Description: Creates a new Watch.
Notes: For Xray version 3.21.2 and above with Projects, a Project Admin with Manage Security Assets privilege can create a Watch using this REST API in the scope of a project, by using the additional query parameter projectKey. A Watch can include both Global and Project Policies.
Security: Requires the "Manage Watches" role to be set on the User or Group level.
Usage: POST /xray/api/v2/watches
Consumes: application/json
Produces: application/json
Path parameters: None
Query Parameters:
Name | Type | Required/Optional | Description |
---|---|---|---|
| string | optional | Project key for scoped updates |
Request Body:
Name | Type | Required/Optional | Description |
---|---|---|---|
| required | General data for the Watch | |
| optional | Resources the watch is applied on. It may be omitted only if | |
| array[string] | optional | Email addresses to receive Watch notifications |
| array[AssignedPolicyObj] | optional | Policies assigned to the Watch |
| boolean | optional | Indicates whether Jira ticket creation is enabled |
| string | optional | Jira profile for ticket generation |
| optional | Ticket generation settings for the Watch |
GeneralDataObj:
Name | Type | Required/Optional | Description |
---|---|---|---|
| string | required | Name of the Watch |
| string | optional | Description of the Watch |
| boolean | optional | Indicates if the Watch is active or not. Default:
|
ProjectResourcesObj:
Name | Type | Required/Optional | Description |
---|---|---|---|
| array[ResourceObj] | required | Resources to watch and associated Policies |
ResourceObj:
Name | Type | Required/Optional | Description |
---|---|---|---|
| string | required | Type of the resource. Valid values: |
| string | optional | Type of repository. Valid values: |
| string | optional | Binary manager ID. Omit or set to default. |
| string | required | Name of the resource |
| array[FilterObj] | optional | Filters to apply to the resource. |
FilterObj:
Name | Type | Required/Optional | Description |
---|---|---|---|
| string | required | Type of the filter. The acceptable filter type depends on the resource type. For the resource types repository and all-repos:
For the resource types all-builds,
For the resource types
|
| varies | required | Value of the filter, whose type depends on the filter type. |
For | |||
PatternObj | required | arrays of ant-style include and exclude path patterns. | |
For | |||
string | required | A regular expression string. | |
For | |||
string | required | One of the following package types: | |
For | |||
string | required | A MIME-type string. | |
For | |||
KeyValueObj | required | A custom property's key-value pair. |
PatternObj:
Name | Type | Required/Optional | Description |
---|---|---|---|
| array[string] | optional | arrays of ant-style include path patterns. |
| array[string] | optional | arrays of ant-style exclude path patterns. |
KeyValueObj:
Name | Type | Required/Optional | Description |
---|---|---|---|
| string | required | The key name of a custom property's key-value pair. |
| string | required | The value of a custom property's key-value pair. |
AssignedPolicyObj:
Name | Type | Required/Optional | Description |
---|---|---|---|
| string | required | Name of the policy |
| string | required | Type of the policy (e.g., security, license) Acceptable values: security, license, operational_risk |
TicketGenerationObj:
Name | Type | Required/Optional | Description |
---|---|---|---|
| optional | Settings for creating duplicate tickets | |
| array[ImpactPathProfileMappingObj] | optional | Mapping of impact path profiles |
DuplicateTicketCreationObj:
Name | Type | Required/Optional | Description |
---|---|---|---|
| optional | Settings for creating duplicate tickets by version |
VersionTicketSettingsObj:
Name | Type | Required/Optional | Description |
---|---|---|---|
| boolean | optional | Indicates whether duplicate tickets are created for builds |
| boolean | optional | Indicates whether duplicate tickets are created for packages |
| boolean | optional | Indicates whether duplicate tickets are created for release bundles |
ImpactPathProfileMappingObj:
Name | Type | Required/Optional | Description |
---|---|---|---|
| array[IncludeObj] | optional | Settings for mapping impact paths to JIRA profiles |
IncludeObj:
Name | Type | Required/Optional | Description |
---|---|---|---|
| string | required | Impact path profile |
| string | required | Pattern for the impact path corresponding to profile |
Response Body
Name | Type | Description |
---|---|---|
| string | Success info message |
| string | Error message text |
Response Codes
Status code | Description |
---|---|
201 | Success - Watch has been successfully created |
415 | Failed to parse request |
400 | Invalid Watch |
403 | No permission for Watch |
409 | Watch already exists |
500 | Failed to create Watch |
Example Requests
Example 1 - Watch a Repository
{ "general_data": { "name": "example1-watch", "description": "This is an example watch #1", "active": true }, "project_resources": { "resources": [ { "type": "repository", "bin_mgr_id": "default", "name": "libs-release-local", "filters": [ { "type": "regex", "value": ".*" } ] } ] }, "assigned_policies": [ { "name": "medium_vuln_policy", "type": "security" } ], "watch_recipients":["mymail@acme.com","sec@acme.com"] }
Example 2 - Watch All Repositories
{ "general_data": { "name": "all-repositories", "description": "This is a new watch for all repositories", "active": true }, "project_resources": { "resources": [ { "type": "all-repos", "filters": [ { "type": "package-type", "value": "Docker" }, { "type": "package-type", "value": "Debian" } ] } ] }, "assigned_policies": [ { "name": "critial_issues", "type": "security" } ], "watch_recipients":["mymail@acme.com","umac@youremail.com"] }
Example 3 - Watch a Build
{ "general_data": { "name": "specific-build-watch", "description": "This is a new watch for a specific build", "active": true }, "project_resources": { "resources": [ { "type": "build", "name": "release-pipeline" } ] }, "assigned_policies": [ { "name": "critial_issues", "type": "security" }, { "name": "block_policy", "type": "security" } ], "watch_recipients":["mymail@acme.com","umac@youremail.com"] }
Example 4- Watch all Builds
{ "general_data": { "name": "build-watch", "description": "This is a new watch created using API V2", "active": true }, "project_resources": { "resources": [ { "type": "all-builds", "filters": [ { "type": "ant-patterns", "value":{ "ExcludePatterns": ["a*","b*"], "IncludePatterns": ["ab*"] } } ] } ] }, "assigned_policies": [ { "name": "test-license-policy-allowed-12956", "type": "license" } ], "watch_recipients":["mymail@acme.com","umac@youremail.com"] }
Example 5 - Watch a Release Bundle V2
{ "general_data": { "name": "specific-bundle-watch", "active": true }, "project_resources": { "resources": [ { "type": "releaseBundleV2", "bin_mgr_id": "default", "name": "release-pipeline" } ] }, "assigned_policies": [ { "name": "block_policy", "type": "security" } ] }
Example 6 - Watch all Release Bundle V2
{ "general_data": { "name": "bundles-watch", "active": true }, "project_resources": { "resources": [ { "type": "all-releaseBundlesV2", "bin_mgr_id": "default" } ] }, "assigned_policies": [ { "name": "test-license-policy-allowed-12956", "type": "license" } ] }
Example 7 - Watch Projects by Project Key
{ "general_data": { "name": "single_project_watch", "description": "This is a new watch for single project", "active": true }, "project_resources": { "resources": [ { "type": "project", "name": "myproject" } ] }, "assigned_policies": [ { "name": "medium_policy", "type": "security" } ], "watch_recipients": [ "mymaila@acme.com", "umac@youremail.com" ] }
Example 8 - Watch All Projects
{ "general_data": { "name": "vuln-prod", "description": "This is a new watch created using API V2", "active": true }, "project_resources": { "resources": [ { "type": "all-projects" } ] } ], "assigned_policies": [ { "name": "medium_policy", "type": "security" } ], "watch_recipients":["mymail@acme.com","umac@youremail.com"] }
Example 9 - Watch Projects with Include/Exclude Patterns on all Projects
{ "general_data": { "name": "vuln-prod", "description": "This is a new watch created using API V2", "active": true }, "project_resources": { "resources": [ { "type": "all-projects", "bin_mgr_id": "default", "filters": [ { "type": "ant-patterns", "value": { "ExcludePatterns": [ "a*", "b*" ], "IncludePatterns": [ "ab*" ] } } ] } ] }, "assigned_policies": [ { "name": "medium_policy", "type": "security" } ], "watch_recipients": [ "mymail@acme.com", "umac@youremail.com" ] }
Example 10 - Create Watch with Jira Integration Enabled on multiple resource types
{ "general_data": { "name": "example-watch", "active": true, "description": "This is an example watch" }, "project_resources": { "resources": [ { "type": "repository", "name": "docker-local", "filters": [ { "type": "path-ant-patterns", "value": { "IncludePatterns": [ "***" ], "ExcludePatterns": [ "**b*" ] } }, { "type": "package-type", "value": "Docker" } ], "repo_type": "local" }, { "type": "releaseBundle", "name": "example-build" }, { "type": "build", "name": "example-rb", "build_repo": "builds" }, { "type": "releaseBundleV2", "name": "example-rbv2", "build_repo": "release-bundles-v2" } ] }, "assigned_policies": [ { "name": "demo-security", "type": "security" } ], "watch_recipients": [ "mymail@acme.com" ], "create_ticket_enabled": true, "ticket_profile": "Profile-example", "ticket_generation": { "create_duplicate_tickets": { "by_version": { "build": true, "package": true, "release_bundle": true } }, "impact_path_profiles_mapping": { "include": [ { "profile": "ProjectA-profile", "pattern": "*a/*" }, { "profile": "ProjectB-profile", "pattern": "*b/*" } ] } } }
Example 11 - Create a Watch in the Project Scope
POST /xray/api/v2/watches?projectKey=myproject
Example Responses
Successful response:
201 Created { "info": "Watch has been successfully created" }
Error Response:
409 Conflict { "error": "Watch already exists" }