getManagedEndpointDetails
This method returns detailed information, such as: details to identify the endpoint and the security agent, the status of installed protection modules.
Parameters
Parameter | Type | Optional | Description |
---|---|---|---|
| String | No | The ID of the endpoint for which the details will be returned. |
Return value
This method returns an Object containing the details of the specified endpoint:
id
- the ID of managed endpointname
- the name of the endpointcompanyId
- the ID of the company to which the endpoint belongsoperatingSystem
- the operating system of the endpointstate
- the power state of the machine:1
- online,2
- offline,3
- suspended,0
- unknown.Note
The following states will be returned only for endpoints that are part of an active virtualization integration configured in GravityZone:
2
- offline3
- suspended
ip
- the IP address of the endpointlastSeen
- the date of the last synchronization with Control CentermachineType
- the type of the machine:1
- computer,2
- virtual machine,3
- EC2 Instance,0
- Otheragent
- an Object containing the following information about the agent installed on the endpoint:engineVersion
, the version of the scanning engineprimaryEngine
, the first engine to be used when scanning for malware. It can have one of the following values:1
- for Central Scanning (Security Server)2
- for Hybrid Scanning (Light Engines)3
- for Local Scanning (Full Engines)0
- Unknown
fallbackEngine
, the engine to be used if the primary engine is unavailable when the task is sent. It can have one of the following values:2
- for Hybrid Scanning (Light Engines)3
- for Local Scanning (Full Engines)0
- Unknown
lastUpdate
, the time and date of the last signatures updatelicensed
, the license status:0
- pending authentication,1
- active license,2
- expired license,6
- there is no license or not applicableproductOutdated
, a Boolean specifying whether the agent's version is the latest available or notproductUpdateDisabled
, a Boolean specifying if product updates are disabledproductVersion
, the version of the agentsignatureOutdated
, a Boolean specifying if the antimalware signatures of the endpoint are outdatedsignatureUpdateDisabled
, a Boolean specifying if the antimalware signature updates are disabledtype
, identifies which type of agent is installed on the endpoint:1
- Endpoint Security2
- Bitdefender Tools3
- BEST
group
- an Object pointing to the group to which the endpoint belongs. The object contains the following fields:id
, the ID of the groupname
, the name of the group
malwareStatus
- an Object informing of the status of the endpoint related to malware. The object has the following fields:detection
, a Boolean indicating if malware was detected on the endpoint in the last 24 hours,infected
, a Boolean informing if the antimalware was able to remove the infection or the endpoint is still infected
policy
- an Object informing about the active policy on the endpoint. The object contains:id
, the ID of the active policy,name
, the name of the policy,applied
, a Boolean set to True if the policy is currently applied on the endpoint
modules
- an Object informing of the installed modules and their statuses. The fields have Boolean values,True
- if the module is enabled, orFalse
- if the module is disabled. The available fields are:advancedThreatControl
antimalware
contentControl
deviceControl
firewall
powerUser
encryption
edrSensor
hyperDetect
patchManagement
relay
sandboxAnalyzer
exchange
advancedAntiExploit
containerProtection
networkAttackDefense
label
- string, the label set to this endpointmoveState
- an integer reflecting the move state of the endpoint:0
- no move operation,1
- moved out of the company,2
- moved into my company.managedWithBest
- a Boolean set to True if the agent (BEST) is installed on the endpoint.isContainerHost
- a Boolean set to True if the endpoint is a Container Host.managedExchangeServer
- a Boolean set to True if the endpoint is an Exchange ServermanagedRelay
- a Boolean set to True if the endpoint has Relay rolesecurityServer
- a Boolean set to True if the endpoint is a Security ServerriskScore
- an Object containing the following information about the endpoint's security risks:value
, the endpoint's security risk score value in percentage. It is broken down into misconfigurations and app vulnerabilitiesimpact
, the endpoint's security risk impact (Low, Medium, High)misconfigurations
, the percentage of misconfigurations in the endpoint's security risk scoreappVulnerabilities
, the percentage of app vulnerabilities in the endpoint's security risk scorehumanRisks
, the percentage of human risks in the endpoint's security risk score
Example
Request:
{ "params": { "endpointId" : "54a28b41b1a43d89367b23fd" }, "jsonrpc": "2.0", "method": "getManagedEndpointDetails", "id": "301f7b05-ec02-481b-9ed6-c07b97de2b7b" }
Response:
{
"id":"0df7568c-59c1-48e0-a31b-18d83e6d9810",
"jsonrpc":"2.0",
"result": {
'id': '54a28b41b1a43d89367b23fd',
'name': 'WIN-TGQDU499RS4',
'companyId': '5575a235d2172c65038b454e',
'operatingSystem': 'Windows Server 2008 R2 Datacenter',
'state': 1,
'ip': '10.10.24.154',
'lastSeen': '2015-06-22T13:46:59',
'machineType': 1,
'agent': {
'engineVersion': '7.61184',
'primaryEngine': 1,
'fallbackEngine': 2,
'lastUpdate': '2015-06-22T13:40:06',
'licensed': 1,
'productOutdated': False,
'productUpdateDisabled': False,
'productVersion': '6.2.3.569',
'signatureOutdated': False,
'signatureUpdateDisabled': False,
'type': 3
},
'group': {
'id': '5575a235d2172c65038b456d',
'name': 'Custom Groups'
},
'malwareStatus': {
'detection': False,
'infected': False
},
'modules': {
'advancedThreatControl': False,
'antimalware': True,
'contentControl': False,
'deviceControl': False,
'firewall': False,
'powerUser': False,
'networkAttackDefense': False
},
'policy': {
'id': '5121da426803fa2d0e000017',
'applied': True,
'name': 'Default policy'
},
"label" : "endpoint label",
"moveState": 1,
"riskScore": {
"value": "81%",
"impact": "High",
"misconfigurations": "70%",
"appVulnerabilities": "11%",
"humanRisks": "19%"
}
}
}