Skip to main content

getManagedEndpointDetails

This method returns detailed information, such as: details to identify the endpoint and the security agent, the status of installed protection modules.

Services

This method requires you to place the {service} name in the API URL. The allowed services are:

  • computers, for "Computers and Virtual Machines"

  • virtualmachines, for "Virtual Machines"

For example, the request URL for the virtual machines service is:

https://YOUR-HOSTNAME/api/v1.0/jsonrpc/network/virtualmachines

Parameters

Parameter

Type

Optional

Description

endpointId

String

No

The ID of the endpoint for which the details will be returned.

options

Array

Yes

A set of options that control what information is present in the response.

Available options

You can use the options parameter to customize what information is included in the API response. Options are structured in sections and subsections, described hereinafter.

These are the available options:

Section

Description

Return value

This method returns an Object containing the details of the specified endpoint:

  • id - the ID of managed endpoint

  • name - the name of the endpoint

  • companyId - the ID of the company to which the endpoint belongs

  • operatingSystem - the operating system of the endpoint

  • state - the power state of the machine: 1 - online, 2 - offline, 3 - suspended, 0 - unknown.

    Note

    The following states will be returned only for endpoints that are part of an active virtualization integration configured in GravityZone:

    • 2 - offline

    • 3 - suspended

  • ip - the IP address of the endpoint

  • lastSeen - the date of the last synchronization with Control Center

  • machineType - the type of the machine: 1 - computer, 2 - virtual machine, 3 - EC2 Instance, 0 - Other

  • agent - an Object containing the following information about the agent installed on the endpoint:

    • engineVersion, the version of the scanning engine

    • primaryEngine, the first engine to be used when scanning for malware. It can have one of the following values:

      • 1 - for Central Scanning (Security Server)

      • 2 - for Hybrid Scanning (Light Engines)

      • 3 - for Local Scanning (Full Engines)

      • 0 - Unknown

    • fallbackEngine, the engine to be used if the primary engine is unavailable when the task is sent. It can have one of the following values:

      • 2 - for Hybrid Scanning (Light Engines)

      • 3 - for Local Scanning (Full Engines)

      • 0 - Unknown

    • lastUpdate, the time and date of the last signatures update

    • licensed, the license status: 0 - pending authentication, 1 - active license, 2 - expired license, 6 - there is no license or not applicable

    • productOutdated, a Boolean specifying whether the agent's version is the latest available or not

    • productUpdateDisabled, a Boolean specifying if product updates are disabled

    • productVersion, the version of the agent

    • signatureOutdated, a Boolean specifying if the antimalware signatures of the endpoint are outdated

    • signatureUpdateDisabled, a Boolean specifying if the antimalware signature updates are disabled

    • type, identifies which type of agent is installed on the endpoint:

      • 1 - Endpoint Security

      • 2 - Bitdefender Tools

      • 3 - BEST

  • group - an Object pointing to the group to which the endpoint belongs. The object contains the following fields:

    • id, the ID of the group

    • name, the name of the group

  • malwareStatus - an Object informing of the status of the endpoint related to malware. The object has the following fields:

    • detection, a Boolean indicating if malware was detected on the endpoint in the last 24 hours,

    • infected, a Boolean informing if the antimalware was able to remove the infection or the endpoint is still infected

  • policy - an Object informing about the active policy on the endpoint. The object contains:

    • id, the ID of the active policy,

    • name, the name of the policy,

    • applied, a Boolean set to True if the policy is currently applied on the endpoint

  • modules - an Object informing of the installed modules and their statuses. The fields have Boolean values, True - if the module is enabled, or False - if the module is disabled. The available fields are:

    • advancedThreatControl

    • antimalware

    • contentControl

    • deviceControl

    • firewall

    • powerUser

    • encryption

    • edrSensor

    • hyperDetect

    • patchManagement

    • relay

    • sandboxAnalyzer

    • exchange

    • advancedAntiExploit

    • containerProtection

    • networkAttackDefense

  • label - string, the label set to this endpoint

  • managedWithBest - a Boolean set to True if the agent (BEST) is installed on the endpoint.

  • isContainerHost - a Boolean set to True if the endpoint is a Container Host.

  • managedExchangeServer - a Boolean set to True if the endpoint is an Exchange Server

  • managedRelay - a Boolean set to True if the endpoint has Relay role

  • securityServer - a Boolean set to True if the endpoint is a Security Server

  • managedWithNsx - a Boolean set to True if the endpoint is in a protected VMware NSX data center

  • managedWithVShield - a Boolean set to True if the endpoint is in a protected VMware vShield environment

Example

Request:

  {
       "params": {
           "endpointId" : "54a28b41b1a43d89367b23fd",
           "options": {
               "includeScanLogs": true
            }
       },
       "jsonrpc": "2.0",
       "method": "getManagedEndpointDetails",
       "id": "301f7b05-ec02-481b-9ed6-c07b97de2b7b"
  }

Response:

  {
      "id":"0df7568c-59c1-48e0-a31b-18d83e6d9810",
      "jsonrpc":"2.0",
      "result": {
          'id': '54a28b41b1a43d89367b23fd',
          'name': 'WIN-TGQDU499RS4',
          'companyId': '5575a235d2172c65038b454e',
          'operatingSystem': 'Windows Server 2008 R2 Datacenter',
          'state': 1,
          'ip': '10.10.24.154',
          'lastSeen': '2015-06-22T13:46:59',
          'machineType': 1,
          'agent': {
               'engineVersion': '7.61184',
               'primaryEngine': 1,
               'fallbackEngine': 2,
               'lastUpdate': '2015-06-22T13:40:06',
               'licensed': 1,
               'productOutdated': False,
               'productUpdateDisabled': False,
               'productVersion': '6.2.3.569',
               'signatureOutdated': False,
               'signatureUpdateDisabled': False,
               'type': 3
           },
          'group': {
               'id': '5575a235d2172c65038b456d',
               'name': 'Custom Groups'
           },
          'malwareStatus': {
               'detection': False,
               'infected': False
           },
          'modules': {
               'advancedThreatControl': False,
               'antimalware': True,
               'contentControl': False,
               'deviceControl': False,
               'firewall': False,
               'powerUser': False,
               'networkAttackDefense': False

           },
          'policy': {
               'id': '5121da426803fa2d0e000017',
               'applied': True,
               'name': 'Default policy'
           },
           "label" : "endpoint label",
           
        "lastSuccessfulScan": {
                "name": "72OHI5dnIH",
                "date": "2023-07-19T04:09:29+00:00"
        }
      }
  }
In this section: