post
/public_api/v1/assets/get_external_service
Get service details according to the service ID. You can send up to 20 IDs.
Required license: Cortex XSIAM Premium. In Cortex XSIAM Enterprise and Cortex NG SIEM, requires the ASM add-on.
Request headers
Authorization
String
required
{api_key}
{api_key}
Example:
authorization_example
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
Example:
xXdrAuthId_example
CLIENT REQUEST
curl -X 'POST'
-H
'Accept: application/json'
-H
'Content-Type: application/json'
-H
'Authorization: authorization_example'
-H
'x-xdr-auth-id: xXdrAuthId_example'
'https://api-yourfqdn/public_api/v1/assets/get_external_service'
-d
''
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
payload = "{\"request_data\":{\"service_id_list\":[\"string\"]}}"
headers = {
'Authorization': "SOME_STRING_VALUE",
'x-xdr-auth-id': "SOME_STRING_VALUE",
'content-type': "application/json"
}
conn.request("POST", "/public_api/v1/assets/get_external_service", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/v1/assets/get_external_service")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'SOME_STRING_VALUE'
request["x-xdr-auth-id"] = 'SOME_STRING_VALUE'
request["content-type"] = 'application/json'
request.body = "{\"request_data\":{\"service_id_list\":[\"string\"]}}"
response = http.request(request)
puts response.read_bodyconst data = JSON.stringify({
"request_data": {
"service_id_list": [
"string"
]
}
});
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api-yourfqdn/public_api/v1/assets/get_external_service");
xhr.setRequestHeader("Authorization", "SOME_STRING_VALUE");
xhr.setRequestHeader("x-xdr-auth-id", "SOME_STRING_VALUE");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);HttpResponse<String> response = Unirest.post("https://api-yourfqdn/public_api/v1/assets/get_external_service")
.header("Authorization", "SOME_STRING_VALUE")
.header("x-xdr-auth-id", "SOME_STRING_VALUE")
.header("content-type", "application/json")
.body("{\"request_data\":{\"service_id_list\":[\"string\"]}}")
.asString();import Foundation
let headers = [
"Authorization": "SOME_STRING_VALUE",
"x-xdr-auth-id": "SOME_STRING_VALUE",
"content-type": "application/json"
]
let parameters = ["request_data": ["service_id_list": ["string"]]] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v1/assets/get_external_service")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/v1/assets/get_external_service",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"request_data\":{\"service_id_list\":[\"string\"]}}",
CURLOPT_HTTPHEADER => [
"Authorization: SOME_STRING_VALUE",
"content-type: application/json",
"x-xdr-auth-id: SOME_STRING_VALUE"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v1/assets/get_external_service");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: SOME_STRING_VALUE");
headers = curl_slist_append(headers, "x-xdr-auth-id: SOME_STRING_VALUE");
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"request_data\":{\"service_id_list\":[\"string\"]}}");
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/v1/assets/get_external_service");
var request = new RestRequest(Method.POST);
request.AddHeader("Authorization", "SOME_STRING_VALUE");
request.AddHeader("x-xdr-auth-id", "SOME_STRING_VALUE");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"request_data\":{\"service_id_list\":[\"string\"]}}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);Body parameters
application/json
request_dataobjectA dictionary containing the API request fields.
A dictionary containing the API request fields.
service_id_listarray[string]Represents the service ID you want to get details for.
Represents the service ID you want to get details for.
REQUEST
{
"request_data": {
"service_id_list": [
"example"
]
}
}Responses
OK
Body
application/json
replyobjectJSON object containing the query result.
JSON object containing the query result.
detailsarrayService details according to the service ID.
Service details according to the service ID.
[service_idstring
service_namestring
service_typestring
ip_addressarray[string]
domainarray
externally_detected_providersarray[string]
is_activestring
first_observedinteger
last_observedinteger
portinteger
protocolstring
active_classificationsarray[string]
inactive_classificationsarray
discovery_typestring
business_unitsarray[string]
externally_inferred_vulnerability_scoreobject
externally_inferred_cvesarray
detailsobject
serviceKeystring
serviceKeyTypestring
businessUnitsarray
providerDetailsarray
certificatesarray
domainsarray
ipsarray
classificationsarray
tlsVersionsarray
inferredCvesObservedarray
enrichedObservationSourcestring
ip_rangesobject
]
service_idstring
service_namestring
service_typestring
ip_addressarray[string]
domainarray
[]
externally_detected_providersarray[string]
is_activestring
first_observedinteger
last_observedinteger
portinteger
protocolstring
active_classificationsarray[string]
inactive_classificationsarray
[]
discovery_typestring
business_unitsarray[string]
externally_inferred_vulnerability_scoreobject
externally_inferred_cvesarray
[]
detailsobject
serviceKeystring
serviceKeyTypestring
businessUnitsarray
[namestring
]
namestring
providerDetailsarray
[namestring
firstObservedinteger
lastObservedinteger
]
namestring
firstObservedinteger
lastObservedinteger
certificatesarray
[certificateobject
issuerstring
issuerAlternativeNamesstring
issuerCountrystring
issuerEmailobject
issuerLocalitystring
issuerNamestring
issuerOrgstring
formattedIssuerOrgstring
issuerOrgUnitstring
issuerStatestring
publicKeystring
publicKeyAlgorithmstring
publicKeyRsaExponentinteger
signatureAlgorithmstring
subjectstring
subjectAlternativeNamesstring
subjectCountrystring
subjectEmailstring
subjectLocalitystring
subjectNamestring
subjectOrgstring
subjectOrgUnitstring
subjectStatestring
serialNumberstring
validNotBeforeinteger
validNotAfterinteger
versionstring
publicKeyBitsinteger
publicKeyModulusstring
publicKeySpkistring
sha1Fingerprintstring
sha256Fingerprintstring
md5Fingerprintstring
activityStatusstring
lastObservedinteger
firstObservedinteger
]
certificateobject
issuerstring
issuerAlternativeNamesstring
issuerCountrystring
issuerEmailobject
issuerLocalitystring
issuerNamestring
issuerOrgstring
formattedIssuerOrgstring
issuerOrgUnitstring
issuerStatestring
publicKeystring
publicKeyAlgorithmstring
publicKeyRsaExponentinteger
signatureAlgorithmstring
subjectstring
subjectAlternativeNamesstring
subjectCountrystring
subjectEmailstring
subjectLocalitystring
subjectNamestring
subjectOrgstring
subjectOrgUnitstring
subjectStatestring
serialNumberstring
validNotBeforeinteger
validNotAfterinteger
versionstring
publicKeyBitsinteger
publicKeyModulusstring
publicKeySpkistring
sha1Fingerprintstring
sha256Fingerprintstring
md5Fingerprintstring
activityStatusstring
lastObservedinteger
firstObservedinteger
domainsarray
[]
ipsarray
[ipstring
protocolstring
providerstring
geolocationobject
latitudeinteger
longitudeinteger
countryCodestring
citystring
regionCodestring
timeZoneobject
activityStatusstring
lastObservedinteger
firstObservedinteger
]
ipstring
protocolstring
providerstring
geolocationobject
latitudeinteger
longitudeinteger
countryCodestring
citystring
regionCodestring
timeZoneobject
activityStatusstring
lastObservedinteger
firstObservedinteger
classificationsarray
[namestring
activityStatusstring
valuesarray
firstObservedinteger
lastObservedinteger
]
namestring
activityStatusstring
valuesarray
[jsonValuestring
firstObservedinteger
lastObservedinteger
]
jsonValuestring
firstObservedinteger
lastObservedinteger
firstObservedinteger
lastObservedinteger
tlsVersionsarray
[tlsVersionstring
cipherSuitestring
firstObservedinteger
lastObservedinteger
activityStatusstring
]
tlsVersionstring
cipherSuitestring
firstObservedinteger
lastObservedinteger
activityStatusstring
inferredCvesObservedarray
[]
enrichedObservationSourcestring
ip_rangesobject
RESPONSE
{
"reply": {
"details": [
{
"service_id": "example",
"service_name": "example",
"service_type": "example",
"ip_address": [
"example"
],
"domain": [
{}
],
"externally_detected_providers": [
"example"
],
"is_active": "example",
"first_observed": 0,
"last_observed": 0,
"port": 0,
"protocol": "example",
"active_classifications": [
"example"
],
"inactive_classifications": [
{}
],
"discovery_type": "example",
"business_units": [
"example"
],
"externally_inferred_vulnerability_score": {},
"externally_inferred_cves": [
{}
],
"details": {
"serviceKey": "example",
"serviceKeyType": "example",
"businessUnits": [
{
"name": "example"
}
],
"providerDetails": [
{
"name": "example",
"firstObserved": 0,
"lastObserved": 0
}
],
"certificates": [
{
"certificate": {
"issuer": "example",
"issuerAlternativeNames": "example",
"issuerCountry": "example",
"issuerEmail": {},
"issuerLocality": "example",
"issuerName": "example",
"issuerOrg": "example",
"formattedIssuerOrg": "example",
"issuerOrgUnit": "example",
"issuerState": "example",
"publicKey": "example",
"publicKeyAlgorithm": "example",
"publicKeyRsaExponent": 0,
"signatureAlgorithm": "example",
"subject": "example",
"subjectAlternativeNames": "example",
"subjectCountry": "example",
"subjectEmail": "example",
"subjectLocality": "example",
"subjectName": "example",
"subjectOrg": "example",
"subjectOrgUnit": "example",
"subjectState": "example",
"serialNumber": "example",
"validNotBefore": 0,
"validNotAfter": 0,
"version": "example",
"publicKeyBits": 0,
"publicKeyModulus": "example",
"publicKeySpki": "example",
"sha1Fingerprint": "example",
"sha256Fingerprint": "example",
"md5Fingerprint": "example"
},
"activityStatus": "example",
"lastObserved": 0,
"firstObserved": 0
}
],
"domains": [
{}
],
"ips": [
{
"ip": "example",
"protocol": "example",
"provider": "example",
"geolocation": {
"latitude": 0,
"longitude": 0,
"countryCode": "example",
"city": "example",
"regionCode": "example",
"timeZone": {}
},
"activityStatus": "example",
"lastObserved": 0,
"firstObserved": 0
}
],
"classifications": [
{
"name": "example",
"activityStatus": "example",
"values": [
{
"jsonValue": "example",
"firstObserved": 0,
"lastObserved": 0
}
],
"firstObserved": 0,
"lastObserved": 0
}
],
"tlsVersions": [
{
"tlsVersion": "example",
"cipherSuite": "example",
"firstObserved": 0,
"lastObserved": 0,
"activityStatus": "example"
}
],
"inferredCvesObserved": [
{}
],
"enrichedObservationSource": "example",
"ip_ranges": {}
}
}
]
}
}Bad Request. Got an invalid JSON.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}Unauthorized access. User does not have the required license type to run this API.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}Internal server error. A unified status for API communication type errors.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}