get_vulnerability_history
Retrieve chronological audit history for a vulnerability, including status changes, user assignments, and all events for compliance and investigation.
Instructions
Get the complete audit history and timeline for a vulnerability.
Retrieves a chronological record of all actions, status changes, and events related to a specific vulnerability. Provides full audit trail for compliance and investigation.
Args: vulnerability_id: The unique identifier of the vulnerability. first: Number of history events to retrieve (1-100, default: 10). after: Pagination cursor from previous response (optional).
Returns: Paginated chronological list in JSON format containing: - edges: Array of history events with: - eventType: Type of event (CREATION, STATUS, ANALYST_VERDICT, USER_ASSIGNMENT, NOTES, WORKFLOW_ACTION) - eventText: Human-readable description of the event - createdAt: ISO timestamp when event occurred - pageInfo: Pagination metadata (same structure as list_vulnerabilities)
Common Event Types: - CREATION: Vulnerability first detected - STATUS: Status changed (NEW → IN_PROGRESS, etc.) - ANALYST_VERDICT: Verdict updated (TRUE_POSITIVE/FALSE_POSITIVE) - USER_ASSIGNMENT: Assigned/unassigned to user - NOTES: Note or comment added - WORKFLOW_ACTION: Automated action or workflow step
Common Use Cases: - Compliance auditing and reporting - Investigation timeline reconstruction - Performance metrics and SLA tracking - Change management and accountability - Vulnerability lifecycle analysis
Raises: RuntimeError: If there's an error retrieving vulnerability history. ValueError: If parameters are invalid.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| after | No | ||
| first | No | ||
| vulnerability_id | Yes |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |