Create Watch

Xray REST APIs

Products
JFrog Xray
Content Type
REST API
ft:sourceType
Paligo

Description: Creates a new Watch.

Notes: For Xray version 3.21.2 and above with Projects, a Project Admin with Manage Security Assets privilege can create a Watch using this REST API in the scope of a project, by using the additional query parameter projectKey. A Watch can include both Global and Project Policies.

Security: Requires the "Manage Watches" role to be set on the User or Group level.

Usage: POST /xray/api/v2/watches

Consumes: application/json

Produces: application/json

Path parameters: None

Query Parameters:

Name

Type

Required/Optional

Description

projectKey

string

optional

Project key for scoped updates

Request Body:

Name

Type

Required/Optional

Description

general_data

GeneralDataObj

required

General data for the Watch

project_resources

ProjectResourcesObj

optional

Resources the watch is applied on.

It may be omitted only if general_data.active is false or omitted.

watch_recipients

array[string]

optional

Email addresses to receive Watch notifications

assigned_policies

array[AssignedPolicyObj]

optional

Policies assigned to the Watch

create_ticket_enabled

boolean

optional

Indicates whether Jira ticket creation is enabled

ticket_profile

string

optional

Jira profile for ticket generation

ticket_generation

TicketGenerationObj

optional

Ticket generation settings for the Watch

GeneralDataObj:

Name

Type

Required/Optional

Description

name

string

required

Name of the Watch

description

string

optional

Description of the Watch

active

boolean

optional

Indicates if the Watch is active or not.

Default:

  • true if the Watch is applied on some resources (project_resources is included)

  • false If the Watch is not applied on any resource ( project_resources is omitted or no resource or omitted).

ProjectResourcesObj:

Name

Type

Required/Optional

Description

resources

array[ResourceObj]

required

Resources to watch and associated Policies

ResourceObj:

Name

Type

Required/Optional

Description

type

string

required

Type of the resource.

Valid values: repository, build, releaseBundle, releaseBundleV2, all-repos, all-builds,  all-releaseBundles, all-releaseBundlesV2, all-projects

repo_type

string

optional

Type of repository.

Valid values: local, remote

bin_mgr_id

string

optional

Binary manager ID. Omit or set to default.

name

string

required

Name of the resource

filters

array[FilterObj]

optional

Filters to apply to the resource.

FilterObj:

Name

Type

Required/Optional

Description

type

string

required

Type of the filter. The acceptable filter type depends on the resource type.

For the resource types repository and all-repos:

  • regex: Regular expression artifact's name filter.

  • path-regex: Regular expression artifact's repo path filter.

  • package-type: artifact’s package type filter.

  • mime-type: artifact’s MIME type filter.

  • property: artifact’s custom property filter.

  • path-ant-patterns: artifact's repository path ant-style pattern filter.

For the resource types all-builds, all-releaseBundles, all-releaseBundlesV2, all-projects:

  • ant-patterns: Ant-style path pattern filter applied to the resource name.

For the resource types repository, build, releaseBundle, releaseBundleV2:

  • None

value

varies

required

Value of the filter, whose type depends on the filter type.

For path-ant-patterns and ant-patterns types:

PatternObj

required

arrays of ant-style include and exclude path patterns.

For regexand path-regextypes:

string

required

A regular expression string.

For package-type type:

string

required

One of the following package types:  Maven, Docker, NuGet, Generic, Npm, Bower, Pypi, Rpm, Debian, RubyGems

For mime-type type:

string

required

A MIME-type string.

For property type:

KeyValueObj

required

A custom property's key-value pair.

PatternObj:

Name

Type

Required/Optional

Description

IncludePatterns

array[string]

optional

arrays of ant-style include path patterns.

ExcludePatterns

array[string]

optional

arrays of ant-style exclude path patterns.

KeyValueObj:

Name

Type

Required/Optional

Description

key

string

required

The key name of a custom property's key-value pair.

value

string

required

The value of a custom property's key-value pair.

AssignedPolicyObj:

Name

Type

Required/Optional

Description

name

string

required

Name of the policy

type

string

required

Type of the policy (e.g., security, license)

Acceptable values: security, license, operational_risk

TicketGenerationObj:

Name

Type

Required/Optional

Description

create_duplicate_tickets

DuplicateTicketCreationObj

optional

Settings for creating duplicate tickets

impact_path_profiles_mapping

array[ImpactPathProfileMappingObj]

optional

Mapping of impact path profiles

DuplicateTicketCreationObj:

Name

Type

Required/Optional

Description

by_version

VersionTicketSettingsObj

optional

Settings for creating duplicate tickets by version

VersionTicketSettingsObj:

Name

Type

Required/Optional

Description

build

boolean

optional

Indicates whether duplicate tickets are created for builds

package

boolean

optional

Indicates whether duplicate tickets are created for packages

release_bundle

boolean

optional

Indicates whether duplicate tickets are created for release bundles

ImpactPathProfileMappingObj:

Name

Type

Required/Optional

Description

include

array[IncludeObj]

optional

Settings for mapping impact paths to JIRA profiles

IncludeObj:

Name

Type

Required/Optional

Description

profile

string

required

Impact path profile

pattern

string

required

Pattern for the impact path corresponding to profile

Response Body

Name

Type

Description

info

string

Success info message

error

string

Error message text

Response Codes

Status code

Description

201

Success - Watch has been successfully created

415

Failed to parse request

400

Invalid Watch

403

No permission for Watch

409

Watch already exists

500

Failed to create Watch

Example Requests

Example 1 - Watch a Repository

{
    "general_data": {
        "name": "example1-watch",
        "description": "This is an example watch #1",
        "active": true
    },
    "project_resources": {
        "resources": [
            {
                "type": "repository",
                "bin_mgr_id": "default",
                "name": "libs-release-local",
                "filters": [
                    {
                        "type": "regex",
                        "value": ".*"
                    }
                ]
            }
        ]
    },
    "assigned_policies": [
        {
            "name": "medium_vuln_policy",
            "type": "security"
        }
    ],
    "watch_recipients":["mymail@acme.com","sec@acme.com"]
}

Example 2 - Watch All Repositories

{
    "general_data": {
        "name": "all-repositories",
        "description": "This is a new watch for all repositories",
        "active": true
    },
    "project_resources": {
        "resources": [
            {
                "type": "all-repos",
                "filters": [
                    {
                        "type": "package-type",
                        "value": "Docker"
                    },
                    {
                        "type": "package-type",
                        "value": "Debian"
                    }
                ]
            }
        ]
    },
    "assigned_policies": [
        {
            "name": "critial_issues",
            "type": "security"
        }
    ],
    "watch_recipients":["mymail@acme.com","umac@youremail.com"]
}

Example 3 - Watch a Build

{
    "general_data": {
        "name": "specific-build-watch",
        "description": "This is a new watch for a specific build",
        "active": true
    },
    "project_resources": {
        "resources": [
            {
                "type": "build",
                "name": "release-pipeline"
            }
        ]
    },
    "assigned_policies": [
        {
            "name": "critial_issues",
            "type": "security"
        },
        {
            "name": "block_policy",
            "type": "security"
        }
    ],
    "watch_recipients":["mymail@acme.com","umac@youremail.com"]
}

Example 4- Watch all Builds

{
    "general_data": {
        "name": "build-watch",
        "description": "This is a new watch created using API V2",
        "active": true
    },
    "project_resources": {
        "resources": [
            {
                "type": "all-builds",
                "filters": [
                    {
                        "type": "ant-patterns",
                        "value":{
                            "ExcludePatterns": ["a*","b*"],
                            "IncludePatterns": ["ab*"]
                        }
                    }
                ]
            }
        ]
    },
    "assigned_policies": [
        {
            "name": "test-license-policy-allowed-12956",
            "type": "license"
        }
    ],
    "watch_recipients":["mymail@acme.com","umac@youremail.com"]
}

Example 5 - Watch a Release Bundle V2

{
    "general_data": {
        "name": "specific-bundle-watch",
        "active": true
    },
    "project_resources": {
        "resources": [
            {
                "type": "releaseBundleV2",
                "bin_mgr_id": "default",
                "name": "release-pipeline"
            }
        ]
    },
    "assigned_policies": [
        {
            "name": "block_policy",
            "type": "security"
        }
    ]
}

Example 6 - Watch all Release Bundle V2

{
    "general_data": {
        "name": "bundles-watch",
        "active": true
    },
    "project_resources": {
        "resources": [
            {
                "type": "all-releaseBundlesV2",
                "bin_mgr_id": "default"
            }
        ]
    },
    "assigned_policies": [
        {
            "name": "test-license-policy-allowed-12956",
            "type": "license"
        }
    ]
}

Example 7 - Watch Projects by Project Key

{
    "general_data": {
        "name": "single_project_watch",
        "description": "This is a new watch for single project",
        "active": true
    },
    "project_resources": {
        "resources": [
            {
                "type": "project",
                "name": "myproject"
            }
        ]
    },
    "assigned_policies": [
        {
            "name": "medium_policy",
            "type": "security"
        }
    ],
    "watch_recipients": [
        "mymaila@acme.com",
        "umac@youremail.com"
    ]
}

Example 8 - Watch All Projects

{
    "general_data": {
        "name": "vuln-prod",
        "description": "This is a new watch created using API V2",
        "active": true
    },
    "project_resources": {
        "resources": [
            {
                "type": "all-projects"
            }
        ]
     }
  ],
    "assigned_policies": [
        {
            "name": "medium_policy",
            "type": "security"
        }
    ],
    "watch_recipients":["mymail@acme.com","umac@youremail.com"]
}

Example 9 - Watch Projects with Include/Exclude Patterns on all Projects

{
    "general_data": {
        "name": "vuln-prod",
        "description": "This is a new watch created using API V2",
        "active": true
    },
    "project_resources": {
        "resources": [
            {
                "type": "all-projects",
                "bin_mgr_id": "default",
                "filters": [
                    {
                        "type": "ant-patterns",
                        "value": {
                            "ExcludePatterns": [
                                "a*",
                                "b*"
                            ],
                            "IncludePatterns": [
                                "ab*"
                            ]
                        }
                    }
                ]
            }
        ]
    },
    "assigned_policies": [
        {
            "name": "medium_policy",
            "type": "security"
        }
    ],
    "watch_recipients": [
        "mymail@acme.com",
        "umac@youremail.com"
    ]
}

Example 10 - Create Watch with Jira Integration Enabled on multiple resource types

{
    "general_data": {
        "name": "example-watch",
        "active": true,
        "description": "This is an example watch"
    },
    "project_resources": {
        "resources": [
            {
                "type": "repository",
                "name": "docker-local",
                "filters": [
                    {
                        "type": "path-ant-patterns",
                        "value": {
                            "IncludePatterns": [
                                "***"
                            ],
                            "ExcludePatterns": [
                                "**b*"
                            ]
                        }
                    },
                    {
                        "type": "package-type",
                        "value": "Docker"
                    }
                ],
                "repo_type": "local"
            },
            {
                "type": "releaseBundle",
                "name": "example-build"
            },
            {
                "type": "build",
                "name": "example-rb",
                "build_repo": "builds"
            },
            {
                "type": "releaseBundleV2",
                "name": "example-rbv2",
                "build_repo": "release-bundles-v2"
            }
        ]
    },
    "assigned_policies": [
        {
            "name": "demo-security",
            "type": "security"
        }
    ],
    "watch_recipients": [
        "mymail@acme.com"
    ],
    "create_ticket_enabled": true,
    "ticket_profile": "Profile-example",
    "ticket_generation": {
        "create_duplicate_tickets": {
            "by_version": {
                "build": true,
                "package": true,
                "release_bundle": true
            }
        },
        "impact_path_profiles_mapping": {
            "include": [
                {
                    "profile": "ProjectA-profile",
                    "pattern": "*a/*"
                },
                {
                    "profile": "ProjectB-profile",
                    "pattern": "*b/*"
                }
            ]
        }
    }
}

Example 11 - Create a Watch in the Project Scope

POST /xray/api/v2/watches?projectKey=myproject

Example Responses

Successful response:

201 Created
{
    "info": "Watch has been successfully created"
}

Error Response:

409 Conflict
{
    "error": "Watch already exists"
}