Get Service Details

Cortex Xpanse REST API

post /public_api/v1/assets/get_external_service/

Required license: **Cortex Xpanse Expander**

Get service details according to the service ID. You can send up to 20 IDs.

CURL
curl -X POST \ -H "Accept: application/json" \ -H "Content-Type: application/json" -H "authorization: {{api_key}}" -H "x-xdr-auth-id: {{api_key_id}}" \ "https://api-}/public_api/v1/assets/get_external_service/" \ -d '{ "request_data" : { "service_id_list" : [ "service_id_list", "service_id_list", "service_id_list", "service_id_list", "service_id_list" ] } }'
Request headers
authorization
required
String
api-key
Example: {{api_key}}
x-xdr-auth-id
required
String
api-key-id
Example: {{api_key_id}}
Request
Body
required
request_data
required
Object
(Required) A dictionary containing the API request fields.
service_id_list
optional
Array of strings
Responses

OK

Body
reply
required
Object
JSON object containing the query result.
details
optional
Array of objects
Service details according to the service ID.
service_id
required
String (UUID)
format: uuid
service_name
required
String
service_type
required
String
ip_address
optional
Array of strings
domain
optional
Array of strings
externally_detected_providers
optional
Array of strings
is_active
optional
String
first_observed
optional
Integer
last_observed
optional
Integer
port
optional
Integer
protocol
optional
String
active_classifications
optional
Array of strings
inactive_classifications
optional
Array of strings
discovery_type
optional
String
externally_inferred_vulnerability_score
optional
Number
externally_inferred_cves
optional
Array of strings
details
optional
Object
serviceKey
optional
String
serviceKeyType
optional
String
providerDetails
optional
Array of objects
name
required
String
displayName
required
String
firstObserved
optional
Integer
lastObserved
optional
Integer
certificates
optional
Array of objects
certificate
optional
Object
issuer
optional
String
issuerAlternativeNames
optional
String
issuerCountry
optional
String
issuerEmail
optional
String
issuerLocality
optional
String
issuerName
optional
String
issuerOrg
optional
String
formattedIssuerOrg
optional
String
issuerOrgUnit
optional
String
issuerState
optional
String
publicKey
optional
String
publicKeyAlgorithm
optional
String
publicKeyRsaExponent
optional
Integer
signatureAlgorithm
optional
String
subject
optional
String
subjectAlternativeNames
optional
String
subjectCountry
optional
String
subjectEmail
optional
String
subjectLocality
optional
String
subjectName
optional
String
subjectOrg
optional
String
subjectOrgUnit
optional
String
subjectState
optional
String
serialNumber
optional
String
validNotBefore
optional
Integer
validNotAfter
optional
Integer
version
optional
String
publicKeyBits
optional
Integer
publicKeyModulus
optional
String
publicKeySpki
optional
String
sha1Fingerprint
optional
String
sha256Fingerprint
optional
String
md5Fingerprint
optional
String
activityStatus
optional
String
lastObserved
optional
Integer
firstObserved
optional
Integer
domains
optional
Array of objects
domain
optional
String
activityStatus
optional
String
lastObserved
optional
Integer
firstObserved
optional
Integer
ips
optional
Array of objects
ip
optional
Integer
ipv6
optional
String
protocol
optional
String
provider
optional
String
geolocation
optional
Object
latitude
optional
Number
longitude
optional
Number
countryCode
optional
String
city
optional
String
regionCode
optional
String
timeZone
optional
String
activityStatus
optional
String
lastObserved
optional
Integer
firstObserved
optional
Integer
classifications
optional
Array of objects
name
required
String
activityStatus
optional
String
values
optional
Array of objects
jsonValue
required
String
firstObserved
required
Integer
lastObserved
required
Integer
firstObserved
optional
Integer
lastObserved
optional
Integer
tlsVersions
optional
Array of objects
tlsVersion
optional
String
cipherSuite
optional
String
firstObserved
optional
Integer
lastObserved
optional
Integer
activityStatus
optional
String
inferred_cves_observed
optional
Array of objects
inferredCve
optional
Array of objects
cveId
required
String
cvssScoreV2
optional
String
cveSeverityV2
optional
String
cvssScoreV3
optional
Number
cveSeverityV3
required
String
inferredCveMatchMetadata
optional
Array of objects
inferredCveMatchType
required
String
product
required
String
confidence
required
String
vendor
required
String
version
required
String
epssScore
optional
String
cvssTemporalScoreV3
optional
String
cvssTemporalScoreV2
optional
String
publishedExploitsCount
optional
String
reportedExploitedInTheWild
optional
String
firstExploitPublished
optional
String
firstReportedThreatActor
optional
String
firstReportedRansomware
optional
String
firstReportedBotnet
optional
String
lastExploitPublished
optional
String
lastReportedThreatActor
optional
String
lastReportedRansomware
optional
String
lastReportedBotnet
optional
String
cisaKevDateAdded
optional
String
activityStatus
optional
String
lastObserved
optional
Integer
firstObserved
optional
Integer
enrichedObservationSource
optional
String
ip_ranges
optional
Map of objects
Keys should be valid IPv4 address
_IS_DELETED
optional
String
_LAST_MODIFIED_TIME
optional
Integer
ACTIVE_RESPONSIVE_IPS_COUNT
optional
Integer
ANNOTATION
optional
String
ASN_COUNTRIES
optional
Array of strings
ASN_HANDLES
optional
Array of strings
ASN_RECORD_NAMES
optional
Array of strings
ASN_REGISTRIES
optional
Array of strings
BUSINESS_UNIT
optional
Array of objects
tag_id
required
String
tag_name
required
String
CITIES
optional
Array of strings
DATE_ADDED
optional
Integer
DETAILS
optional
Object
networkRecords
optional
Object
firstIp
optional
String
firstIpv6
optional
String
handle
required
String
lastChanged
optional
Integer
lastIp
optional
String
lastIpv6
optional
String
name
required
String
organizationRecords
optional
Array of objects
address
required
String
dateAdded
optional
Integer
email
required
String
firstRegistered
optional
Integer
formattedName
required
String
handle
required
String
kind
required
String
lastChanged
optional
Integer
org
required
String
phone
required
String
remarks
required
String
roles
optional
Array of strings
remarks
optional
String
whoIsServer
required
String
ENTITY_TYPES
optional
Array of strings
EXPLAINERS
optional
Array of strings
FIRST_IP
optional
String
FIRST_IPV6
optional
String
HAS_BU_OVERRIDES
optional
Boolean
IP_RANGE_ID
required
String
IP_VERSION
optional
Integer
IS_SUBRANGE
optional
Boolean
LAST_IP
optional
String
LAST_IPV6
optional
String
ORGANIZATION_HANDLES
optional
String
REGIONS
optional
Array of strings
SBAC_TAGS
optional
Array of objects
tag_id
required
String
tag_name
required
String
SECTORS
optional
Array of strings
SIZE
optional
Integer
STATES
optional
Array of strings
SUBRANGE_CREATED_EMAIL
optional
String
SUBRANGE_CREATED_TS
optional
Integer
SUBRANGE_CREATED_USER
optional
String
SYSTEM_RANGE_FIRST_IP
optional
String
SYSTEM_RANGE_ID
optional
String
SYSTEM_RANGE_LAST_IP
optional
String
TAGS
optional
Array of objects
tag_id
required
String
tag_name
required
String
cloud_management_status
optional
String
tags
optional
Array of strings
ipv6_address
optional
Array of strings
pretty_name
optional
String
groups
optional
Array of strings
users
optional
Array of strings

Bad Request. Got an invalid JSON.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. User does not have the required license type to run this API.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unprocessable Entity

Body
code
optional
Integer
Error code
status
optional
String
Error name
message
optional
String
Error message
errors
optional
Object
Errors

Internal server error. A unified status for API communication type errors.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.