LogoLogo
API DocumentationIntegrationsPlexTrac.com
  • Product Documentation
    • Using This Site
    • Security Advisories
    • Deployment and Maintenance Policy
    • Supported Applications
  • PlexTrac Modules
    • Dashboard
    • Clients
      • Clients Components
      • Creating a Client
      • Managing Clients
      • Managing Client Users
      • Adding Assets to a Client
      • Managing Assets
    • Schedule
      • Schedule Components
      • Creating an Engagement
      • Requesting an Engagement
      • Managing Engagements
      • Engagement Status
    • Assessments
      • Assessment Components
      • Managing Questionnaires
      • Starting an Assessment
      • Taking an Assessment
      • Reviewing an Assessment
      • Submitting an Assessment
    • Reports
      • Report Components
      • Creating a Report
      • Adding from NarrativesDB
      • Editing a Report
      • Using Short Codes in Reports
      • Findings
        • Creating a Finding
        • Collaborative Editing
        • Importing Findings from a File
        • CSV Findings Templates
          • Using Report Findings CSV Template
        • Importing Findings via an Integration
        • Importing Findings from WriteupsDB
        • Finding Status
        • Creating Jira Tickets
        • CVSS Scoring
        • Affected Assets
      • Importing a Report
      • Exporting a Report
    • Priorities
      • Priorities Components
      • Creating a Priority
      • Linking Findings and Assets
      • Managing Priorities
      • Priorities Metrics
    • Content Library
      • Types of Repositories
      • NarrativesDB
        • NarrativesDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Managing Sections
        • Creating a Section
      • WriteupsDB
        • WriteupsDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Creating a Writeup
        • Copying a Writeup
        • Adding to a Report
        • Importing via CSV Template
      • RunbooksDB
        • RunbooksDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Creating a Procedure
        • Creating a Technique
        • Creating a Tactic
        • Creating a Methodology
    • Analytics
      • Findings
      • Assets
      • Runbooks
      • Trends & SLAs
    • Runbooks
      • Managing Engagements
        • Starting an Engagement
        • Submitting an Engagement
      • Managing Test Plans
        • Creating a Test Plan
        • Exporting a Test Plan
  • Tenant Management
    • Account Management
      • Profile (Personal Settings)
        • Managing User Profile
        • Managing Password
        • Setting Up Two-Factor Authentication
      • Account Admin
        • Tenant Settings
          • Account Information
          • General Settings
          • Email Settings
          • Tags Settings
          • Service-Level Agreements (SLAs)
          • Short Codes
        • Customizations
          • Layouts
          • Templates
            • Report Templates
            • Export Templates
            • Style Guides
          • Theme
        • Automations
          • Risk Scoring
            • Creating Equations
            • Managing Priority Equations
          • Parser Actions
        • Integrations & Webhooks
          • Integrations (API)
            • Cobalt
            • Edgescan
            • HackerOne
            • Jira
            • ServiceNow
            • Tenable Vulnerability Management
            • Tenable Security Center
          • Webhooks
        • Security & User Management
          • Audit Log
          • Security
            • Authentication Methods
              • OAuth/OpenID Setup
                • Microsoft Entra ID
                • Google OAuth
                • Okta
                • OpenID Connect
              • SAML Setup
            • General Authentication Settings
            • Authorization
            • Role Based Access (RBAC)
              • Custom Roles
            • Classification Tiers
          • Users
            • Adding Users
            • Managing Users
        • Licensing
          • Licensing
          • Priorities
          • Plex AI
            • Using AI
        • White Labeling
      • Help Center
      • Logout
    • Integrations and File Imports
      • Acunetix
      • BlindSPOT
      • Burp Suite
      • Checkmarx
      • Core Impact
      • HCL AppScan
      • Invicti
      • Nessus
      • Nexpose
      • Nipper
      • Nmap (Assets)
      • Nmap Vulners NSE
      • Nodeware
      • NodeZero
      • OpenVAS
      • OWASP ZAP
      • Pentera
      • Qualys (VM Parser)
      • Qualys (Web App Scanner)
      • RapidFire
      • Scythe
      • Veracode
  • API Documentation
    • Overview
    • Concept Definitions
    • Getting Started
    • Retrieving Parameter IDs
    • Object Structures
      • Client Object
      • Report Object
      • Finding Object
      • Asset Object
      • Evidence Object
    • Use Cases
    • API Change Policy
      • API Change Log
    • Webhooks
      • Webhook Payload Structure
      • Verifying Sender Requests
Powered by GitBook

Resources

  • Privacy Policy
  • Terms of Use
  • Vulnerability Policy

© 2025 PlexTrac, Inc. All rights reserved.

On this page
  • Finding Table
  • Finding Structure

Was this helpful?

Export as PDF
  1. API Documentation
  2. Object Structures

Finding Object

PreviousReport ObjectNextAsset Object

Last updated 1 year ago

Was this helpful?

Findings are the most common object in PlexTrac and contain data detailing an exploit.

Findings also exist in client asset information in the form of an affected asset and contain the relationship information about which client assets are affected, which is tracked in the affected_assets field.

For each client asset, the finding affects, an object exists in that field's list containing information and metadata about the client asset and how it relates to the finding. Since the objects stored in affected_assets contain this extra relationship metadata, these items are considered separate objects called affected asset objects.

Finding Table

The following table explains the fields and data types stored for a finding. Fields are presented in alphabetical order by object field name.

The required fields when creating a finding are title, severity, and description.

object field name
description
data type

affected_assets

name of affected assets

dict {str, {AFFECTED ASSET Object}

assignedTo

email address of user that finding is assigned to

string

client_id

client that the finding belongs to

integer

closedAt

when finding was closed

integer in epoch milliseconds, such as "1662588579026"

common_identifiers

includes CVE scores, CWE scores, and code that is related to the finding (added in the Code Sample tab when editing a finding)

"CVE": [{ "name": str, "year": int, "id": int, "link": str } ], "CWE": [ { "name": str, "id": int, "link": str } ] }, "code_samples": [ { "caption": str, "code": str, "id": str } ] }

createdAt

when finding was created in

integer in epoch milliseconds, such as "1662588579026"

description

description of finding

string

doc_type

field in database to identify object

string

doc_version

version of PlexTrac when finding was created. Should not be added to create or update requests

string

exhibits

an image or video related to the finding (added in the Screenshots/Video tab when editing a finding)

array: {"assets": [ { "asset": str, "id": str } ], "caption": str, "exhibitID": str:, "index": int, "type": str: MIME type image, such as .png}

fields

includes any added custom fields, plus any CVSS 3.0 score, CVSS 2.0 score, and 'general' score values entered for a finding

dict {str, dict {label: str, value: str}, "scores": { "cvss", { "type": "cvss", "value": str, "label": str, "calculation": str }, "cvss3", { "type": "cvss3", "value": str, "label": str, "calculation": str }, "general", { "type": "general", "value": str, "label": str, "calculation": str } } },

flaw_id

the unique identifier of a finding and is generated based on the finding title, but since a finding with the same title can exist in different reports, this means flaw_id is not unique across the platform

integer

last_update

when finding was last modified

integer in epoch milliseconds, such as "1662588579026"

repoenedAt

when finding was reopened

integer in epoch milliseconds, such as "1662588579026

report_id

ID of report finding is associated with

integer

report_name

name of report

string

risk_score

the total risk score of the finding for CVSS v3.1, CVSS v3.0, CVSS v2.0, and CWSS

"CVSS3": "overall": int, "vector": str, "subScore": "base": int

selectedScore

the identified selected score for the finding

string

severity

severity of finding

string

slaData

SLA status of finding

{"title": str, "timeToExpire": str }

source

source of finding

string

status

status of finding

string

subStatus

substatus of finding

string

tags

any tags associated with finding

string array

title

title of finding

string

visibility

visibility of finding

string

Finding Structure

The finding object stored in the database is a nested JSON object. Below are screenshots and a sample downloadable file that displays the structure of different database objects.

continued

3KB
Finding Object.txt