Table: vanta_evidence - Query Vanta Evidence using SQL
Vanta is a security and compliance platform that automates the collection of evidence for various security standards and regulations. It provides a centralized way to monitor and manage security controls across your infrastructure, applications, and services. Vanta Evidence is a key component of this platform, capturing and storing the necessary data to demonstrate compliance with these standards.
Table Usage Guide
The vanta_evidence
table offers insights into the evidence collected by Vanta for security and compliance monitoring. As a Security Analyst, you can use this table to explore specific details about each piece of evidence, including its metadata, associated controls, and status. By querying this table, you can effectively track and verify your organization's compliance status and identify potential security issues.
Important Notes
- To query the table you must set
api_token
argument in the config file (~/.steampipe/config/vanta.spc
).
Examples
Basic info
Explore the various categories of evidence requests in the Vanta system, identifying instances where access to certain information might be restricted. This can help in understanding the nature of information requests and ensuring compliance with access control policies.
select title, evidence_request_id, category, description, restrictedfrom vanta_evidence;
select title, evidence_request_id, category, description, restrictedfrom vanta_evidence;
List evidences with restricted document access
Explore which evidences have restricted document access to ensure compliance and maintain the integrity of sensitive information. This can be beneficial in situations where access needs to be limited due to confidentiality or security reasons.
select title, evidence_request_id, category, descriptionfrom vanta_evidencewhere restricted;
select title, evidence_request_id, category, descriptionfrom vanta_evidencewhere restricted = 1;
List non-relevant evidences
Uncover the details of dismissed evidences in your Vanta security compliance data. This query is particularly useful in identifying and reviewing non-relevant evidences that have been marked as dismissed.
select title, evidence_request_id, category, dismissed_statusfrom vanta_evidencewhere dismissed_status -> 'isDismissed' = 'true';
select title, evidence_request_id, category, dismissed_statusfrom vanta_evidencewhere json_extract(dismissed_status, '$.isDismissed') = 'true';
List evidences up for renewal within 30 days
Explore which pieces of evidence are due for renewal within the next month. This is useful for staying on top of compliance requirements and ensuring that all evidence is updated in a timely manner.
select title, category, renewal_metadata ->> 'nextDate' as update_byfrom vanta_evidencewhere renewal_metadata ->> 'nextDate' != '' and current_timestamp < (renewal_metadata ->> 'nextDate') :: timestamp and extract ( day from ( (renewal_metadata ->> 'nextDate') :: timestamp - current_timestamp ) ) < 30 and dismissed_status is null;
select title, category, json_extract(renewal_metadata, '$.nextDate') as update_byfrom vanta_evidencewhere json_extract(renewal_metadata, '$.nextDate') != '' and strftime('%s', 'now') < strftime('%s', json_extract(renewal_metadata, '$.nextDate')) and julianday(json_extract(renewal_metadata, '$.nextDate')) - julianday('now') < 30 and dismissed_status is null;
Get the count of evidence by category
Explore which categories have the most evidence. This can be useful in identifying areas that may require additional scrutiny or attention.
select category, count(title)from vanta_evidencegroup by category;
select category, count(title)from vanta_evidencegroup by category;
Schema for vanta_evidence
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
app_upload_enabled | boolean | If true, applications are allowed to upload documents on behalf of customers for this evidence request. | |
category | text | Specifies the category of the evidence request. | |
description | text | A human-readable description of the evidence requested. | |
dismissed_status | jsonb | Information about the dismissed status of the evidence request. | |
evidence_request_id | text | = | A unique identifier for this evidence request. |
organization_name | text | The name of the organization. | |
renewal_metadata | jsonb | Information on the renewal cadence of the evidence request. | |
restricted | boolean | If true, access to the contents of the evidence documents is restricted. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
title | text | The title of the document. | |
uid | text | An identifier that is unique across all of Vanta. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- vanta
You can pass the configuration to the command with the --config
argument:
steampipe_export_vanta --config '<your_config>' vanta_evidence