Field masks allow you to specify a subset of fields to be returned for each object by a request. Similar to filter keys, a field-mask key is used to specify the field to return, using a dot-delimited path.
The following example shows how to get just the description and severity for all findings:
endorctl api list --resource Finding \
--field-mask "meta.description,spec.level"
curl --get \
--header "Authorization: Bearer $ENDOR_TOKEN" \
--url "https://api.endorlabs.com/v1/namespaces/$ENDOR_NAMESPACE/findings?list_parameters.mask=meta.description,spec.level"
@baseUrl = https://api.endorlabs.com
@token = <insert-access-token>
@namespace = <insert-namespace>
###
GET {{baseUrl}}/v1/namespaces/{{namespace}}/findings?list_parameters.mask=meta.description,spec.level HTTP/1.1
Authorization: Bearer {{token}}
jq
The Endor Labs REST API returns results in json format so it is often convenient to use the jq command-line json processor to parse or format the results.
The following example shows how to use jq to extract just the description value from the above request:
endorctl api list --resource Finding \
--field-mask "meta.description,spec.level" \
| jq '.list.objects[].meta.description'
curl --get \
--header "Authorization: Bearer $ENDOR_TOKEN" \
--url "https://api.endorlabs.com/v1/namespaces/$ENDOR_NAMESPACE/findings?list_parameters.mask=meta.description,spec.level"
| jq '.list.objects[].meta.description'
Note
Lists of objects are always nested under.list.objects[], but for endorctl api get commands a single object is returned directly.
To extract the object UUID from an object returned by an endorctl api get command, the jq command is jq '.uuid', as opposed to jq '.list.objects[].uuid'.
For more information, see the jq documentation.