Get All Assets

Cortex Xpanse REST API

post /public_api/v1/assets/get_assets_internet_exposure

Get a list of all your assets or a filtered list of your assets.

The maximum result limit is 5000 assets.

Required license: Cortex Xpanse Expander

CURL
curl -X POST \ -H "Accept: application/json" \ -H "Content-Type: application/json" -H "authorization: authorization_example" -H "x-xdr-auth-id: xXdrAuthId_example" \ "https://api-yourfqdn/public_api/v1/assets/get_assets_internet_exposure" \ -d '{ "request_data" : { "search_from" : 0, "next_page_token" : "next_page_token", "filters" : [ { "field" : "field", "value" : [ "", "" ], "operator" : "operator" }, { "field" : "field", "value" : [ "", "" ], "operator" : "operator" } ], "sort" : { "field" : "name", "keyword" : "ASC" }, "search_to" : 6, "use_page_token" : true } }'
Request headers
authorization
required
String
api_key
Example: authorization_example
x-xdr-auth-id
required
String
api_key_id
Example: xXdrAuthId_example
Request
Body
optional

Note: Each request requires both API Key and API Key ID headers. For example:

curl -X POST https://api-{fqdn}/xpanse/{endpoint_path}/
-H "x-xdr-auth-id:{api_key_id}" 
-H "Authorization:{api_key}" 
-H "Content-Type:application/json" 
-d '{}'
Example: {"request_data":{"filters":[{"field":"string","operator":"string","value":["yes"]}],"search_from":0,"search_to":500,"sort":{"field":"name","keyword":"ASC"}}}
request_data
required

A dictionary containing the API request fields.

An empty dictionary returns all results.

filters
optional
Array
An array of filter fields.
field
optional
String

Identifies the assets field the filter is matching. Filters are based on the following case-sensitive keywords:

  • business_units_list
  • externally_detected_providers
  • externally_inferred cves
  • has_active_external_services
  • has_bu_overrides
  • ip_address
  • ipv6_address
  • name
  • tags
  • type
operator
optional
String

Identifies the comparison operator you want to use for this filter. Valid keywords and values are:

  • contains / not_contains: use with externally_detected_providers, externally_inferred_cves, name
  • eq / neq: use with name, ip_address, has_bu_overrides
  • in: use with has_active_external_services, type, business_units_list
value
optional
Array of objects

Value depends on the filter field used.

  • business_units_list: string or list of strings in the format "BU name" or "BU:BU name", for example “Acme & Co, Inc.” or “BU:Acme & Co, Inc.”
  • externally_detected_providers: string
  • externally_inferred_cves: string
  • has_active_external_services: list of strings (enum values: "yes", "no", "unknown")
  • has_bu_overrides: boolean ("true" or "false")
  • ip_addres: string
  • ipv6_address: string
  • name: string
  • type: List of strings (enum values: "certificate", "cloud_integration", "cloud_compute_instance", "domain", "unassociated_responsive_ip")
  • tags: List of strings indicating the tags to filter on in the format "tag-family:tag-name", for example "AR:registered to you".
  • type: string
search_from
optional
Integer
Represents the start offset index of results.
search_to
optional
Integer

An integer representing the start offset index of results. Use this field to specify the number of results on a page when using page token pagination.

Max value - 5000

sort
optional
Identifies the sort order for the result set.
field
optional
String (Enum)
Case sensitive.
Allowed values:
name
first_observed
last_observed
keyword
optional
String (Enum)
Case sensitive.
Allowed values:
ASC
DESC
use_page_token
optional
Boolean
Use "use_page_token":true in the initial request to paginate the response data. Sort is not supported when using the use_page_token/next_page_token fields.
next_page_token
optional
String
If "use_page_token":true was included in the initial request, the response for that request will include a page token. Use "next_page_token":"string" to pass that page token into the next request to paginate the next set of data.
Responses

OK

Body
reply
optional
total_count
optional
Integer
result_count
optional
Integer
assets_internet_exposure
optional
Array
asm_ids
optional
Array of strings
name
optional
String
asset_type
optional
String
cloud_provider
optional
String
externally_detected_providers
optional
Array of objects
region
optional
String
ips
optional
String
management_status
optional
Array of objects
iot_model
optional
Object
iot_category
optional
Object
iot_profile
optional
Object
sensor
optional
Array of strings
service_type
optional
Array of objects
last_observed
optional
Integer
first_observed
optional
Integer
has_active_externally_services
optional
Boolean
has_xdr_agent
optional
String
certificate_classifications
optional
Array of strings
certificate_issuer
optional
String
certificate_algorithm
optional
String
mac_addresses
optional
Array of objects
cloud_id
optional
String
ip_ranges
optional
Array of objects
domain_resolves
optional
Boolean
operation_system
optional
Object
asm_va_score
optional
Object
externally_inferred_cves
optional
Array of objects
agent_id
optional
Object
tags
optional
Array of strings
ipv6s
optional
Object
has_alerts
optional
Boolean
has_incidents
optional
Boolean
annotation
optional
String
cloud_resource_type
optional
Object
provider_account
optional
Object
domain
optional
Object
asset_explainers
optional
Array of objects
date_added
optional
Integer
certificate_details
optional
formattedIssuerOrg
optional
String
issuer
optional
String
issuerAlternativeNames
optional
String
issuerCountry
optional
String
issuerEmail
optional
String
issuerLocality
optional
String
issuerName
optional
String
issuerOrg
optional
String
issuerOrgUnit
optional
String
issuerState
optional
String
md5Fingerprint
optional
String
publicKey
optional
String
publicKeyAlgorithm
optional
String
publicKeyBits
optional
Integer
publicKeyModulus
optional
String
publicKeyRsaExponent
optional
Integer
publicKeySpki
optional
String
serialNumber
optional
String
sha1Fingerprint
optional
String
sha256Fingerprint
optional
String
signatureAlgorithm
optional
String
subject
optional
String
subjectAlternativeNames
optional
String
subjectCountry
optional
String
subjectEmail
optional
String
subjectLocality
optional
String
subjectName
optional
String
subjectOrg
optional
String
subjectOrgUnit
optional
String
subjectState
optional
String
validNotAfter
optional
Integer
validNotBefore
optional
Integer
version
optional
String
domain_details
optional
String
last_sampled_ip
optional
String
recent_ips
optional
Array of objects
business_units
optional
Array
creation_time
optional
Integer
family
optional
String
family_alias
optional
String
id
optional
String
name
optional
String
parent_id
optional
String
update_time
optional
Integer
has_bu_overrides
optional
Boolean
next_page_token
optional
String

Bad Request. Got an invalid JSON.

Body
The query result upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.

Body
The query result upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. User does not have the required license type to run this API.

Body
The query result upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.

Body
The query result upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Internal server error. A unified status for API communication type errors.

Body
The query result upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.