oci_adm_knowledge_baseoci_adm_vulnerability_auditoci_ai_anomaly_detection_ai_private_endpointoci_ai_anomaly_detection_data_assetoci_ai_anomaly_detection_modeloci_ai_anomaly_detection_projectoci_analytics_instanceoci_apigateway_apioci_application_migration_migrationoci_application_migration_sourceoci_artifacts_container_imageoci_artifacts_container_image_signatureoci_artifacts_container_repositoryoci_artifacts_generic_artifactoci_artifacts_repositoryoci_autoscaling_auto_scaling_configurationoci_autoscaling_auto_scaling_policyoci_bastion_bastionoci_bastion_sessionoci_bds_bds_instanceoci_budget_alert_ruleoci_budget_budgetoci_certificates_authority_bundleoci_certificates_management_associationoci_certificates_management_ca_bundleoci_certificates_management_certificateoci_certificates_management_certificate_authorityoci_certificates_management_certificate_authority_versionoci_certificates_management_certificate_versionoci_cloud_guard_configurationoci_cloud_guard_detector_recipeoci_cloud_guard_managed_listoci_cloud_guard_responder_recipeoci_cloud_guard_targetoci_container_instances_containeroci_container_instances_container_instanceoci_containerengine_clusteroci_core_block_volume_replicaoci_core_boot_volumeoci_core_boot_volume_attachmentoci_core_boot_volume_backupoci_core_boot_volume_metric_read_opsoci_core_boot_volume_metric_read_ops_dailyoci_core_boot_volume_metric_read_ops_hourlyoci_core_boot_volume_metric_write_opsoci_core_boot_volume_metric_write_ops_dailyoci_core_boot_volume_metric_write_ops_hourlyoci_core_boot_volume_replicaoci_core_cluster_networkoci_core_dhcp_optionsoci_core_drgoci_core_imageoci_core_image_customoci_core_instanceoci_core_instance_configurationoci_core_instance_metric_cpu_utilizationoci_core_instance_metric_cpu_utilization_dailyoci_core_instance_metric_cpu_utilization_hourlyoci_core_internet_gatewayoci_core_load_balanceroci_core_local_peering_gatewayoci_core_nat_gatewayoci_core_network_load_balanceroci_core_network_security_groupoci_core_public_ipoci_core_public_ip_pooloci_core_route_tableoci_core_security_listoci_core_service_gatewayoci_core_subnetoci_core_vcnoci_core_vnic_attachmentoci_core_volumeoci_core_volume_attachmentoci_core_volume_backupoci_core_volume_backup_policyoci_core_volume_default_backup_policyoci_core_volume_groupoci_database_autonomous_databaseoci_database_autonomous_db_metric_cpu_utilizationoci_database_autonomous_db_metric_cpu_utilization_dailyoci_database_autonomous_db_metric_cpu_utilization_hourlyoci_database_autonomous_db_metric_storage_utilizationoci_database_autonomous_db_metric_storage_utilization_dailyoci_database_autonomous_db_metric_storage_utilization_hourlyoci_database_cloud_vm_clusteroci_database_dboci_database_db_homeoci_database_db_systemoci_database_exadata_infrastructureoci_database_pluggable_databaseoci_database_software_imageoci_devops_projectoci_devops_repositoryoci_dns_rrsetoci_dns_tsig_keyoci_dns_zoneoci_events_ruleoci_file_storage_file_systemoci_file_storage_mount_targetoci_file_storage_snapshotoci_functions_applicationoci_functions_functionoci_identity_api_keyoci_identity_auth_tokenoci_identity_authentication_policyoci_identity_availability_domainoci_identity_compartmentoci_identity_customer_secret_keyoci_identity_db_credentialoci_identity_domainoci_identity_dynamic_groupoci_identity_groupoci_identity_network_sourceoci_identity_policyoci_identity_tag_defaultoci_identity_tag_namespaceoci_identity_tenancyoci_identity_useroci_kms_keyoci_kms_key_versionoci_kms_vaultoci_logging_logoci_logging_log_groupoci_logging_searchoci_mysql_backupoci_mysql_channeloci_mysql_configurationoci_mysql_configuration_customoci_mysql_db_systemoci_mysql_db_system_metric_connectionsoci_mysql_db_system_metric_connections_dailyoci_mysql_db_system_metric_connections_hourlyoci_mysql_db_system_metric_cpu_utilizationoci_mysql_db_system_metric_cpu_utilization_dailyoci_mysql_db_system_metric_cpu_utilization_hourlyoci_mysql_db_system_metric_memory_utilizationoci_mysql_db_system_metric_memory_utilization_dailyoci_mysql_heat_wave_clusteroci_network_firewall_firewalloci_network_firewall_policyoci_nosql_tableoci_nosql_table_metric_read_throttle_countoci_nosql_table_metric_read_throttle_count_dailyoci_nosql_table_metric_read_throttle_count_hourlyoci_nosql_table_metric_storage_utilizationoci_nosql_table_metric_storage_utilization_dailyoci_nosql_table_metric_storage_utilization_hourlyoci_nosql_table_metric_write_throttle_countoci_nosql_table_metric_write_throttle_count_dailyoci_nosql_table_metric_write_throttle_count_hourlyoci_objectstorage_bucketoci_objectstorage_objectoci_ons_notification_topicoci_ons_subscriptionoci_queue_queueoci_regionoci_resource_searchoci_resourcemanager_stackoci_streaming_streamoci_vault_secret
Table: oci_adm_vulnerability_audit - Query OCI ADM Vulnerability Audits using SQL
Oracle Cloud Infrastructure's Application Deployment Manager (ADM) service provides a framework for managing and monitoring your applications. It includes a Vulnerability Audit feature, which checks for potential security vulnerabilities in your applications. This feature helps ensure that your applications are secure and comply with industry standards and best practices.
Table Usage Guide
The oci_adm_vulnerability_audit table provides insights into Vulnerability Audits within OCI's Application Deployment Manager (ADM). As a security analyst or DevOps engineer, explore audit-specific details through this table, including audit findings, severity, and associated metadata. Utilize it to uncover information about vulnerabilities, such as those with high severity, the remediation advice for vulnerabilities, and the verification of vulnerability fixes.
Examples
Basic info
Explore the extent of vulnerabilities in your system by examining the maximum observed CVSS scores and the count of vulnerable artifacts. This query offers a comprehensive view of potential security risks, helping prioritize areas for remediation and enhancing overall system security.
select id, knowledge_base_id, vulnerabilities, max_observed_cvss_v2_score, max_observed_cvss_v3_score, max_observed_cvss_v2_score_with_ignored, max_observed_cvss_v3_score_with_ignored, vulnerable_artifacts_count_with_ignored, vulnerable_artifacts_count, build_type, display_name, is_success, lifecycle_state as statefrom oci_adm_vulnerability_audit;select id, knowledge_base_id, vulnerabilities, max_observed_cvss_v2_score, max_observed_cvss_v3_score, max_observed_cvss_v2_score_with_ignored, max_observed_cvss_v3_score_with_ignored, vulnerable_artifacts_count_with_ignored, vulnerable_artifacts_count, build_type, display_name, is_success, lifecycle_state as statefrom oci_adm_vulnerability_audit;List vulnerability audits which are not active
Determine the areas in which vulnerability audits are no longer active. This query can be used to identify potential security risks and gaps in your system's defense.
select id, knowledge_base_id, vulnerabilities, max_observed_cvss_v2_score, max_observed_cvss_v3_score, max_observed_cvss_v2_score_with_ignored, max_observed_cvss_v3_score_with_ignored, vulnerable_artifacts_count_with_ignored, vulnerable_artifacts_count, build_type, display_name, is_success, lifecycle_state as statefrom oci_adm_vulnerability_auditwhere lifecycle_state <> 'ACTIVE';select id, knowledge_base_id, vulnerabilities, max_observed_cvss_v2_score, max_observed_cvss_v3_score, max_observed_cvss_v2_score_with_ignored, max_observed_cvss_v3_score_with_ignored, vulnerable_artifacts_count_with_ignored, vulnerable_artifacts_count, build_type, display_name, is_success, lifecycle_state as statefrom oci_adm_vulnerability_auditwhere lifecycle_state != 'ACTIVE';List vulnerability audits created in last 30 days
Discover the segments that have been audited for vulnerabilities in the past month. This is useful for identifying potential security risks and ensuring your system's defenses are up to date.
select id, knowledge_base_id, vulnerabilities, max_observed_cvss_v2_score, max_observed_cvss_v3_score, max_observed_cvss_v2_score_with_ignored, max_observed_cvss_v3_score_with_ignored, vulnerable_artifacts_count_with_ignored, vulnerable_artifacts_count, build_type, display_name, is_success, lifecycle_state as statefrom oci_adm_vulnerability_auditwhere time_created >= now() - interval '30' day;select id, knowledge_base_id, vulnerabilities, max_observed_cvss_v2_score, max_observed_cvss_v3_score, max_observed_cvss_v2_score_with_ignored, max_observed_cvss_v3_score_with_ignored, vulnerable_artifacts_count_with_ignored, vulnerable_artifacts_count, build_type, display_name, is_success, lifecycle_state as statefrom oci_adm_vulnerability_auditwhere time_created >= datetime('now', '-30 day');List successful vulnerability audits
Explore which vulnerability audits were successful. This can help you assess the effectiveness of your security measures and identify areas for improvement.
select id, knowledge_base_id, vulnerabilities, max_observed_cvss_v2_score, max_observed_cvss_v3_score, max_observed_cvss_v2_score_with_ignored, max_observed_cvss_v3_score_with_ignored, vulnerable_artifacts_count_with_ignored, vulnerable_artifacts_count, build_type, display_name, is_success, lifecycle_state as statefrom oci_adm_vulnerability_auditwhere is_success;select id, knowledge_base_id, vulnerabilities, max_observed_cvss_v2_score, max_observed_cvss_v3_score, max_observed_cvss_v2_score_with_ignored, max_observed_cvss_v3_score_with_ignored, vulnerable_artifacts_count_with_ignored, vulnerable_artifacts_count, build_type, display_name, is_success, lifecycle_state as statefrom oci_adm_vulnerability_auditwhere is_success = 1;List vulnerability audits with unknown source
Discover the segments that have vulnerability audits with an unknown source. This is useful to identify potential security risks and take appropriate measures in a timely manner.
select id, knowledge_base_id, vulnerabilities, source ->> 'type' as source_type, vulnerable_artifacts_count, build_type, display_name, is_success, lifecycle_state as statefrom oci_adm_vulnerability_auditwhere source ->> 'type' = 'UNKNOWN';select id, knowledge_base_id, vulnerabilities, json_extract(source, '$.type') as source_type, vulnerable_artifacts_count, build_type, display_name, is_success, lifecycle_state as statefrom oci_adm_vulnerability_auditwhere json_extract(source, '$.type') = 'UNKNOWN';List vulnerable events that occurred over the last five minutes
Identify recent events that have potential vulnerabilities. This helps in immediate detection and remediation of potential security risks.
select id, knowledge_base_id, vulnerabilities, max_observed_cvss_v2_score, max_observed_cvss_v3_score, max_observed_cvss_v2_score_with_ignored, max_observed_cvss_v3_score_with_ignored, vulnerable_artifacts_count_with_ignored, vulnerable_artifacts_count, build_type, display_name, is_success, lifecycle_state as statefrom oci_adm_vulnerability_auditwhere time_created >= now() - interval '5 minutes' and vulnerabilities is not null;select id, knowledge_base_id, vulnerabilities, max_observed_cvss_v2_score, max_observed_cvss_v3_score, max_observed_cvss_v2_score_with_ignored, max_observed_cvss_v3_score_with_ignored, vulnerable_artifacts_count_with_ignored, vulnerable_artifacts_count, build_type, display_name, is_success, lifecycle_state as statefrom oci_adm_vulnerability_auditwhere time_created >= datetime('now', '-5 minutes') and vulnerabilities is not null;Schema for oci_adm_vulnerability_audit
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form. | |
| build_type | jsonb | The type of the build tool. | |
| compartment_id | text | = | The OCID of the compartment in Tenant in which the resource is located. |
| configuration | jsonb | Configuration of the Vulnerability Audit. | |
| defined_tags | jsonb | Defined tags for this resource. Each key is predefined and scoped to a namespace. | |
| display_name | text | = | The name of the Vulnerability Audit. |
| freeform_tags | jsonb | Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. | |
| id | text | = | The Oracle Cloud identifier (OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)) of the Vulnerability Audit. |
| is_success | boolean | = | Indicates if an audit succeeded according to the configuration. The value is `null` if the audit is in the `CREATING` state. |
| knowledge_base_id | text | = | The Oracle Cloud identifier (OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)) of the Knowledge Base. |
| lifecycle_state | text | = | The current lifecycle state of the Vulnerability Audit. |
| max_observed_cvss_v2_score | double precision | Maximum Common Vulnerability Scoring System Version 2 score observed for non-ignored vulnerable Application Dependencies. | |
| max_observed_cvss_v2_score_with_ignored | double precision | Maximum Common Vulnerability Scoring System Version 2 score observed for vulnerable Application Dependencies including ignored ones. | |
| max_observed_cvss_v3_score | double precision | Maximum Common Vulnerability Scoring System Version 3 score observed for non-ignored vulnerable Application Dependencies. | |
| max_observed_cvss_v3_score_with_ignored | double precision | Maximum Common Vulnerability Scoring System Version 3 score observed for vulnerable Application Dependencies including ignored ones. | |
| source | jsonb | Source of the Vulnerability Audit. | |
| sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
| sp_ctx | jsonb | Steampipe context in JSON form. | |
| system_tags | jsonb | System tags for this resource. These predefined keys are scoped to namespaces. | |
| tags | jsonb | A map of tags for the resource. | |
| tenant_id | text | =, !=, ~~, ~~*, !~~, !~~* | The OCID of the Tenant in which the resource is located. |
| time_created | timestamp with time zone | Time that Vulnerability Audit was created. | |
| time_updated | timestamp with time zone | Time that Vulnerability Audit was updated. | |
| title | text | Title of the resource. | |
| vulnerabilities | jsonb | List of vulnerabilities found in the Vulnerability Audit. | |
| vulnerable_artifacts_count | bigint | Count of non-ignored vulnerable Application Dependencies. | |
| vulnerable_artifacts_count_with_ignored | bigint | Count of all vulnerable Application Dependencies. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- ociYou can pass the configuration to the command with the --config argument:
steampipe_export_oci --config '<your_config>' oci_adm_vulnerability_audit