API.md

API

All endpoints are local-only and require the API token.

Auth Send the token in Authorization header or ?token= query parameter.

Endpoints

1. GET /health
   Returns {"status":"ok"}.
2. GET /status
   Returns {"status":"running"}.
3. GET /scanners
   Returns available plugins, scheduled jobs, and job state.
4. POST /scanners/trigger/{plugin}
   Runs a plugin once and returns the result.
5. GET /results/latest
   Returns latest result per plugin.
6. GET /results/history
   Returns recent history.
7. GET /findings
   Returns recent findings.
8. GET /baselines
   Returns current baselines.
9. GET /export/results
   Returns all stored results (use ?format=csv for CSV).
10. GET /export/baselines
    Returns baselines (use ?format=csv for CSV).
11. GET /signatures/status
    Returns the latest signatures update status (including per-source results).
12. POST /signatures/update
    Triggers a signatures update and returns the update status.
13. GET /metrics
    Returns Prometheus-style metrics (text format).

The same endpoints are available under /api/*.