Export Data

Hawkra lets you export your workspace data for offline analysis, reporting, and integration with other tools. You can export assets, vulnerabilities, and compliance data with customizable field selection.

How It Works

When you export data, you select the data type, choose which networks or frameworks to include, pick the fields you want in the output, and download the resulting file. Exports are generated on demand and delivered as a file download. All export operations are recorded in the workspace audit log.

Export Types

Assets

Export your asset inventory as a CSV or TXT file.

Available fields:

Field	Column Header
ip_address	IP Address
hostname	Hostname
mac_address	MAC Address
os	Operating System
os_version	OS Version
asset_type	Asset Type
description	Description

Configuration:

• Networks: Select one or more networks to include in the export. At least one network is required.
• Fields: Choose which fields to include. At least one field is required.
• Format: Choose between CSV (comma-separated) or TXT (tab-separated).

The exported file is named assets_export_YYYY-MM-DD.csv (or .txt), where the date is the export date.

Permission Required

Exporting assets requires the ViewAssets permission.

Vulnerabilities

Export vulnerability data as a CSV file. The export joins vulnerability details with associated asset, port, and network information to give you a comprehensive view.

Always-included columns:

Column	Description
Vulnerability Name	Name of the vulnerability
Asset IP	IP address of the affected asset
Asset Hostname	Hostname of the affected asset

Selectable fields:

Field	Column Header	Description
criticality	Criticality	Severity level (Critical, High, Medium, Low, Informational)
cve	CVE ID	Common Vulnerabilities and Exposures identifier
cwe	CWE ID	Common Weakness Enumeration identifier
cvss_score	CVSS Score	Numeric CVSS score
reference	Reference URL	External advisory or write-up link
impact	Impact	Description of the potential impact
fixes	Fixes	Recommended remediation steps
port_service	Port/Service	Port number, protocol, and service name (e.g., 443/tcp https)
asset_mac	Asset MAC	MAC address of the affected asset
network_name	Network Name	Name of the network the asset belongs to
notes	Notes	Per-asset vulnerability notes (decrypted for export)
date_updated	Date Updated	Last update timestamp
status	Status	Remediation status
assignment	Assignment	Display name of the assigned team member

Configuration:

• Networks: Select one or more networks. At least one is required.
• Fields: Choose which optional fields to include alongside the always-included columns.

The exported file is named vulnerabilities_export_YYYY-MM-DD.csv. Vulnerabilities are sorted by severity (Critical first) then by name and IP address.

Permission Required

Exporting vulnerabilities requires the ViewVulnerabilities permission.

Compliance

Export compliance assessment data as a CSV file. This export includes the full framework control hierarchy along with your implementation status and notes.

Always-included column:

Column	Description
Control ID	The unique identifier for the compliance control

Selectable fields:

Field	Column Header	Description
category_id	Category ID	Top-level category identifier
category_name	Category Name	Top-level category name
subcategory_id	Subcategory ID	Subcategory identifier
subcategory_name	Subcategory Name	Subcategory name
control_title	Control Title	Title of the control
control_description	Control Description	Detailed description of the control
implementation_status	Implementation Status	Your assessment (see statuses below)
notes	Notes	Your notes for this control (decrypted for export)

Implementation status values:

Status	Display Value
Fully Implemented	Fully Implemented
Largely Implemented	Largely Implemented
Partially Implemented	Partially Implemented
Not Implemented	Not Implemented
Not Applicable	Not Applicable
Not Assessed	Not Assessed (no response recorded)

Configuration:

• Framework: Select the compliance framework to export. The framework must be activated for the workspace.
• Fields: Choose which fields to include alongside the always-included Control ID column.

The exported file is named compliance_export_YYYY-MM-DD.csv. Controls are listed in the natural framework hierarchy order (category, subcategory, control).

Permission Required

Exporting compliance data requires the ViewWorkspace permission.

Download Process

1. Navigate to the Export section of your workspace.
2. Select the export type (Assets, Vulnerabilities, or Compliance).
3. Configure the scope (networks or framework) and select the fields you want.
4. Click Export.
5. The file is generated and downloaded immediately to your browser.

All export operations are logged in the workspace audit log, including the number of records exported, the scope, and the format.

Security Considerations

• CSV injection protection: Exported values that begin with =, +, -, @, or a tab character are prefixed with a single quote (') to prevent formula injection attacks in spreadsheet applications like Excel and LibreOffice.
• Encrypted field decryption: Fields that are stored encrypted (such as vulnerability notes and compliance notes) are decrypted at export time so they appear as readable text in the output file.
• Audit trail: Every export action is logged with the user, timestamp, record count, and scope.
• Permission enforcement: Each export type requires the appropriate workspace permission.

Tips & Notes

• Use asset exports in TXT format for quick lists of IP addresses or hostnames to feed into other tools.
• Vulnerability exports sorted by severity make excellent input for executive summaries and remediation prioritization.
• Compliance exports are useful for sharing assessment progress with auditors or management without giving them direct platform access.
• Select only the fields you need to keep exported files focused and manageable.
• The date in the filename helps you track when exports were generated for version control.