getManagedEndpointDetails
This method returns detailed information, such as: details to identify the endpoint and the security agent, the status of installed protection modules.
Services
This method requires you to place the {service}
name in the API URL. The allowed services are:
computers
, for "Computers and Virtual Machines"virtualmachines
, for "Virtual Machines"
For example, the request URL for the virtual machines
service is:
https://YOUR-HOSTNAME/api/v1.0/jsonrpc/network/virtualmachines
Parameters
Parameter | Type | Optional | Description |
---|---|---|---|
| String | No | The ID of the endpoint for which the details will be returned. |
Return value
This method returns an Object containing the details of the specified endpoint:
id
- the ID of managed endpointname
- the name of the endpointcompanyId
- the ID of the company to which the endpoint belongsoperatingSystem
- the operating system of the endpointstate
- the power state of the machine:1
- online,2
- offline,3
- suspended,0
- unknown.Note
The following states will be returned only for endpoints that are part of an active virtualization integration configured in GravityZone:
2
- offline3
- suspended
ip
- the IP address of the endpointlastSeen
- the date of the last synchronization with Control CentermachineType
- the type of the machine:1
- computer,2
- virtual machine,3
- EC2 Instance,0
- Otheragent
- an Object containing the following information about the agent installed on the endpoint:engineVersion
, the version of the scanning engineprimaryEngine
, the first engine to be used when scanning for malware. It can have one of the following values:1
- for Central Scanning (Security Server)2
- for Hybrid Scanning (Light Engines)3
- for Local Scanning (Full Engines)0
- Unknown
fallbackEngine
, the engine to be used if the primary engine is unavailable when the task is sent. It can have one of the following values:2
- for Hybrid Scanning (Light Engines)3
- for Local Scanning (Full Engines)0
- Unknown
lastUpdate
, the time and date of the last signatures updatelicensed
, the license status:0
- pending authentication,1
- active license,2
- expired license,6
- there is no license or not applicableproductOutdated
, a Boolean specifying whether the agent's version is the latest available or notproductUpdateDisabled
, a Boolean specifying if product updates are disabledproductVersion
, the version of the agentsignatureOutdated
, a Boolean specifying if the antimalware signatures of the endpoint are outdatedsignatureUpdateDisabled
, a Boolean specifying if the antimalware signature updates are disabledtype
, identifies which type of agent is installed on the endpoint:1
- Endpoint Security2
- Bitdefender Tools3
- BEST
group
- an Object pointing to the group to which the endpoint belongs. The object contains the following fields:id
, the ID of the groupname
, the name of the group
malwareStatus
- an Object informing of the status of the endpoint related to malware. The object has the following fields:detection
, a Boolean indicating if malware was detected on the endpoint in the last 24 hours,infected
, a Boolean informing if the antimalware was able to remove the infection or the endpoint is still infected
policy
- an Object informing about the active policy on the endpoint. The object contains:id
, the ID of the active policy,name
, the name of the policy,applied
, a Boolean set to True if the policy is currently applied on the endpoint
hypervisorMemoryIntrospection
- an Object providing the status and configuration of Bitdefender HVI. This object appears only if the endpoint is protected by HVI. Object description:status
, a Boolean set to True if HVI is enabledactiveModules
, an Object containing two Boolean fields that show the status of the HVI modules:userMode
andkernelMode
. If True, then the module is active.securityServer
, an Object that contains the details about the Security Server which protects the endpoint. It containsname
, string, the name of the security server,ip
, string, the IP of the security server andLabel
, string, the label associated with the serverisLicensed
, boolean, specifies if the endpoint is licensed for Hypervisor memory introspection
modules
- an Object informing of the installed modules and their statuses. The fields have Boolean values,True
- if the module is enabled, orFalse
- if the module is disabled. The available fields are:advancedThreatControl
antimalware
contentControl
deviceControl
firewall
powerUser
encryption
edrSensor
hyperDetect
patchManagement
relay
sandboxAnalyzer
exchange
advancedAntiExploit
containerProtection
networkAttackDefense
label
- string, the label set to this endpointmanagedWithBest
- a Boolean set to True if the agent (BEST) is installed on the endpoint.isContainerHost
- a Boolean set to True if the endpoint is a Container Host.managedExchangeServer
- a Boolean set to True if the endpoint is an Exchange ServermanagedRelay
- a Boolean set to True if the endpoint has Relay rolesecurityServer
- a Boolean set to True if the endpoint is a Security ServermanagedWithNsx
- a Boolean set to True if the endpoint is in a protected VMware NSX data centermanagedWithVShield
- a Boolean set to True if the endpoint is in a protected VMware vShield environmentmanagedWithHvi
- a Boolean set to True if the endpoint si protected by Bitdefender HVIhviProtectionType
- informs how HVI protection is delivered: 1 - via Security Server, 2 - via agent (BEST)
Example
Request:
{ "params": { "endpointId" : "54a28b41b1a43d89367b23fd" }, "jsonrpc": "2.0", "method": "getManagedEndpointDetails", "id": "301f7b05-ec02-481b-9ed6-c07b97de2b7b" }
Response:
{
"id":"0df7568c-59c1-48e0-a31b-18d83e6d9810",
"jsonrpc":"2.0",
"result": {
'id': '54a28b41b1a43d89367b23fd',
'name': 'WIN-TGQDU499RS4',
'companyId': '5575a235d2172c65038b454e',
'operatingSystem': 'Windows Server 2008 R2 Datacenter',
'state': 1,
'ip': '10.10.24.154',
'lastSeen': '2015-06-22T13:46:59',
'machineType': 1,
'agent': {
'engineVersion': '7.61184',
'primaryEngine': 1,
'fallbackEngine': 2,
'lastUpdate': '2015-06-22T13:40:06',
'licensed': 1,
'productOutdated': False,
'productUpdateDisabled': False,
'productVersion': '6.2.3.569',
'signatureOutdated': False,
'signatureUpdateDisabled': False,
'type': 3
},
'group': {
'id': '5575a235d2172c65038b456d',
'name': 'Custom Groups'
},
'malwareStatus': {
'detection': False,
'infected': False
},
'modules': {
'advancedThreatControl': False,
'antimalware': True,
'contentControl': False,
'deviceControl': False,
'firewall': False,
'powerUser': False,
'networkAttackDefense': False
},
'policy': {
'id': '5121da426803fa2d0e000017',
'applied': True,
'name': 'Default policy'
},
"label" : "endpoint label",
"managedWithHvi": true,
"hviProtectionType": 1,
"managedWithBest": true
}
}