Mondoo
Docs
Run ReportsContinuous Data ExportsSchema Reference

Export JSONL Schema

Understand the JSONL schema structure for assets, risks, vulnerabilities, and check results in Mondoo exports.

When you export data from Mondoo in JSONL format, each line is a JSON object that follows one of the schemas below. Use this reference to understand the structure of exported data when building custom integrations, dashboards, or data pipelines.

  • Asset — One record per asset Mondoo has scanned, including identifiers, platform, labels, and the asset's current risk score.

  • Check result — One record per (asset, policy check) pair, including pass/fail state, severity, and the policy that owns the check.

  • Vulnerability — One record per (asset, CVE) pair, including CVSS metrics, EPSS data, exploitability, and the affected package.

  • Package — One record per software package detected on an asset, including version, source, and architecture.

  • Risk factor — Contextual risk factors applied to a finding (Internet-facing, EOL, In use, and so on).

  • Query result — One record per query pack query that ran against an asset, with the structured query output.

  • Control — One record per (asset, compliance control) pair, including pass/fail state and the framework that owns the control.

S3-Compatible Service

Set up continuous export of assets, vulnerabilities, and scan results from Mondoo to MinIO, Ceph, or other S3-compatible storage.

Asset

Reference the asset object schema and properties used in Mondoo JSONL exports.