post
/public_api/v1/asset-groups
By grouping assets based on shared attributes, you can address them collectively. Asset groups enable more efficient bulk actions and simplifies both filtering and scoping within the inventory and across the platform.
Get all or filtered asset groups.
Required license: Cortex XSIAM Premium or Cortex XSIAM Enterprise or Cortex XSIAM NG SIEM or Cortex XSIAM Enterprise Plus.
Request headers
Authorization
String
required
{api_key}
{api_key}
Example:
authorization_example
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
Example:
xXdrAuthId_example
CLIENT REQUEST
curl -X 'POST'
-H
'Accept: application/json'
-H
'Content-Type: application/json'
-H
'Authorization: authorization_example'
-H
'x-xdr-auth-id: xXdrAuthId_example'
'https://api-yourfqdn/public_api/v1/asset-groups'
-d
''
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
payload = "{\"request_data\":{\"filters\":{\"AND\":[{\"SEARCH_FIELD\":\"XDM.ASSET_GROUP.TYPE\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"Dynamic\"}]},\"sort\":[{\"FIELD\":\"XDM.ASSET_GROUP.LAST_UPDATE_TIME\",\"ORDER\":\"DESC\"}],\"search_from\":0,\"search_to\":1000}}"
headers = {
'Authorization': "SOME_STRING_VALUE",
'x-xdr-auth-id': "SOME_STRING_VALUE",
'content-type': "application/json"
}
conn.request("POST", "/public_api/v1/asset-groups", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/v1/asset-groups")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'SOME_STRING_VALUE'
request["x-xdr-auth-id"] = 'SOME_STRING_VALUE'
request["content-type"] = 'application/json'
request.body = "{\"request_data\":{\"filters\":{\"AND\":[{\"SEARCH_FIELD\":\"XDM.ASSET_GROUP.TYPE\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"Dynamic\"}]},\"sort\":[{\"FIELD\":\"XDM.ASSET_GROUP.LAST_UPDATE_TIME\",\"ORDER\":\"DESC\"}],\"search_from\":0,\"search_to\":1000}}"
response = http.request(request)
puts response.read_bodyconst data = JSON.stringify({
"request_data": {
"filters": {
"AND": [
{
"SEARCH_FIELD": "XDM.ASSET_GROUP.TYPE",
"SEARCH_TYPE": "EQ",
"SEARCH_VALUE": "Dynamic"
}
]
},
"sort": [
{
"FIELD": "XDM.ASSET_GROUP.LAST_UPDATE_TIME",
"ORDER": "DESC"
}
],
"search_from": 0,
"search_to": 1000
}
});
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api-yourfqdn/public_api/v1/asset-groups");
xhr.setRequestHeader("Authorization", "SOME_STRING_VALUE");
xhr.setRequestHeader("x-xdr-auth-id", "SOME_STRING_VALUE");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);HttpResponse<String> response = Unirest.post("https://api-yourfqdn/public_api/v1/asset-groups")
.header("Authorization", "SOME_STRING_VALUE")
.header("x-xdr-auth-id", "SOME_STRING_VALUE")
.header("content-type", "application/json")
.body("{\"request_data\":{\"filters\":{\"AND\":[{\"SEARCH_FIELD\":\"XDM.ASSET_GROUP.TYPE\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"Dynamic\"}]},\"sort\":[{\"FIELD\":\"XDM.ASSET_GROUP.LAST_UPDATE_TIME\",\"ORDER\":\"DESC\"}],\"search_from\":0,\"search_to\":1000}}")
.asString();import Foundation
let headers = [
"Authorization": "SOME_STRING_VALUE",
"x-xdr-auth-id": "SOME_STRING_VALUE",
"content-type": "application/json"
]
let parameters = ["request_data": [
"filters": ["AND": [
[
"SEARCH_FIELD": "XDM.ASSET_GROUP.TYPE",
"SEARCH_TYPE": "EQ",
"SEARCH_VALUE": "Dynamic"
]
]],
"sort": [
[
"FIELD": "XDM.ASSET_GROUP.LAST_UPDATE_TIME",
"ORDER": "DESC"
]
],
"search_from": 0,
"search_to": 1000
]] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v1/asset-groups")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/v1/asset-groups",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"request_data\":{\"filters\":{\"AND\":[{\"SEARCH_FIELD\":\"XDM.ASSET_GROUP.TYPE\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"Dynamic\"}]},\"sort\":[{\"FIELD\":\"XDM.ASSET_GROUP.LAST_UPDATE_TIME\",\"ORDER\":\"DESC\"}],\"search_from\":0,\"search_to\":1000}}",
CURLOPT_HTTPHEADER => [
"Authorization: SOME_STRING_VALUE",
"content-type: application/json",
"x-xdr-auth-id: SOME_STRING_VALUE"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v1/asset-groups");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: SOME_STRING_VALUE");
headers = curl_slist_append(headers, "x-xdr-auth-id: SOME_STRING_VALUE");
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"request_data\":{\"filters\":{\"AND\":[{\"SEARCH_FIELD\":\"XDM.ASSET_GROUP.TYPE\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"Dynamic\"}]},\"sort\":[{\"FIELD\":\"XDM.ASSET_GROUP.LAST_UPDATE_TIME\",\"ORDER\":\"DESC\"}],\"search_from\":0,\"search_to\":1000}}");
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/v1/asset-groups");
var request = new RestRequest(Method.POST);
request.AddHeader("Authorization", "SOME_STRING_VALUE");
request.AddHeader("x-xdr-auth-id", "SOME_STRING_VALUE");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"request_data\":{\"filters\":{\"AND\":[{\"SEARCH_FIELD\":\"XDM.ASSET_GROUP.TYPE\",\"SEARCH_TYPE\":\"EQ\",\"SEARCH_VALUE\":\"Dynamic\"}]},\"sort\":[{\"FIELD\":\"XDM.ASSET_GROUP.LAST_UPDATE_TIME\",\"ORDER\":\"DESC\"}],\"search_from\":0,\"search_to\":1000}}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);Body parameters
application/json
request_dataobject
filtersobject
ANDarrayrequired
[SEARCH_FIELDstring
SEARCH_TYPEstring (Enum)
SEARCH_VALUEobject
string
boolean
integer
]
SEARCH_FIELDstring
Example:
"XDM.ASSET_GROUP.TYPE"SEARCH_TYPEstring (Enum)
Example:
"EQ"Allowed values:"EQ""NEQ""GT""LT""GTE""LTE""IN""NIN""RLIKE""NRLIKE""WILDCARD""WILDCARD_NOT""CONTAINS""NCONTAINS""IP_MATCH""NIP_MATCH""ARRAY_CONTAINS""ARRAY_NOT_CONTAINS""IS_EMPTY""NIS_EMPTY""REGEX""REGEX_NOT""REGEX_MATCH""REGEX_NOT_MATCH""IPLIST_MATCH""NLISTIP_MATCH""INCIDR""NINCIDR""INCIDR6""NINCIDR6""RANGE""RELATIVE_TIMESTAMP""JSON_OVERLAPS""JSON_ARRAY_CONTAINED_IN""JSON_IS_NOT_EMPTY"
SEARCH_VALUEobject
Example:
"Dynamic" string
Example:
"Dynamic" boolean
Example:
"Dynamic" integer
Example:
"Dynamic"ANDarray
[SEARCH_FIELDstring
SEARCH_TYPEstring (Enum)
SEARCH_VALUEobject
string
boolean
integer
]
SEARCH_FIELDstring
Example:
"XDM.ASSET_GROUP.TYPE"SEARCH_TYPEstring (Enum)
Example:
"EQ"Allowed values:"EQ""NEQ""GT""LT""GTE""LTE""IN""NIN""RLIKE""NRLIKE""WILDCARD""WILDCARD_NOT""CONTAINS""NCONTAINS""IP_MATCH""NIP_MATCH""ARRAY_CONTAINS""ARRAY_NOT_CONTAINS""IS_EMPTY""NIS_EMPTY""REGEX""REGEX_NOT""REGEX_MATCH""REGEX_NOT_MATCH""IPLIST_MATCH""NLISTIP_MATCH""INCIDR""NINCIDR""INCIDR6""NINCIDR6""RANGE""RELATIVE_TIMESTAMP""JSON_OVERLAPS""JSON_ARRAY_CONTAINED_IN""JSON_IS_NOT_EMPTY"
SEARCH_VALUEobject
Example:
"Dynamic" string
Example:
"Dynamic" boolean
Example:
"Dynamic" integer
Example:
"Dynamic"sortarray
[FIELDstring
ORDERstring (Enum)
]
FIELDstring
Example:
"XDM.ASSET_GROUP.LAST_UPDATE_TIME"ORDERstring (Enum)
Example:
"DESC"Allowed values:"DESC""ASC"
search_frominteger
search_tointeger
Example:
1000REQUEST
{
"request_data": {
"filters": {
"AND": [
{
"SEARCH_FIELD": "XDM.ASSET_GROUP.TYPE",
"SEARCH_TYPE": "EQ",
"SEARCH_VALUE": "Dynamic"
}
]
},
"sort": [
{
"FIELD": "XDM.ASSET_GROUP.LAST_UPDATE_TIME",
"ORDER": "DESC"
}
],
"search_from": 0,
"search_to": 1000
}
}{
"request_data": {
"filters": {
"AND": [
{
"SEARCH_FIELD": "XDM.ASSET_GROUP.TYPE",
"SEARCH_TYPE": "EQ",
"SEARCH_VALUE": "Dynamic"
}
]
},
"sort": [
{
"FIELD": "XDM.ASSET_GROUP.LAST_UPDATE_TIME",
"ORDER": "DESC"
}
],
"search_from": 0,
"search_to": 1000
}
}Responses
Ok
Body
application/json
[replyobject
dataarray
metadataobject
filter_countinteger
total_countinteger
]
replyobject
dataarray
[]
metadataobject
filter_countinteger
Example:
1total_countinteger
Example:
1000RESPONSE
[
{
"reply": {
"data": [
{}
],
"metadata": {
"filter_count": 1,
"total_count": 1000
}
}
}
]Unauthorized
Body
application/json
[err_codeinteger
err_msgstring
err_extrastring
]
err_codeinteger
Example:
403err_msgstring
Example:
"Forbidden. Access was denied to this resource."err_extrastring
RESPONSE
[
{
"err_code": 403,
"err_msg": "Forbidden. Access was denied to this resource.",
"err_extra": "example"
}
]Internal Server Error, Invalid Input
Body
application/json
[err_codeinteger
err_msgstring
err_extrastring
]
err_codeinteger
Example:
500err_msgstring
Example:
"An unexpected behavior occurred by Cortex Pubic API"err_extrastring
RESPONSE
[
{
"err_code": 500,
"err_msg": "An unexpected behavior occurred by Cortex Pubic API",
"err_extra": "example"
}
]