Get a list of all your assets or a filtered list of your assets.
The maximum result limit is 5000 assets.
Required license: Cortex Xpanse Expander
authorization
String
required
{{api_key}}
x-xdr-auth-id
String
required
{{api_key_id}}
request_dataObject
A dictionary containing the API request fields. An empty dictionary returns all results.
filtersArray
An array of filter fields.
fieldString (Enum)
Identifies the assets field the filter is matching. Case-sensitive.
operatorString (Enum)
Identifies the comparison operator you want to use for this filter. Valid keywords and values are:
- contains / not_contains: use with externally_detected_providers, externally_inferred_cves, name
- eq / neq: use with name, ip_address, has_bu_overrides.
- gte: Filters data from a specific timestamp onwards. Use with first_observed, last_observed.
- in: use with has_active_external_services, type, business_units_list, ip_address.
- lte: Filters data up to a specific timestamp. Use with first_observed, last_observed.
- range: Filters data between two specific timestamps.Use with first_observed, last_observed.
- relative_timestamp: Filters data relative to the current time (e.g., last 30 days). Use with first_observed or last_observed.
valueObject
Value depends on the filter field used.
- business_un*its_list: string or list of strings in the format "BU name" or "BU:BU name", for example “Acme & Co, Inc.” or “BU:Acme & Co, Inc.”
- *externally_detected_providers: string
- externally_inferred_cves: string
- first_observed — values in milliseconds format
- with gte or lte operator, specify a specific date or time as a timestamp in milliseconds format
- with range operator, specify "to" and "from" values as timestamps in milliseconds format
"value": { "from": "{{previous30Days}}","to": "{{previous7Days}}"
- with relative_timestamp operator, specify time interval to look back on (24H, 7D, 30D, etc.) as a value in milliseconds format
- has_active_external_services: list of strings (enum values: "yes", "no", "unknown")
- has_bu_overrides: boolean ("true" or "false")
- ip_address: list of strings
- ipv6_address: string
- last_observed — values in milliseconds format
- with gte or lte operator, specify a specific date or time as a timestamp in milliseconds format
- with range operator, specify "to" and "from" values as timestamps in milliseconds format, as follows
"value": { "from": "{{previous30Days}}","to": "{{previous7Days}}"
- with relative_timestamp operator, specify time interval to look back on (24H, 7D, 30D, etc.) as a value in milliseconds format
- name: string
- type: List of strings (enum values: "certificate", "cloud_integration", "cloud_compute_instance", "domain", "unassociated_responsive_ip")
- tags: List of strings indicating the tags to filter on in the format "tag-family:tag-name", for example "AR:registered to you".
- type: string
search_fromInteger
Represents the start offset index of results.
search_toInteger
An integer representing the start offset index of results. Use this field to specify the number of results on a page when using page token pagination.
Max value - 5000
sortObject
Identifies the sort order for the result set.
fieldString (Enum)
Case sensitive.
keywordString (Enum)
Case sensitive.
use_page_tokenBoolean
Use "use_page_token":true in the initial request to paginate the response data.
next_page_tokenString
If "use_page_token":true was included in the initial request, the response for that request will include a page token.
Use "next_page_token":"string" to pass that page token into the next request to paginate the next set of data.'
{
"request_data": {
"search_from": 0,
"next_page_token": "next_page_token",
"filters": [
{
"field": "name",
"value": "AsmAssetsFilter_value",
"operator": "in"
},
{
"field": "name",
"value": "AsmAssetsFilter_value",
"operator": "in"
}
],
"sort": {
"field": "name",
"keyword": "asc"
},
"search_to": 0,
"use_page_token": true
}
}
{
"request_data": {
"filters": [
{
"field": "name",
"operator": "in",
"value": "string"
}
],
"search_from": 0,
"search_to": 500,
"sort": {
"field": "name",
"keyword": "asc"
},
"use_page_token": true,
"next_page_token": "string"
}
}
curl -X 'POST'
-H
'Accept: application/json'
-H
'Content-Type: application/json'
-H
'authorization: {{api_key}}'
-H
'x-xdr-auth-id: {{api_key_id}}'
'https://api-}/public_api/v1/assets/get_assets_internet_exposure/'
-d
'{
"request_data" : {
"search_from" : 0,
"next_page_token" : "next_page_token",
"filters" : [ {
"field" : "name",
"value" : "AsmAssetsFilter_value",
"operator" : "in"
}, {
"field" : "name",
"value" : "AsmAssetsFilter_value",
"operator" : "in"
} ],
"sort" : {
"field" : "name",
"keyword" : "asc"
},
"search_to" : 0,
"use_page_token" : true
}
}'
OK
replyObject
total_countInteger
result_countInteger
assets_internet_exposureArray
agent_idString
annotationString
asm_idsArray[string]
asm_va_scoreNumber
asset_explainersArray[string]
asset_typeString
aws_cloud_tagsArray[string]
azure_cloud_tagsArray[string]
business_unitsArray
creation_timeInteger
familyString
family_aliasString
idString
is_activeInteger
nameString
parent_idString
update_timeInteger
certificate_algorithmString
certificate_classificationsArray[string]
certificate_detailsObject
issuerString
issuerAlternativeNamesString
issuerCountryString
issuerEmailString
issuerLocalityString
issuerNameString
issuerOrgString
formattedIssuerOrgString
issuerOrgUnitString
issuerStateString
publicKeyString
publicKeyAlgorithmString
publicKeyRsaExponentInteger
signatureAlgorithmString
subjectString
subjectAlternativeNamesString
subjectCountryString
subjectEmailString
subjectLocalityString
subjectNameString
subjectOrgString
subjectOrgUnitString
subjectStateString
serialNumberString
validNotBeforeInteger
validNotAfterInteger
versionString
publicKeyBitsInteger
publicKeyModulusString
publicKeySpkiString
sha1FingerprintString
sha256FingerprintString
md5FingerprintString
certificate_expiry_dateInteger
certificate_issuerString
cloud_idString
cloud_providerString
cloud_resource_typeString
creation_timeInteger
date_addedInteger
domainString
domain_detailsObjectrequired
adminObject
cityString
countryString
emailAddressString
faxExtensionString
faxNumberString
nameString
organizationString
phoneExtensionString
phoneNumberString
postalCodeString
provinceString
registryIdString
streetString
alignedRegistrarString
collectionTimeInteger
creationDateInteger
dnssecString
domainNameString
domainStatusesArray[string]
droppedBoolean
nameServersArray[string]
registrantObject
cityString
countryString
emailAddressString
faxExtensionString
faxNumberString
nameString
organizationString
phoneExtensionString
phoneNumberString
postalCodeString
provinceString
registryIdString
streetString
registrarObject
abuseContactEmailString
abuseContactPhoneString
alignedNameString
ianaIdNumber
nameString
registrationExpirationDateNumber
urlString
whoisServerString
registryDomainIdString
registryExpiryDateInteger
resellerString
retrievedDateInteger
techObject
cityString
countryString
emailAddressString
faxExtensionString
faxNumberString
nameString
organizationString
phoneExtensionString
phoneNumberString
postalCodeString
provinceString
registryIdString
streetString
updatedDateInteger
domain_resolvesBoolean
extended_propertiesObject
last_start_timeInteger
machine_typeString
network_interfacesArray
idString
ipString
subnet_idString
vpc_idString
private_ipsArray[string]
public_ipsArray[string]
volumeArray
bootBoolean
idString
nameString
typeString
external_ipsArray[string]
externally_detected_providersArray[string]
externally_inferred_cvesArray[string]
first_observedInteger
gcp_cloud_tagsArray[string]
geo_regionString
has_active_externally_servicesBoolean
has_alertsBoolean
has_bu_overridesBoolean
has_incidentsBoolean
has_xdr_agentString
hierarchyString
internal_ipsArray[string]
iot_categoryString
iot_modelString
iot_profileString
ip_rangesArray[string]
ipsArray[string]
ipv6sArray[string]
last_observedInteger
last_sampled_ipInteger
mac_addressesArray[string]
management_statusArray[string]
nameString
open_portsArray[integer]
operation_systemString
project_nameString
provider_accountString
recent_ipsArray
idString
ipInteger
ipv6String
sourceObjectrequired
nameString
providerObjectrequired
nameString
additionalProviderInfoString
isCdnBoolean
legacyNameString
displayNameString
cdnBoolean
lastObservedInteger
firstObservedInteger
regionString
sensorArray[string]
service_typeArray[string]
sub_regionArray[string]
tagsArray[string]
vpc_name_idString
next_page_tokenString
This attribute is only returned if use_page_token is provided in the request with value true
{
"reply": {
"total_count": 0,
"result_count": 0,
"assets_internet_exposure": [
{
"agent_id": "agent_id_example",
"annotation": "annotation_example",
"asm_ids": [
"asm_ids_example"
],
"asm_va_score": 0.0,
"asset_explainers": [
"asset_explainers_example"
],
"asset_type": "asset_type_example",
"aws_cloud_tags": [
"aws_cloud_tags_example"
],
"azure_cloud_tags": [
"azure_cloud_tags_example"
],
"business_units": [
[
{
"creation_time": 0,
"family": "family_example",
"family_alias": "family_alias_example",
"id": "id_example",
"is_active": 0,
"name": "name_example",
"parent_id": "parent_id_example",
"update_time": 0
}
]
],
"certificate_algorithm": "certificate_algorithm_example",
"certificate_classifications": [
"certificate_classifications_example"
],
"certificate_details": {
"issuer": "issuer_example",
"issuerAlternativeNames": "issuerAlternativeNames_example",
"issuerCountry": "issuerCountry_example",
"issuerEmail": "issuerEmail_example",
"issuerLocality": "issuerLocality_example",
"issuerName": "issuerName_example",
"issuerOrg": "issuerOrg_example",
"formattedIssuerOrg": "formattedIssuerOrg_example",
"issuerOrgUnit": "issuerOrgUnit_example",
"issuerState": "issuerState_example",
"publicKey": "publicKey_example",
"publicKeyAlgorithm": "publicKeyAlgorithm_example",
"publicKeyRsaExponent": 0,
"signatureAlgorithm": "signatureAlgorithm_example",
"subject": "subject_example",
"subjectAlternativeNames": "subjectAlternativeNames_example",
"subjectCountry": "subjectCountry_example",
"subjectEmail": "subjectEmail_example",
"subjectLocality": "subjectLocality_example",
"subjectName": "subjectName_example",
"subjectOrg": "subjectOrg_example",
"subjectOrgUnit": "subjectOrgUnit_example",
"subjectState": "subjectState_example",
"serialNumber": "serialNumber_example",
"validNotBefore": 0,
"validNotAfter": 0,
"version": "version_example",
"publicKeyBits": 0,
"publicKeyModulus": "publicKeyModulus_example",
"publicKeySpki": "publicKeySpki_example",
"sha1Fingerprint": "sha1Fingerprint_example",
"sha256Fingerprint": "sha256Fingerprint_example",
"md5Fingerprint": "md5Fingerprint_example"
},
"certificate_expiry_date": 0,
"certificate_issuer": "certificate_issuer_example",
"cloud_id": "cloud_id_example",
"cloud_provider": "cloud_provider_example",
"cloud_resource_type": "cloud_resource_type_example",
"creation_time": 0,
"date_added": 0,
"domain": "domain_example",
"domain_details": {
"admin": {
"city": "city_example",
"country": "country_example",
"emailAddress": "emailAddress_example",
"faxExtension": "faxExtension_example",
"faxNumber": "faxNumber_example",
"name": "name_example",
"organization": "organization_example",
"phoneExtension": "phoneExtension_example",
"phoneNumber": "phoneNumber_example",
"postalCode": "postalCode_example",
"province": "province_example",
"registryId": "registryId_example",
"street": "street_example"
},
"alignedRegistrar": "alignedRegistrar_example",
"collectionTime": 0,
"creationDate": 0,
"dnssec": "dnssec_example",
"domainName": "domainName_example",
"domainStatuses": [
"domainStatuses_example"
],
"dropped": false,
"nameServers": [
"nameServers_example"
],
"registrant": {
"city": "city_example",
"country": "country_example",
"emailAddress": "emailAddress_example",
"faxExtension": "faxExtension_example",
"faxNumber": "faxNumber_example",
"name": "name_example",
"organization": "organization_example",
"phoneExtension": "phoneExtension_example",
"phoneNumber": "phoneNumber_example",
"postalCode": "postalCode_example",
"province": "province_example",
"registryId": "registryId_example",
"street": "street_example"
},
"registrar": {
"abuseContactEmail": "abuseContactEmail_example",
"abuseContactPhone": "abuseContactPhone_example",
"alignedName": "alignedName_example",
"ianaId": 0.0,
"name": "name_example",
"registrationExpirationDate": 0.0,
"url": "url_example",
"whoisServer": "whoisServer_example"
},
"registryDomainId": "registryDomainId_example",
"registryExpiryDate": 0,
"reseller": "reseller_example",
"retrievedDate": 0,
"tech": {
"city": "city_example",
"country": "country_example",
"emailAddress": "emailAddress_example",
"faxExtension": "faxExtension_example",
"faxNumber": "faxNumber_example",
"name": "name_example",
"organization": "organization_example",
"phoneExtension": "phoneExtension_example",
"phoneNumber": "phoneNumber_example",
"postalCode": "postalCode_example",
"province": "province_example",
"registryId": "registryId_example",
"street": "street_example"
},
"updatedDate": 0
},
"domain_resolves": false,
"extended_properties": {
"last_start_time": 0,
"machine_type": "machine_type_example",
"network_interfaces": [
{
"id": "id_example",
"ip": "ip_example",
"subnet_id": "subnet_id_example",
"vpc_id": "vpc_id_example"
}
],
"private_ips": [
"private_ips_example"
],
"public_ips": [
"public_ips_example"
],
"volume": [
{
"boot": false,
"id": "id_example",
"name": "name_example",
"type": "type_example"
}
]
},
"external_ips": [
"external_ips_example"
],
"externally_detected_providers": [
"externally_detected_providers_example"
],
"externally_inferred_cves": [
"externally_inferred_cves_example"
],
"first_observed": 0,
"gcp_cloud_tags": [
"gcp_cloud_tags_example"
],
"geo_region": "geo_region_example",
"has_active_externally_services": false,
"has_alerts": false,
"has_bu_overrides": false,
"has_incidents": false,
"has_xdr_agent": "has_xdr_agent_example",
"hierarchy": "hierarchy_example",
"internal_ips": [
"internal_ips_example"
],
"iot_category": "iot_category_example",
"iot_model": "iot_model_example",
"iot_profile": "iot_profile_example",
"ip_ranges": [
"ip_ranges_example"
],
"ips": [
"ips_example"
],
"ipv6s": [
"ipv6s_example"
],
"last_observed": 0,
"last_sampled_ip": 0,
"mac_addresses": [
"mac_addresses_example"
],
"management_status": [
"management_status_example"
],
"name": "name_example",
"open_ports": [
0
],
"operation_system": "operation_system_example",
"project_name": "project_name_example",
"provider_account": "provider_account_example",
"recent_ips": [
{
"id": "id_example",
"ip": 0,
"ipv6": "ipv6_example",
"source": {
"name": "name_example"
},
"provider": {
"name": "name_example",
"additionalProviderInfo": "additionalProviderInfo_example",
"isCdn": false,
"legacyName": "legacyName_example",
"displayName": "displayName_example",
"cdn": false
},
"lastObserved": 0,
"firstObserved": 0
}
],
"region": "region_example",
"sensor": [
"sensor_example"
],
"service_type": [
"service_type_example"
],
"sub_region": [
"sub_region_example"
],
"tags": [
"tags_example"
],
"vpc_name_id": "vpc_name_id_example"
}
],
"next_page_token": "next_page_token_example"
}
}Bad Request. Got an invalid JSON.
replyObject
The query results upon error.
{
"reply": {}
}Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.
replyObject
The query results upon error.
{
"reply": {}
}Unauthorized access. User does not have the required license type to run this API.
replyObject
The query results upon error.
{
"reply": {}
}Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.
replyObject
The query results upon error.
{
"reply": {}
}Unprocessable Entity
codeInteger
Error code
statusString
Error name
messageString
Error message
errorsObject
Errors
{
"code": 0,
"status": "status_example",
"message": "message_example",
"errors": {}
}Internal server error. A unified status for API communication type errors.
replyObject
The query results upon error.
{
"reply": {}
}