId=101

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
rsId	Resource id of the device	long	-	yes

Sample Response

HTTP Code: 200

{ "HOSTNAME": "172.1.1.1", "vendor": "aruba", "osType": "arubaos", "LATEST_PATCH": "YC.16.11.0016", "osversion": "kb.16.11.2", "isSuccess": true}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Get FV Patch Cve Details

API EndPoint : getVulnPatchCveDetails

Retrieves the list of vulnerabilities (CVEs) with its details like cveid, summary, basescore that would exist after applying the latest available firmware patch.

HTTP Method

GET

API URL

http://localhost:8060/api/json/ncmcompliance/getVulnPatchCveDetails?apiKey=********&vendor=Cisco&osType=IOS%20XE%20Software&osversion=15.9(3)M11

Parameters

Param Name	Description	Data Type	Regex	Is Mandatory
apiKey	API Key to access your server.	-	-	Yes
vendor	Device Vendor Name	-	^([p{L}p{N}+_s()-])+$	yes
osType	Device OS Type	-	^([p{L}p{N}P{InBasicLatin}.,s-_[]])+$	yes
osversion		-	^([p{L}p{N}P{InBasicLatin}.,:s-_()[]])+$	yes
jqgrid_id	Unique identifier for the jqGrid instance. Used to distinguish between multiple grids on the same page or in the same API call.	String	-	No
jqgridLoad	Indicates whether the jqGrid should perform a fresh load or reload its data.	boolean	-	No
_search	Set to true if the current request is for searching/filtering data, and false otherwise.	boolean	-	No
nd	Timestamp value used for cache busting, ensuring fresh data is retrieved from the server rather than from browser cache.	long	-	No
rows	The number of rows to retrieve per page (page size). Controls pagination in jqGrid.	int	-	No
page	The current page number to be retrieved. Enables pagination functionality in jqGrid.	int	-	No
sidx	The column name by which to sort the data. Used for server-side sorting in jqGrid.	String	-	No
sord	The sort order for the data, either asc (ascending) or desc (descending).	String	-	No
filters	JSON-encoded string containing advanced multi-field filter criteria generated by jqGrid's toolbar or multi-search.	String	-	No
searchOper	The search operator for simple search (e.g., eq for equals, ne for not equals, bw for begins with, etc.). Used with single-field search.	String	-	No
searchString	The value to search for in a simple (single-field) search. Used with searchField and searchOper.	String	-	No
searchField	The column name to perform a simple search on. Used with searchString and searchOper to define single-field search criteria.	String	-	No

Sample Response

HTTP Code: 200

{ "total": 1, "records": "-1", "rows": [ { "SUMMARY": "Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability", "CVEID": "CVE-2025-20363", "BASESCORE2": 9, "SEVERITY": 4}, { "SUMMARY": "Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities", "CVEID": "CVE-2025-20224", "BASESCORE2": 8.6, "VULTYPE": "Denial Of Service", "SEVERITY": 3}, { "SUMMARY": "Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities", "CVEID": "CVE-2025-20225", "BASESCORE2": 8.6, "VULTYPE": "Denial Of Service", "SEVERITY": 3}, { "SUMMARY": "Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities", "CVEID": "CVE-2025-20239", "BASESCORE2": 8.6, "VULTYPE": "Denial Of Service", "SEVERITY": 3}, { "SUMMARY": "Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities", "CVEID": "CVE-2025-20252", "BASESCORE2": 8.6, "VULTYPE": "Denial Of Service", "SEVERITY": 3}, { "SUMMARY": "Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities", "CVEID": "CVE-2025-20254", "BASESCORE2": 8.6, "VULTYPE": "Denial Of Service", "SEVERITY": 3}, { "SUMMARY": "Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities", "CVEID": "CVE-2025-20253", "BASESCORE2": 8.6, "VULTYPE": "Denial Of Service", "SEVERITY": 3}, { "SUMMARY": "Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability", "CVEID": "CVE-2025-20160", "BASESCORE2": 8.1, "SEVERITY": 3}, { "SUMMARY": "Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability", "CVEID": "CVE-2025-20352", "BASESCORE2": 7.7, "SEVERITY": 3}, { "SUMMARY": "Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability", "CVEID": "CVE-2025-20151", "BASESCORE2": 4.3, "VULTYPE": "Not Defined", "SEVERITY": 2} ]}

Error Response

View common error responses

Rate limit: 100 requests per minute. Exceeding this limit will block requests for 1 minute

Thank you for your feedback!

Was this content helpful?

We are sorry. Help us improve this page.

How can we improve this page?

Need more information on this topic

Need better screenshots

Need clear step by step instructions

Others

Do you need assistance with this topic?

Yes No

By clicking "Submit", you agree to processing of personal data according to the Privacy Policy.