getManagedEndpointDetails
This method returns detailed information, such as: details to identify the endpoint and the security agent, the status of installed protection modules.
Services
This method requires you to place the {service} name in the API URL. The allowed services are:
computers, for "Computers and Virtual Machines"virtualmachines, for "Virtual Machines"
For example, the request URL for the virtual machines service is:
https://YOUR-HOSTNAME/api/v1.0/jsonrpc/network/virtualmachines
Parameters
Parameter | Type | Optional | Description |
|---|---|---|---|
| String | No | The ID of the endpoint for which the details will be returned. |
Return value
This method returns an Object containing the details of the specified endpoint:
id- the ID of managed endpointname- the name of the endpointcompanyId- the ID of the company to which the endpoint belongsoperatingSystem- the operating system of the endpointstate- the power state of the machine:1- online,2- offline,3- suspended,0- unknown.Note
The following states will be returned only for endpoints that are part of an active virtualization integration configured in GravityZone:
2- offline3- suspended
ip- the IP address of the endpointlastSeen- the date of the last synchronization with Control CentermachineType- the type of the machine:1- computer,2- virtual machine,3- EC2 Instance,0- Otheragent- an Object containing the following information about the agent installed on the endpoint:engineVersion, the version of the scanning engineprimaryEngine, the first engine to be used when scanning for malware. It can have one of the following values:1- for Central Scanning (Security Server)2- for Hybrid Scanning (Light Engines)3- for Local Scanning (Full Engines)0- Unknown
fallbackEngine, the engine to be used if the primary engine is unavailable when the task is sent. It can have one of the following values:2- for Hybrid Scanning (Light Engines)3- for Local Scanning (Full Engines)0- Unknown
lastUpdate, the time and date of the last signatures updatelicensed, the license status:0- pending authentication,1- active license,2- expired license,6- there is no license or not applicableproductOutdated, a Boolean specifying whether the agent's version is the latest available or notproductUpdateDisabled, a Boolean specifying if product updates are disabledproductVersion, the version of the agentsignatureOutdated, a Boolean specifying if the antimalware signatures of the endpoint are outdatedsignatureUpdateDisabled, a Boolean specifying if the antimalware signature updates are disabledtype, identifies which type of agent is installed on the endpoint:1- Endpoint Security2- Bitdefender Tools3- BEST
group- an Object pointing to the group to which the endpoint belongs. The object contains the following fields:id, the ID of the groupname, the name of the group
malwareStatus- an Object informing of the status of the endpoint related to malware. The object has the following fields:detection, a Boolean indicating if malware was detected on the endpoint in the last 24 hours,infected, a Boolean informing if the antimalware was able to remove the infection or the endpoint is still infected
policy- an Object informing about the active policy on the endpoint. The object contains:id, the ID of the active policy,name, the name of the policy,applied, a Boolean set to True if the policy is currently applied on the endpoint
modules- an Object informing of the installed modules and their statuses. The fields have Boolean values,True- if the module is enabled, orFalse- if the module is disabled. The available fields are:advancedThreatControlantimalwarecontentControldeviceControlfirewallpowerUserencryptionedrSensorhyperDetectpatchManagementrelaysandboxAnalyzerexchangeadvancedAntiExploitcontainerProtectionnetworkAttackDefense
label- string, the label set to this endpointmanagedWithBest- a Boolean set to True if the agent (BEST) is installed on the endpoint.isContainerHost- a Boolean set to True if the endpoint is a Container Host.managedExchangeServer- a Boolean set to True if the endpoint is an Exchange ServermanagedRelay- a Boolean set to True if the endpoint has Relay rolesecurityServer- a Boolean set to True if the endpoint is a Security ServermanagedWithNsx- a Boolean set to True if the endpoint is in a protected VMware NSX data centermanagedWithVShield- a Boolean set to True if the endpoint is in a protected VMware vShield environment
Example
Request:
{
"params": {
"endpointId" : "54a28b41b1a43d89367b23fd"
},
"jsonrpc": "2.0",
"method": "getManagedEndpointDetails",
"id": "301f7b05-ec02-481b-9ed6-c07b97de2b7b"
} Response:
{
"id":"0df7568c-59c1-48e0-a31b-18d83e6d9810",
"jsonrpc":"2.0",
"result": {
'id': '54a28b41b1a43d89367b23fd',
'name': 'WIN-TGQDU499RS4',
'companyId': '5575a235d2172c65038b454e',
'operatingSystem': 'Windows Server 2008 R2 Datacenter',
'state': 1,
'ip': '10.10.24.154',
'lastSeen': '2015-06-22T13:46:59',
'machineType': 1,
'agent': {
'engineVersion': '7.61184',
'primaryEngine': 1,
'fallbackEngine': 2,
'lastUpdate': '2015-06-22T13:40:06',
'licensed': 1,
'productOutdated': False,
'productUpdateDisabled': False,
'productVersion': '6.2.3.569',
'signatureOutdated': False,
'signatureUpdateDisabled': False,
'type': 3
},
'group': {
'id': '5575a235d2172c65038b456d',
'name': 'Custom Groups'
},
'malwareStatus': {
'detection': False,
'infected': False
},
'modules': {
'advancedThreatControl': False,
'antimalware': True,
'contentControl': False,
'deviceControl': False,
'firewall': False,
'powerUser': False,
'networkAttackDefense': False
},
'policy': {
'id': '5121da426803fa2d0e000017',
'applied': True,
'name': 'Default policy'
},
"label" : "endpoint label",
}
}