Get asset by ID

get /public_api/v1/assets/{id}

Retrieve detailed information about the asset specified by asset ID.

Required license: Cortex XSIAM Premium or Cortex XSIAM Enterprise or Cortex XSIAM NG SIEM or Cortex XSIAM Enterprise Plus.

Path parameters

id String required

Asset ID

Example: id_example

Request headers

Authorization String required

{api_key}

Example: authorization_example

x-xdr-auth-id String required

{api_key_id}

Example: xXdrAuthId_example

CLIENT REQUEST

          curl -X 'GET'

        -H
        'Accept: application/json'
      
          -H
          'Authorization: authorization_example'
          -H
          'x-xdr-auth-id: xXdrAuthId_example'
      
      'https://api-yourfqdn/public_api/v1/assets/{id}'

import http.client

conn = http.client.HTTPSConnection("api-yourfqdn")

headers = {
    'Authorization': "SOME_STRING_VALUE",
    'x-xdr-auth-id': "SOME_STRING_VALUE"
    }

conn.request("GET", "/public_api/v1/assets/%7Bid%7D", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://api-yourfqdn/public_api/v1/assets/%7Bid%7D")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

request = Net::HTTP::Get.new(url)
request["Authorization"] = 'SOME_STRING_VALUE'
request["x-xdr-auth-id"] = 'SOME_STRING_VALUE'

response = http.request(request)
puts response.read_body

const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api-yourfqdn/public_api/v1/assets/%7Bid%7D");
xhr.setRequestHeader("Authorization", "SOME_STRING_VALUE");
xhr.setRequestHeader("x-xdr-auth-id", "SOME_STRING_VALUE");

xhr.send(data);

HttpResponse<String> response = Unirest.get("https://api-yourfqdn/public_api/v1/assets/%7Bid%7D")
  .header("Authorization", "SOME_STRING_VALUE")
  .header("x-xdr-auth-id", "SOME_STRING_VALUE")
  .asString();

import Foundation

let headers = [
  "Authorization": "SOME_STRING_VALUE",
  "x-xdr-auth-id": "SOME_STRING_VALUE"
]

let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v1/assets/%7Bid%7D")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "GET"
request.allHTTPHeaderFields = headers

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()

<?php

$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://api-yourfqdn/public_api/v1/assets/%7Bid%7D",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "GET",
  CURLOPT_HTTPHEADER => [
    "Authorization: SOME_STRING_VALUE",
    "x-xdr-auth-id: SOME_STRING_VALUE"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}

CURL *hnd = curl_easy_init();

curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "GET");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v1/assets/%7Bid%7D");

struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: SOME_STRING_VALUE");
headers = curl_slist_append(headers, "x-xdr-auth-id: SOME_STRING_VALUE");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);

CURLcode ret = curl_easy_perform(hnd);

var client = new RestClient("https://api-yourfqdn/public_api/v1/assets/%7Bid%7D");
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", "SOME_STRING_VALUE");
request.AddHeader("x-xdr-auth-id", "SOME_STRING_VALUE");
IRestResponse response = client.Execute(request);

Responses

Body

application/json

dataarray

[

xdm.asset.last_observedinteger

Timestamp of when the asset was last observed

xdm.asset.cloud.regionstring

Region of the cloud asset

xdm.asset.idstring

Asset ID

xdm.asset.providerstring

xdm.asset.first_observedinteger

Timestamp of when the asset was first observed

xdm.asset.type.namestring

Represents the provider-specific name for a particular asset within a category

xdm.asset.strong_idstring

xdm.asset.namestring

Asset name

xdm.asset.type.classstring

The highest-level grouping of assets based on their general purpose or domain. It is a broad classification that defines the overall function of the assets.

xdm.asset.type.idstring

Asset type ID

xdm.asset.type.categorystring

A more detailed grouping within a class. It categorizes assets based on their normalized function or common type, regardless of the provider or implementation.

issues_criticalinteger

xdm.asset.realmstring

xdm.asset.group_idsarray[string]

List of asset group IDs

cases_breakdownobject

criticalinteger

Number of critical cases

highinteger

Number of high cases

lowinteger

Number of low cases

mediuminteger

Number of medium cases

issues_breakdownobject

criticalinteger

Number of critical issues

highinteger

Number of high issues

lowinteger

Number of low issues

mediuminteger

Number of medium issues

cases_criticalinteger

xdm.host.ipv4_addressesarray[string]

]

metadataobject

filter_countinteger

total_countinteger

RESPONSEExample 1
{
  "reply": {
    "data": [
      {
        "xdm.asset.last_observed": 1748399709000,
        "xdm.asset.cloud.region": null,
        "xdm.asset.id": "fffd007cff1c15f3a0d132ae630df9630fe00e39bc66813a9fa9b6457a786afc",
        "xdm.asset.provider": "ON_PREM",
        "xdm.asset.first_observed": 1747834085000,
        "xdm.asset.type.name": "Generic Device",
        "xdm.asset.strong_id": "172.16.33.51",
        "xdm.asset.name": null,
        "xdm.asset.type.class": "Compute",
        "xdm.asset.type.id": "GENERIC_DEVICE",
        "xdm.asset.type.category": "Device",
        "issues_critical": 0,
        "xdm.asset.realm": "Other",
        "xdm.asset.group_ids": [],
        "cases_breakdown": {
          "critical": 0,
          "high": 0,
          "low": 0,
          "medium": 0
        },
        "issues_breakdown": {
          "critical": 0,
          "high": 0,
          "low": 0,
          "medium": 0
        },
        "cases_critical": 0,
        "xdm.host.ipv4_addresses": [
          "172.16.33.51"
        ]
      }
    ],
    "metadata": {
      "filter_count": 1,
      "total_count": 915
    }
  }
}

Unauthorized

Body

application/json

[

err_codeinteger

Example:403

err_msgstring

Example:"Forbidden. Access was denied to this resource."

err_extrastring

]

RESPONSE
[
  {
    "err_code": 403,
    "err_msg": "Forbidden. Access was denied to this resource.",
    "err_extra": "example"
  }
]

Asset Not Found

Body

application/json

[

err_codeinteger

Example:404

err_msgstring

Example:"An unexpected behavior occurred by Cortex Pubic API"

err_extrastring

]

RESPONSE
[
  {
    "err_code": 404,
    "err_msg": "An unexpected behavior occurred by Cortex Pubic API",
    "err_extra": "example"
  }
]

Internal Server Error

Body

application/json

[

err_codeinteger

Example:500

err_msgstring

Example:"An unexpected behavior occurred by Cortex Pubic API"

err_extrastring

]

RESPONSE
[
  {
    "err_code": 500,
    "err_msg": "An unexpected behavior occurred by Cortex Pubic API",
    "err_extra": "example"
  }
]