Get Internet Exposure

Cortex XSIAM Platform APIs
post /public_api/v1/assets/get_asset_internet_exposure

Get Internet exposure asset details according to the asset ID. You can send up to 20 IDs.

Required license: Cortex XSIAM Premium. In Cortex XSIAM Enterprise and Cortex NG SIEM, requires the ASM add-on.

Request headers
Authorization String required

{api_key}
Example: authorization_example
x-xdr-auth-id String required

{api_key_id}
Example: xXdrAuthId_example
CLIENT REQUEST
curl -X 'POST'
-H 'Accept: application/json'
-H 'Content-Type: application/json'
-H 'Authorization: authorization_example' -H 'x-xdr-auth-id: xXdrAuthId_example'
'https://api-yourfqdn/public_api/v1/assets/get_asset_internet_exposure'
-d ''
import http.client conn = http.client.HTTPSConnection("api-yourfqdn") payload = "{\"request_data\":{\"asm_id_list\":[\"string\"]}}" headers = { 'Authorization': "SOME_STRING_VALUE", 'x-xdr-auth-id': "SOME_STRING_VALUE", 'content-type': "application/json" } conn.request("POST", "/public_api/v1/assets/get_asset_internet_exposure", payload, headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
require 'uri' require 'net/http' require 'openssl' url = URI("https://api-yourfqdn/public_api/v1/assets/get_asset_internet_exposure") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_NONE request = Net::HTTP::Post.new(url) request["Authorization"] = 'SOME_STRING_VALUE' request["x-xdr-auth-id"] = 'SOME_STRING_VALUE' request["content-type"] = 'application/json' request.body = "{\"request_data\":{\"asm_id_list\":[\"string\"]}}" response = http.request(request) puts response.read_body
const data = JSON.stringify({ "request_data": { "asm_id_list": [ "string" ] } }); const xhr = new XMLHttpRequest(); xhr.withCredentials = true; xhr.addEventListener("readystatechange", function () { if (this.readyState === this.DONE) { console.log(this.responseText); } }); xhr.open("POST", "https://api-yourfqdn/public_api/v1/assets/get_asset_internet_exposure"); xhr.setRequestHeader("Authorization", "SOME_STRING_VALUE"); xhr.setRequestHeader("x-xdr-auth-id", "SOME_STRING_VALUE"); xhr.setRequestHeader("content-type", "application/json"); xhr.send(data);
HttpResponse<String> response = Unirest.post("https://api-yourfqdn/public_api/v1/assets/get_asset_internet_exposure") .header("Authorization", "SOME_STRING_VALUE") .header("x-xdr-auth-id", "SOME_STRING_VALUE") .header("content-type", "application/json") .body("{\"request_data\":{\"asm_id_list\":[\"string\"]}}") .asString();
import Foundation let headers = [ "Authorization": "SOME_STRING_VALUE", "x-xdr-auth-id": "SOME_STRING_VALUE", "content-type": "application/json" ] let parameters = ["request_data": ["asm_id_list": ["string"]]] as [String : Any] let postData = JSONSerialization.data(withJSONObject: parameters, options: []) let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v1/assets/get_asset_internet_exposure")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.allHTTPHeaderFields = headers request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume()
<?php $curl = curl_init(); curl_setopt_array($curl, [ CURLOPT_URL => "https://api-yourfqdn/public_api/v1/assets/get_asset_internet_exposure", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => "", CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POSTFIELDS => "{\"request_data\":{\"asm_id_list\":[\"string\"]}}", CURLOPT_HTTPHEADER => [ "Authorization: SOME_STRING_VALUE", "content-type: application/json", "x-xdr-auth-id: SOME_STRING_VALUE" ], ]); $response = curl_exec($curl); $err = curl_error($curl); curl_close($curl); if ($err) { echo "cURL Error #:" . $err; } else { echo $response; }
CURL *hnd = curl_easy_init(); curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST"); curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v1/assets/get_asset_internet_exposure"); struct curl_slist *headers = NULL; headers = curl_slist_append(headers, "Authorization: SOME_STRING_VALUE"); headers = curl_slist_append(headers, "x-xdr-auth-id: SOME_STRING_VALUE"); headers = curl_slist_append(headers, "content-type: application/json"); curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers); curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"request_data\":{\"asm_id_list\":[\"string\"]}}"); CURLcode ret = curl_easy_perform(hnd);
var client = new RestClient("https://api-yourfqdn/public_api/v1/assets/get_asset_internet_exposure"); var request = new RestRequest(Method.POST); request.AddHeader("Authorization", "SOME_STRING_VALUE"); request.AddHeader("x-xdr-auth-id", "SOME_STRING_VALUE"); request.AddHeader("content-type", "application/json"); request.AddParameter("application/json", "{\"request_data\":{\"asm_id_list\":[\"string\"]}}", ParameterType.RequestBody); IRestResponse response = client.Execute(request);
Body parameters
application/json
request_dataobject

A dictionary containing the API request fields.

asm_id_listarray[string]

Represents the asset ID for which you want to get the details.

REQUEST
{ "request_data": { "asm_id_list": [ "example" ] } }
Responses

OK

Body
application/json

JSON object containing the query result.

replyobject

Asset details according to the asset ID.

detailsarray
[
asm_idsstring
namestring
typestring
last_observedinteger
first_observedinteger
externally_detected_providersarray[string]
createdinteger
ipsarray
[
]
business_unitsarray[string]
active_service_idsarray
[
]
all_service_idsarray[string]
active_external_services_typesarray
[
]
domainobject
certificate_issuerobject
certificate_algorithmobject
certificate_classificationsarray
[
]
resolvesboolean
detailsobject
providerDetailsarray
[
namestring
displayNamestring
]
domainobject
topLevelAssetMapperDomainobject
domainAssetTypeobject
isPaidLevelDomainboolean
domainDetailsobject
dnsZoneobject
latestSampledIpobject
subdomainMetadataobject
recentIpsarray
[
]
businessUnitsarray
[
namestring
]
certificateDetailsobject
inferredCvesObservedarray
[
]
ip_rangesobject
<ip_address>object
IP_RANGE_IDstring
FIRST_IPstring
LAST_IPstring
external_servicesarray
[
serviceTypestring
serviceKeystring
activityStatusstring
]
externally_inferred_vulnerability_scoreobject
externally_inferred_cvesarray
[
]
]
RESPONSE
{ "reply": { "details": [ { "asm_ids": "<id>", "name": "<name>", "type": "ResponsiveIP", "last_observed": 1648590706000, "first_observed": 1646738134000, "externally_detected_providers": [ "On Prem" ], "created": 1646959543881, "ips": [], "business_units": [ "Test" ], "active_service_ids": [], "all_service_ids": [ "<id>" ], "active_external_services_types": [], "domain": null, "certificate_issuer": null, "certificate_algorithm": null, "certificate_classifications": [], "resolves": false, "details": { "providerDetails": [ { "name": "OnPrem", "displayName": "On Prem" } ], "domain": null, "topLevelAssetMapperDomain": null, "domainAssetType": null, "isPaidLevelDomain": false, "domainDetails": null, "dnsZone": null, "latestSampledIp": null, "subdomainMetadata": null, "recentIps": [], "businessUnits": [ { "name": "Test" } ], "certificateDetails": null, "inferredCvesObserved": [], "ip_ranges": { "52.14.147.179": { "IP_RANGE_ID": "<range>", "FIRST_IP": "<ip_address>", "LAST_IP": "<ip_address>" } } }, "external_services": [ { "serviceType": "SshServer", "serviceKey": "<key>", "activityStatus": "Inactive" } ], "externally_inferred_vulnerability_score": null, "externally_inferred_cves": [] } ] } }