DEV Community

Shannon McFarland for Outshift By Cisco

Posted on • Edited on

1

VMClarity: How to use the API

If you are just now joining us on our multi-post series on the VMClarity open source project, check out these other posts to catch up:


The VMClarity API

VMClarity uses the OpenAPI spec; you can look at it here: https://github.com/openclarity/vmclarity/blob/main/api/openapi.yaml.

You can interact with the API via the following methods:

  • VMClarity UI - See the blogs referenced above to understand how to interact with the UI)
  • curl commands - See the video and commands referenced below
  • API tools such as Postman - See the video below

Once you have VMClarity up and running, check out this video to learn more about interacting with the VMClarity API:


Here are some of the commands that I referenced in the video:
SSH tunnel into the VMClarity Server instance (EC2):

ssh -i <your PEM> -N -L 8888:localhost:8888 ubuntu@<VMClarity public IP address>
Enter fullscreen mode Exit fullscreen mode

curl against the VMClarity API to get the scan configurations:

curl -s -X GET http://localhost:8888/api/scanConfigs -H 'Content-Type: application/json' | json_pp
Enter fullscreen mode Exit fullscreen mode

curl to get a list of scan targets (EC2 assets found based on the scan scope in the scan configuration):

curl -s -X GET http://localhost:8888/api/targets -H 'Content-Type: application/json' | json_pp
Enter fullscreen mode Exit fullscreen mode

curl to get the scan results. Note: This is going to generate a LOT of output. It is best to view this information in the UI:

curl -s -X GET http://localhost:8888/api/scanResults -H 'Content-Type: application/json' | json_pp
Enter fullscreen mode Exit fullscreen mode

Learn More & Join the Community!

Learn more about VMClarity and join the community! https://github.com/openclarity/vmclarity

I will be back with more posts on understanding how VMClarity works, and how you can contribute to it!

You can also learn more about the other Clarity projects, such as (API security) and KubeClarity (K8s SBOM/Supply chain security) here:

And several blogs about both projects are here:
https://techblog.cisco.com/


Shannon McFarland is a Distinguished Engineer and open source advocate in Cisco’s Emerging Technology & Incubation organization. You can follow him on Twitter @eyepv6.

API Trace View

Struggling with slow API calls?

Dan Mindru walks through how he used Sentry's new Trace View feature to shave off 22.3 seconds from an API call.

Get a practical walkthrough of how to identify bottlenecks, split tasks into multiple parallel tasks, identify slow AI model calls, and more.

Read more →

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay