# Vulnerability Evidence Created ## Getting Started This page will help you with subscribing to the **vulnerability-evidence-created** event. This event can be used for the following: * Get details for evidence created for a vulnerability on a project, for which you have access to. ## Prerequisites In order to subscribe to this event, you must have: * Access to the vulnerability-evidence-created event (see My Events to confirm). * A working client (see Setting Up Your Client for details). * Valid API Key (see Authentication for your key). * Network access to your AttackForge Enterprise tenant. ## Subscribing To Event * NodeJS * Python * .NET * Java * Go ### NodeJS #### NodeJS Prerequisites In order to subscribe to this event using the NodeJS client, you must have: * NodeJS v10+ installed * NPM installed * A working NodeJS client (see Setting Up Your Client for details). #### Client configuration Open a terminal and navigate to the client directory. From the client directory, run following command, substituting variables below with your configuration details: ``` $ TENANT="YOUR-AFE-TENANT" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="YOUR-API-KEY" node . ``` An example is included below for reference: ``` $ TENANT="https://demo.attackforge.com" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" node . ``` If your client is successfully subscribed to this event, you should see similar output in your terminal: ``` Subscribed to the following events: [ 'vulnerability-evidence-created' ] ``` Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge. You can now work on your integration code to start actioning these events. Open **index.js** with a text editor - the file is located in your client directory. Your code will replace the following section within this file: ``` /* ENTER YOUR INTEGRATION CODE HERE */ /* method contains the event type e.g. vulnerability-evidence-created */ /* params contains the event body e.g. JSON object with timestamp & details */ ``` ### Python #### Python Prerequisites In order to subscribe to this event using the Python client, you must have: * Python3 installed * PIP installed * A working Python client (see Setting Up Your Client for details). #### Client configuration Open a terminal and navigate to the client directory. From the client directory, run following command, substituting variables below with your configuration details: ``` $ HOSTNAME="YOUR-AFE-HOSTNAME" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="YOUR-API-KEY" python3 main.py ``` An example is included below for reference: ``` $ HOSTNAME="demo.attackforge.com" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" python3 main.py ``` If your client is successfully subscribed to the events, you should see similar output in your terminal: ``` Subscribed to the following events: [ 'vulnerability-evidence-created' ] ``` Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge. You can now work on your integration code to start actioning these events. Open **main.py** with a text editor - the file is located in your client directory. Your code will replace the following section within this file: ``` # ENTER YOUR INTEGRATION CODE HERE # method contains the event type e.g. vulnerability-evidence-created # params contains the event body e.g. JSON object with timestamp & details ``` ### .NET #### .NET Prerequisites In order to subscribe to this event using the .NET client, you must have: * .NET 5.0 SDK installed * A working .NET client (see [Setting Up Your Client](https://localhost:3000/#!/app/ss/event-getting-started#setting-up) for details). #### Client configuration Open a terminal and navigate to the client directory. From the client directory, run following command, substituting variables below with your configuration details: ``` $ HOSTNAME="YOUR-AFE-HOSTNAME" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="YOUR-API-KEY" dotnet run ``` An example is included below for reference: ``` $ HOSTNAME="demo.attackforge.com" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" dotnet run ``` If your client is successfully subscribed to the events, you should see similar output in your terminal: ``` Subscribed to the following events: [ 'vulnerability-evidence-created' ] ``` Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge. You can now work on your integration code to start actioning these events. Open **Program.cs** with a text editor from your client directory. Your code will replace the following section within this file: ``` /* ENTER YOUR INTEGRATION CODE HERE */ /* method contains the event type e.g. vulnerability-evidence-created */ /* params contains the event body e.g. JSON object with timestamp & details */ ``` ### Java #### Java Prerequisites In order to subscribe to this event using the Java client, you must have: * OpenJDK 11 installed * Maven installed * A working Java client (see Setting Up Your Client for details). #### Client configuration Open a terminal and navigate to the client directory. From the client directory, run following command, substituting variables below with your configuration details: ``` $ HOSTNAME="YOUR-AFE-HOSTNAME" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="YOUR-API-KEY" java -jar target/afe-ssapi-events-java-client-1.0-SNAPSHOT-jar-with-dependencies.jar ``` An example is included below for reference: ``` $ HOSTNAME="demo.attackforge.com" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" java -jar target/afe-ssapi-events-java-client-1.0-SNAPSHOT-jar-with-dependencies.jar ``` If your client is successfully subscribed to the events, you should see similar output in your terminal: ``` Subscribed to the following events: [ 'vulnerability-evidence-created' ] ``` Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge. You can now work on your integration code to start actioning these events. Open **./src/main/java/com/attackforge/App.java** with a text editor from your client directory. Your code will replace the following section within this file: ``` /* ENTER YOUR INTEGRATION CODE HERE */ /* method contains the event type e.g. vulnerability-evidence-created */ /* params contains the event body e.g. JSON object with timestamp & details */ ``` ### Go #### Go Prerequisites In order to subscribe to this event using the Go client, you must have: * Go installed * A working Go client (see Setting Up Your Client for details). #### Client configuration Open a terminal and navigate to the client directory. From the client directory, run following command, substituting variables below with your configuration details: ``` $ HOSTNAME="YOUR-AFE-HOSTNAME" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="YOUR-API-KEY" ./afe-ssapi-events-go-client ``` An example is included below for reference: ``` $ HOSTNAME="demo.attackforge.com" EVENTS="vulnerability-evidence-created" X_SSAPI_KEY="q9ef672kqZIQymCZRuiKMeWbeaXEzBzqRCfGcpWEpoBNU2Bk4UmtktsZVDDgRzlC0BOHH9x0y4EzbBGeSKO9PRskEmHATXHs2sVe7tS98U0DuDFjH0RdPFWUpgZDWgIESy9yNDesm6Xi8C9HsikddyBKsATXat2604dPrr4Ca86J8Y5IkEnqUwYzw3MoSbzHeXZ0DKHqKz6Icv9dtrsnAFzpXg1P423uRllq4LqFjP4J8hAtrWZ9296h3uh9B5Vp" ./afe-ssapi-events-go-client ``` If your client is successfully subscribed to this event, you should see similar output in your terminal: ``` Subscribed to the following events: [ 'vulnerability-evidence-created' ] ``` Your client is now working and you will see new events output to the terminal as they are pushed from AttackForge. You can now work on your integration code to start actioning these events. Open **main.go** with a text editor from your client directory. Your code will replace the following section within this file: ``` /* ENTER YOUR INTEGRATION CODE HERE */ /* method contains the event type e.g. vulnerability-evidence-created */ /* params contains the event body e.g. JSON object with timestamp & details */ ``` ## Example Response The event emitted will include the following information: ```json { "method": "vulnerability-evidence-created", "params": { "timestamp": "2021-01-01T00:00:00.000Z", "user": { "user_id": "60d0fe4f5311236168a109ca" }, "data": { "evidence_id": "60fe2f7747d2c400306bd808", "evidence_created": "2021-01-01T03:43:51.665Z", "evidence_modified": "2021-01-01T03:43:51.665Z", "evidence_is_deleted": false, "evidence_file_name": "Lorem ipsum...", "evidence_file_type": "Lorem ipsum...", "evidence_file_hash": "Lorem ipsum...", "evidence_file_size": 6635520, "evidence_file_size_kb": 6480, "evidence_file_storage_name": "Lorem ipsum...", "evidence_file_storage_location": "Lorem ipsum...", "evidence_vulnerability": { "vulnerability_id": "60fe2f7747d2c400306bd808" }, "evidence_user": { "user_id": "60fe2f7747d2c400306bd808", } } } } ```