Table: vanta_monitor - Query Vanta Monitors using SQL
Vanta is a security and compliance automation platform. It simplifies the complex and time-consuming process of preparing for SOC 2, HIPAA, and ISO 27001 audits. Vanta provides continuous monitoring of your applications, infrastructure, and cloud services to ensure they adhere to security best practices.
Table Usage Guide
The vanta_monitor
table provides insights into the monitors within Vanta's security and compliance automation platform. As a security analyst, explore monitor-specific details through this table, including status, type, and associated metadata. Utilize it to uncover information about monitors, such as those with alerts, the type of monitors, and the verification of monitor details.
Important Notes
- To query the table you must set
session_id
argument in the config file (~/.steampipe/config/vanta.spc
).
Examples
Basic info
Explore the status and outcome of different categories within a monitoring system. This can help you understand the areas requiring attention and the effectiveness of remediation efforts.
select name, category, outcome, latest_flip_time, remediation_status ->> 'status' as statusfrom vanta_monitor;
select name, category, outcome, latest_flip_time, json_extract(remediation_status, '$.status') as statusfrom vanta_monitor;
List all failed tests
Explore which monitors have failed tests to assess the areas of non-compliance and understand when the last status change occurred. This allows you to pinpoint specific issues and address them promptly.
select name, category, outcome, compliance_status, latest_flip_timefrom vanta_monitorwhere outcome = 'FAIL';
select name, category, outcome, compliance_status, latest_flip_timefrom vanta_monitorwhere outcome = 'FAIL';
Filter a specific test result by test ID
Explore the details of a specific test result by using its test ID, allowing you to gain insights into its category, outcome, and compliance status, as well as the time of the most recent status change. This is particularly useful for tracking and reviewing the performance of individual tests over time.
select name, category, outcome, compliance_status, latest_flip_timefrom vanta_monitorwhere test_id = 'test-03neqwol876pxg1iqjqib9';
select name, category, outcome, compliance_status, latest_flip_timefrom vanta_monitorwhere test_id = 'test-03neqwol876pxg1iqjqib9';
Count tests by remediation status
Analyze the status of remediation efforts by quantifying the number of tests associated with each status. This can help in prioritizing and tracking remediation tasks effectively.
select remediation_status ->> 'status' as status, count(name)from vanta_monitorgroup by remediation_status ->> 'status';
select json_extract(remediation_status, '$.status') as status, count(name)from vanta_monitorgroup by json_extract(remediation_status, '$.status');
List failed tests by owner
Explore which tests have failed and identify the owners responsible for these tests. This is useful for assessing the areas that need immediate attention or remediation.
select name, category, a ->> 'displayName' as owner, remediation_status ->> 'status' as statusfrom vanta_monitor left join jsonb_array_elements(assignees) as a on truewhere outcome = 'FAIL';
select name, category, json_extract(a.value, '$.displayName') as owner, json_extract(remediation_status, '$.status') as statusfrom vanta_monitor, json_each(assignees) as awhere outcome = 'FAIL';
List failed tests by standard
Discover the segments that have failed tests according to different standards. This query can be used to assess the status of remediation and identify areas needing attention in order to meet various standards.
select name, category, s -> 'standardInfo' ->> 'standard' as standard, remediation_status ->> 'status' as statusfrom vanta_monitor, jsonb_array_elements(controls) as c, jsonb_array_elements(c -> 'standardSections') as swhere outcome = 'FAIL';
select name, category, json_extract(s.value, '$.standardInfo.standard') as standard, json_extract(remediation_status, '$.status') as statusfrom vanta_monitor, json_each(controls) as c, json_each(c.value, '$.standardSections') as swhere outcome = 'FAIL';
List failed tests by integration
Explore which integrations have failed tests, allowing you to identify areas of concern and take necessary corrective actions. This is useful in maintaining system integrity and ensuring seamless integration performance.
select m.name, m.category, m.outcome, i.display_name as integrationfrom vanta_integration as i, jsonb_array_elements(i.tests) as t join vanta_monitor as m on m.test_id = t ->> 'testId' and m.outcome = 'FAIL';
select m.name, m.category, m.outcome, i.display_name as integrationfrom vanta_integration as i, json_each(i.tests) as t join vanta_monitor as m on m.test_id = json_extract(t.value, '$.testId') and m.outcome = 'FAIL';
Count tests by outcome
Assess the distribution of test outcomes within your Vanta monitor system. This query is useful for understanding the frequency of different outcomes, helping to identify patterns or areas for improvement.
select outcome, count(name)from vanta_monitorgroup by outcome;
select outcome, count(name)from vanta_monitorgroup by outcome;
Count active tests by category
Analyze the settings to understand the distribution of active tests across different categories. This can help in identifying the areas that are being frequently tested and those that require more attention.
select category, count(name)from vanta_monitorwhere disabled_status is nullgroup by category;
select category, count(name)from vanta_monitorwhere disabled_status is nullgroup by category;
Schema for vanta_monitor
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
assignees | jsonb | A list of users assigned as owner for this test. | |
category | text | A high-level categorization of the test. | |
compliance_status | text | The compliance status of the test. | |
controls | jsonb | A list of controls being checked during the test. | |
description | text | A human-readable description of the test. | |
disabled_status | jsonb | Metadata about whether this test is disabled. | |
failing_resource_entities | jsonb | The name of the organization. | |
id | text | An internal Vanta generated ID of the test. | |
latest_flip_time | timestamp with time zone | The last time the test flipped to a passing or failing state. | |
name | text | A human-readable name of the test. | |
organization_name | text | The name of the organization. | |
outcome | text | Outcome of the test run. Possible values are: 'PASS', 'DISABLED', 'FAIL', 'IN_PROGRESS', 'INVALID' and 'NA'. | |
remediation_status | jsonb | Specifies the remediation information. | |
services | jsonb | A list of services. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
test_id | text | A unique identifier for this test. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- vanta
You can pass the configuration to the command with the --config
argument:
steampipe_export_vanta --config '<your_config>' vanta_monitor