URL

POST https://{api-url}/api/v2/tenants/{tenantId}/patches/baselines

Sample URLs

https://{api-url}/api/v2/tenants/client_16/patches/baselines

A patch baseline is a collection of patches that are approved for installation on your instances. From a given feed, the user selects a subset of the packages that address the key vulnerabilities. The chosen set of packages form the patch baseline.

As a prerequisite, create a patch feed before creating a baseline.

To install a Windows patch feed integration:

https://{api-url}/api/v2/tenants/{tenantId}/integrations/install/WINDOWSFEED

To install a Linux patch feed integration:

https://{api-url}/api/v2/tenants/{tenantId}/integrations/install/LINUXFEED

This endpoint is used to create or update a patch baseline. Using this API, user can create static and dynamic baselines.

  • Static baseline - Consists of patches that are available in a patch feed. The list of patches in a baseline does not change unless updated by a user.

  • Dynamic baseline - Consists of patches that meet certain filter criteria. The list of patches in a baseline depends on the list of available patches based on filter criteria.

Parameters

FieldData TypeDescription
nameStringUnique name to identify a patch baseline.
descriptionString(Optional) Description of a patch baseline.
dynamicBoolean
  • Provide "dynamic": false to create a static baseline.
  • Provide "dynamic": true to create a dynamic baseline.
installedIntg
  • id
ObjectID of an installed patch feed integration.
Example: INTG-c1a2d041-062d-4950-8570-f9d5a4dc0c34To fetch ID of an installed patch feed integration:
  1. Log into OpsRamp.
  2. Click All Clients and then select the required client.
  3. On the drop-down menu, click Setup.
  4. On the left-hand side panel, click Integrations, click Available Integrations and click on an installed patch feed integration.
  5. Copy the UID.
  6. Paste the UID in the id field of the request payload.
    Example: "installedIntg": { "id": "INTG-c2f39b7b-ad25-11e8-924d-080027f0b4d6" }
policy
  • matchType
  • rules
    • key
    • operator
    • value
ObjectFilter criteria for dynamic baseline:
  • Match type for the rules. Supported value: ALLPatches which match all the rules in the filter criteria are added to the baseline.
  • Filter patches with the following rules:
    • key: Provide the attributes of a patch.
      Supported keys: Category, Cve, Rating, Severity
Below table provides the list of supported operators and values for the keys.
KeyOperatorValue
CategoryContains, Not Contains, Equals, Not Equals, Starts with, Ends withNA
CveContains, Not Contains, Equals, Not Equals, Starts with, Ends withNA
RatingEquals, Not EqualsWhitelisted, Blacklisted
SeverityContains, Not Contains, Equals, Not Equals, Starts with, Ends withNA
For example, to filter patches which are whitelisted and are critical, provide the fields as shown below:
"policy": { "matchType": "ALL", "rules": [ { "key": "Rating", "operator": "Equals", "value": "Whitelisted" }, { "key": "Severity", "operator": "Contains", "value": "critical" } ] }

Static baseline

Sample request

{
	"name": "Linux_Patch_Feed",
	"description": "Ubuntu_Vulnerabilities",
	"dynamic": false,
	"installedIntg": {
		"id": "INTG-c2f39b7b-ad25-11e8-924d-080027f0b4d6"
}

Sample response

{
	"id": "PBL-bafd3744-9a59-4cd6-9825-00a0a5a54f6e",
	"name": "Linux_Patch_Feed",
	"description": "Ubuntu_Vulnerabilities",
	"dynamic": false,
	"enabled": false,
	"createdUser": {
		"loginName": "opsramp_api_user",
		"lastName": " ",
		"firstName": "OpsRamp API User",
		"email": "admin@opsramp.com"
	},
	"updatedUser": {
		"loginName": "opsramp_api_user",
		"lastName": " ",
		"firstName": "OpsRamp API User",
		"email": "admin@opsramp.com"
	},
	"createdTime": "2019-02-08T07:40:05+0000",
	"updatedTime": "2019-02-08T07:40:05+0000",
	"installedIntg": {
		"id": "INTG-c2f39b7b-ad25-11e8-924d-080027f0b4d6",
		"displayName": "Default Linux Feed",
		"integration": {
			"id": "LINUXPATCH",
			"name": "Linux Patch Feed"
		}
	}
}

Dynamic baseline

Sample request

{
	"name": "Security_Patches",
	"description": "Security_Patches_for_Windows",
	"dynamic": true,
	"policy": {
		"matchType": "ALL",
		"rules": [{
				"key": "Category",
				"operator": "Contains",
				"value": "updates"
			},
			{
				"key": "Rating",
				"operator": "Equals",
				"value": "Whitelisted"
			}
		]
	},
	"installedIntg": {
		"id": "INTG-c2f39b7b-ad25-11e8-924d-080027f0b4d6"
	}
}

Sample response

{
	"id": "PBL-198014e3-74c0-4e12-a6e1-c161d9003fd6",
	"name": "Security_Patches",
	"description": "Security_Patches_for_Windows",
	"dynamic": true,
	"enabled": false,
	"createdUser": {
		"loginName": "opsramp_api_user",
		"lastName": " ",
		"firstName": "OpsRamp API User",
		"email": "admin@opsramp.com"
	},
	"updatedUser": {
		"loginName": "opsramp_api_user",
		"lastName": " ",
		"firstName": "OpsRamp API User",
		"email": "admin@opsramp.com"
	},
	"createdTime": "2019-02-08T07:45:10+0000",
	"updatedTime": "2019-02-08T07:45:10+0000",
	"policy": {
		"id": 662,
		"uid": "POLICY-e4780e1f-e707-4858-9c0e-b68b6e8b6bf7",
		"matchType": "ALL",
		"rules": [{
				"id": 12512,
				"key": "Category",
				"operator": "Contains",
				"value": "updates",
				"resourceType": "DEVICE"
			},
			{
				"id": 12513,
				"key": "Severity",
				"operator": "Contains",
				"value": "critical",
				"resourceType": "DEVICE"
			}
		],
		"actions": []
	},
	"installedIntg": {
		"id": "INTG-c2f39b7b-ad25-11e8-924d-080027f0b4d6",
		"displayName": "Default Windows Feed",
		"integration": {
			"id": "WINDOWSPATCH",
			"name": "Windows Patch Feed"
		}
}