Compliance Service
  • English

    • Exporting Compliance Reports

    Compliance Service exports reports in ZIP format, including HTML, CSV, Excel files, and metadata.

    TOC

    Export Reports for ScanExport the Latest Scan ReportExport a Historical Scan ReportExport Reports for ScanSuiteExport the Latest ScanSuite ReportExport a Historical ScanSuite ReportExport Reports with CURLExport a Scan Report with CURLExport a ScanSuite Report with CURL

    Export Reports for Scan

    Export the Latest Scan Report

    # Export the latest Scan ZIP
NS=compliance-system
SCAN=os-scan

kubectl create --raw "/apis/reports.compliance.security.alauda.io/v1alpha1/scans/${NS}/${SCAN}/export/zip" -f - <<< '{}' > ${SCAN}.zip

    The Scan ZIP file contains:

    • report.html - Multiple tabs: Overview, Rule Summary, and each node
    • report.xls - Multiple sheets
    • report.csv - Segmented data
    • metadata.txt - ScanID, filter criteria, and statistics

    Export a Historical Scan Report

    # Get Scan history scanID
kubectl get scan -n compliance-system os-scan -o yaml | grep scanID

# Export historical Scan report by scanID
NS=compliance-system
SCAN=os-scan
SCANID=be4637ee-8d06-4aaf-9f5b-ca315475599d

kubectl create --raw "/apis/reports.compliance.security.alauda.io/v1alpha1/scans/${NS}/${SCAN}/export/zip?scanID=${SCANID}" -f - <<< '{}' > ${SCAN}-${SCANID}.zip

    Export Reports for ScanSuite

    Export the Latest ScanSuite Report

    # Export the latest ScanSuite ZIP
NS=compliance-system
SUITE=test-scan

kubectl create --raw "/apis/reports.compliance.security.alauda.io/v1alpha1/scansuites/${NS}/${SUITE}/export/zip" -f - <<< '{}' > ${SUITE}.zip

    The ScanSuite ZIP file contains aggregated CSV and Excel outputs, metadata, and each child Scan report.

    Export a Historical ScanSuite Report

    # Get ScanSuite history runID
kubectl get scansuite -n compliance-system test-scan -o yaml | grep runID

# Export historical ScanSuite report by runID
NS=compliance-system
SUITE=test-scan
RUNID=20260106-035650-004246

kubectl create --raw "/apis/reports.compliance.security.alauda.io/v1alpha1/scansuites/${NS}/${SUITE}/export/zip?runID=${RUNID}" -f - <<< '{}' > ${SUITE}-${RUNID}.zip

    Export Reports with CURL

    You can also export reports using CURL with bearer token authentication.

    Export a Scan Report with CURL

    APISERVER="https://<platform-address>/kubernetes/<cluster-name>"
TOKEN="<Bearer_token>"
NS=compliance-system
SCAN=os-scan
SCANID=be4637ee-8d06-4aaf-9f5b-ca315475599d

curl -k -X POST \
  -H "Authorization: Bearer ${TOKEN}" \
  -H "Content-Type: application/json" \
  -d '{}' \
  --output "${SCAN}-${SCANID}.zip" \
  "${APISERVER}/apis/reports.compliance.security.alauda.io/v1alpha1/scans/${NS}/${SCAN}/export/zip?scanID=${SCANID}"

    Export a ScanSuite Report with CURL

    APISERVER="https://<platform-address>/kubernetes/<cluster-name>"
TOKEN="<Bearer_token>"
NS=compliance-system
SUITE=test-scan

curl -k -X POST \
  -H "Authorization: Bearer ${TOKEN}" \
  -H "Content-Type: application/json" \
  -d '{}' \
  --output "${SUITE}.zip" \
  "${APISERVER}/apis/reports.compliance.security.alauda.io/v1alpha1/scansuites/${NS}/${SUITE}/export/zip"

    Note:

    • The -d '{}' is required because the API expects a POST body.
    • Use --output <file> to save the binary ZIP and avoid terminal noise.