Get Asset

POST 
/uai/v1/asset

Returns detailed information for the asset with the given id.

The data field in the response object contains the raw JSON blob as returned by the source cloud service provider API for the given asset.

Only the rrn parameter in the request body is used for this API. Ignore the timelineItemId and findingType fields.

Ensure to add the required parameters for the asset query parameter with type as follows:

Type	Conditionally Required Query Parameters
external_finding	findingType riskFactors
alerts	alertIds
attack_path	attackPathIds
package_info	vulnerabilityInfoTypeId filters
labels	filters
vulnerability_aggregates	filters
process_info	filters
vulnerabilities_group_by_type	vulnerabilityInfoTypeId filters
asset_cwp_vulns	vulnerabilityInfoTypeId vulnerabilityInfoType filters

Request

application/json

Body

required

assetId stringrequired

Unified Asset Id or RRN (Restricted Resource Name)

type stringrequired

Possible values: [external_finding, asset, asset_lite, alerts, alerts_counts, alert_summary, finding_summary, attack_path, attack_path_summary, raw_config, network, timeline, external_integration, asset_data_indicators, relationships, findings, vulnerabilities, permissions, package_info, labels, vulnerability_aggregates, process_info, vulnerabilities_group_by_type, asset_cwp_vulns, app_contexts, attributes]

Asset Domain Service query type.

findingType string[]

Possible values: [HOST_VULNERABILITY_CVE, CONTAINER_IMAGE_VULNERABILITY_CVE, VIRTUAL_IMAGE_VULNERABILITY_CVE, SERVERLESS_VULNERABILITY, PACKAGE_VULNERABILITY, COMPLIANCE_CIS, GUARD_DUTY_HOST, GUARD_DUTY_IAM, INSPECTOR_RBA, INSPECTOR_SBP, NETWORK_REACHABILITY, AZURE_SECURITY_CENTER_ALERTS]

External Finding Types

riskFactors string[]

Possible values: [CRITICAL_SEVERITY, HIGH_SEVERITY, MEDIUM_SEVERITY, HAS_FIX, REMOTE_EXECUTION, DOS, RECENT_VULNERABILITY, EXPLOIT_EXISTS, ATTACK_COMPLEXITY_LOW, ATTACK_VECTOR_NETWORK, REACHABLE_FROM_THE_INTERNET, LISTENING_PORTS, CONTAINER_IS_RUNNING_AS_ROOT, NO_MANDATORY_SECURITY_PROFILE_APPLIED, RUNNING_AS_PRIVILEGED_CONTAINER, PACKAGE_IN_USE, DOS_LOW, DOS_HIGH, EXPLOIT_EXISTS_IN_THE_WILD, EXPLOIT_EXISTS_POC, SENSITIVE_INFORMATION, ROOT_MOUNT, RUNTIME_SOCKET, HOST_ACCESS]

External finding risk factors

timelineItemId string

Timeline Item ID

alertIds string[]required

List of Alert Ids

attackPathIds object[]required
List of Attack Path Ids
Array [
id string
type string
Possible values: [ALERT_ID]
]
limit int32

Limit number of records

permissionType string

Permissions Type

pageToken string

Next Page Token

prismaCloudFindingsOnly booleanrequired

Filter Hyperion Findings

vulnerabilityInfoTypeId string

CVE Idf, or Package Id or Layer Id. The value needs to be fetched from one of the group by api calls

vulnerabilityInfoType string

Possible values: [CVE, PACKAGE, LAYER]

Supported Vuln Info Types: Package, layer and CVE

filters object
Filters applied to CWP Vulns
offset integer
nextPageToken string
limit integer
search string
sort string
reverse boolean
type string
path string
riskFactors string[]
funnelStage string
patchable boolean
vulnerable boolean
severity string
packageInUse boolean

Responses

200

Successful Operation

application/json

Schema

Schema

data object
Asset Domain Service Object type.
asset object
Asset Domain Service Object type.
problem object[]
Array [
instance uri
type uri
parameters object
property name* object
title string
status object
reasonPhrase string
statusCode int32
detail string
]
id string
prismaId string
appName string[]
externalAssetId string
assetTypeId int32
cloudType string
Possible values: [all, aws, azure, gcp, alibaba_cloud, oci, other, ibm]
createdTs int64
insertTs int64
data object
dynamicData object
riskGrade string
stateId string
name string
regionId string
regionName string
altAssetId string[]
url string
vpcId string
vpcExternalAssetId string
vpcName string
tags object
relationshipCounts int32
vulnerabilityCounts object
accountGroup string
accountName string
assetType string
serviceName string
resourceType string
deleted booleanrequired
assetClassId string
assetClass string
attributes object
property name* object
packageInfo object
vulnerabilitiesAggregates object
alertsCount object[]
Array [
severity string
count int32
]
alerts object[]
Array [
problem object
instance uri
type uri
parameters object
property name* object
title string
status object
reasonPhrase string
statusCode int32
detail string
id string
severity string
policyId string
isHyperionPolicy booleanrequired
policyType string
policyName string
policyDescription string
alertTime int64
]
relationships object[]
Array [
assetId string
relationshipType string
assetTypeId int32required
assetType string
assetName string
externalAssetId string
cloudId string
cloudName string
pseudoAsset booleanrequired
region string
cloudAccountId string
assetClassId string
assetClass string
alertsCount object[]
Array [
severity string
count int32
]
alertCountBySeverity object[]
Array [
severity string
count int32
]
vulnerabilityCounts object
problem object[]required
Array [
instance uri
type uri
parameters object
property name* object
title string
status object
reasonPhrase string
statusCode int32
detail string
]
]
finding object[]
Array [
problem object[]
Array [
instance uri
type uri
parameters object
property name* object
title string
status object
reasonPhrase string
statusCode int32
detail string
]
accountId string
count string
createdOn int64
customerId int64
cveId string
description string
externalId integer
id string
normalizedName string
normalizedNames string[]
nvdUrl string
link string
rawData string
regionId string
resourceCloudId string
resourceId int64
resourceUrl string
riskFactors string[]
Possible values: [CRITICAL_SEVERITY, HIGH_SEVERITY, MEDIUM_SEVERITY, HAS_FIX, REMOTE_EXECUTION, DOS, RECENT_VULNERABILITY, EXPLOIT_EXISTS, ATTACK_COMPLEXITY_LOW, ATTACK_VECTOR_NETWORK, REACHABLE_FROM_THE_INTERNET, LISTENING_PORTS, CONTAINER_IS_RUNNING_AS_ROOT, NO_MANDATORY_SECURITY_PROFILE_APPLIED, RUNNING_AS_PRIVILEGED_CONTAINER, PACKAGE_IN_USE, DOS_LOW, DOS_HIGH, EXPLOIT_EXISTS_IN_THE_WILD, EXPLOIT_EXISTS_POC, SENSITIVE_INFORMATION, ROOT_MOUNT, RUNTIME_SOCKET, HOST_ACCESS]
rlUpdatedOn int64
scanId string
score string
severity string
Possible values: [informational, low, medium, high, critical, error, warning, info]
source string
Possible values: [aws_inspector, aws_guard_duty, tenable, qualys, prisma_cloud, azure_security_center, prismacloud, inspector, guardduty, azuresecuritycenter]
sourceData object
status string
Possible values: [pending, no_error, error, enabled, disabled, open, dismissed, resolved, descoped, risk_scoring_error, active, closed, suppressed]
title string
type string
packageName string
updatedOn int64
]
findings object[]
Array [
problem object[]
Array [
instance uri
type uri
parameters object
property name* object
title string
status object
reasonPhrase string
statusCode int32
detail string
]
accountId string
count string
createdOn int64
customerId int64
cveId string
description string
externalId integer
id string
normalizedName string
normalizedNames string[]
nvdUrl string
link string
rawData string
regionId string
resourceCloudId string
resourceId int64
resourceUrl string
riskFactors string[]
Possible values: [CRITICAL_SEVERITY, HIGH_SEVERITY, MEDIUM_SEVERITY, HAS_FIX, REMOTE_EXECUTION, DOS, RECENT_VULNERABILITY, EXPLOIT_EXISTS, ATTACK_COMPLEXITY_LOW, ATTACK_VECTOR_NETWORK, REACHABLE_FROM_THE_INTERNET, LISTENING_PORTS, CONTAINER_IS_RUNNING_AS_ROOT, NO_MANDATORY_SECURITY_PROFILE_APPLIED, RUNNING_AS_PRIVILEGED_CONTAINER, PACKAGE_IN_USE, DOS_LOW, DOS_HIGH, EXPLOIT_EXISTS_IN_THE_WILD, EXPLOIT_EXISTS_POC, SENSITIVE_INFORMATION, ROOT_MOUNT, RUNTIME_SOCKET, HOST_ACCESS]
rlUpdatedOn int64
scanId string
score string
severity string
Possible values: [informational, low, medium, high, critical, error, warning, info]
source string
Possible values: [aws_inspector, aws_guard_duty, tenable, qualys, prisma_cloud, azure_security_center, prismacloud, inspector, guardduty, azuresecuritycenter]
sourceData object
status string
Possible values: [pending, no_error, error, enabled, disabled, open, dismissed, resolved, descoped, risk_scoring_error, active, closed, suppressed]
title string
type string
packageName string
updatedOn int64
]
vulnerabilities object[]
Array [
problem object[]
Array [
instance uri
type uri
parameters object
property name* object
title string
status object
reasonPhrase string
statusCode int32
detail string
]
accountId string
count string
createdOn int64
customerId int64
cveId string
description string
externalId integer
id string
normalizedName string
normalizedNames string[]
nvdUrl string
link string
rawData string
regionId string
resourceCloudId string
resourceId int64
resourceUrl string
riskFactors string[]
Possible values: [CRITICAL_SEVERITY, HIGH_SEVERITY, MEDIUM_SEVERITY, HAS_FIX, REMOTE_EXECUTION, DOS, RECENT_VULNERABILITY, EXPLOIT_EXISTS, ATTACK_COMPLEXITY_LOW, ATTACK_VECTOR_NETWORK, REACHABLE_FROM_THE_INTERNET, LISTENING_PORTS, CONTAINER_IS_RUNNING_AS_ROOT, NO_MANDATORY_SECURITY_PROFILE_APPLIED, RUNNING_AS_PRIVILEGED_CONTAINER, PACKAGE_IN_USE, DOS_LOW, DOS_HIGH, EXPLOIT_EXISTS_IN_THE_WILD, EXPLOIT_EXISTS_POC, SENSITIVE_INFORMATION, ROOT_MOUNT, RUNTIME_SOCKET, HOST_ACCESS]
rlUpdatedOn int64
scanId string
score string
severity string
Possible values: [informational, low, medium, high, critical, error, warning, info]
source string
Possible values: [aws_inspector, aws_guard_duty, tenable, qualys, prisma_cloud, azure_security_center, prismacloud, inspector, guardduty, azuresecuritycenter]
sourceData object
status string
Possible values: [pending, no_error, error, enabled, disabled, open, dismissed, resolved, descoped, risk_scoring_error, active, closed, suppressed]
title string
type string
packageName string
updatedOn int64
]
externalIntegration object[]
Array [
problem object
instance uri
type uri
parameters object
property name* object
title string
status object
reasonPhrase string
statusCode int32
detail string
id string
name string
firstSeen int64
lastSeen int64
rlUpdatedOn int64
source string
hasAgent boolean
tags object[]
assetJson object
]
network object[]
Array [
problem object
instance uri
type uri
parameters object
property name* object
title string
status object
reasonPhrase string
statusCode int32
detail string
id int64
access string
direction string
ips string
ports string
protocol string
priority int64
]
renderAttribute object
assetId string
appName string[]
allowDrillDown booleanrequired
hasNetwork booleanrequired
hasExternalFinding booleanrequired
hasExternalIntegration booleanrequired
hasExtFindingRiskFactors booleanrequired
assetClassId string
assetClass string
alertsCount object[]required
Array [
severity string
count int32
]
findingTypes string[]required
relatedImages object
assetCategory string
problem object[]required
Array [
instance uri
type uri
parameters object
property name* object
title string
status object
reasonPhrase string
statusCode int32
detail string
]
timeline object[]
Array [
problem object
instance uri
type uri
parameters object
property name* object
title string
status object
reasonPhrase string
statusCode int32
detail string
id string
eventName string
eventType string
type string
Possible values: [state_change, event, vulnerability]
timestamp int64
alertIds string[]
firstState boolean
similarSince int64
similarStateCount int32
user string
vulnerabilities object[]
Array [
id string
url string
]
previousStateId string
discoveredTs int64
]
ipAddresses string[]
errors object
Error Object.
message stringrequired
path object[]required
locations object[]required
extensions object
errorType string
Possible values: [UNKNOWN, INTERNAL, NOT_FOUND, UNAUTHENTICATED, PERMISSION_DENIED, BAD_REQUEST, UNAVAILABLE, FAILED_PRECONDITION]
errorDetail string
origin stringrequired
debugInfo objectrequired
subquery stringrequired
variables objectrequired
property name* object
classification stringrequired
pathAsString stringrequired

Example (from schema)

{
  "data": {
    "asset": {
      "problem": [
        {
          "instance": "string",
          "type": "string",
          "parameters": {},
          "title": "string",
          "status": {
            "reasonPhrase": "string",
            "statusCode": 0
          },
          "detail": "string"
        }
      ],
      "id": "string",
      "prismaId": "string",
      "appName": [
        "string"
      ],
      "externalAssetId": "string",
      "assetTypeId": 0,
      "cloudType": "all",
      "createdTs": 0,
      "insertTs": 0,
      "data": {},
      "dynamicData": {},
      "riskGrade": "string",
      "stateId": "string",
      "name": "string",
      "regionId": "string",
      "regionName": "string",
      "altAssetId": [
        "string"
      ],
      "url": "string",
      "vpcId": "string",
      "vpcExternalAssetId": "string",
      "vpcName": "string",
      "tags": {},
      "relationshipCounts": 0,
      "vulnerabilityCounts": {},
      "accountGroup": "string",
      "accountName": "string",
      "assetType": "string",
      "serviceName": "string",
      "resourceType": "string",
      "deleted": true,
      "assetClassId": "string",
      "assetClass": "string",
      "attributes": {},
      "packageInfo": {},
      "vulnerabilitiesAggregates": {},
      "alertsCount": [
        {
          "severity": "string",
          "count": 0
        }
      ],
      "alerts": [
        {
          "problem": {
            "instance": "string",
            "type": "string",
            "parameters": {},
            "title": "string",
            "status": {
              "reasonPhrase": "string",
              "statusCode": 0
            },
            "detail": "string"
          },
          "id": "string",
          "severity": "string",
          "policyId": "string",
          "isHyperionPolicy": true,
          "policyType": "string",
          "policyName": "string",
          "policyDescription": "string",
          "alertTime": 0
        }
      ],
      "relationships": [
        {
          "assetId": "string",
          "relationshipType": "string",
          "assetTypeId": 0,
          "assetType": "string",
          "assetName": "string",
          "externalAssetId": "string",
          "cloudId": "string",
          "cloudName": "string",
          "pseudoAsset": true,
          "region": "string",
          "cloudAccountId": "string",
          "assetClassId": "string",
          "assetClass": "string",
          "alertsCount": [
            {
              "severity": "string",
              "count": 0
            }
          ],
          "alertCountBySeverity": [
            {
              "severity": "string",
              "count": 0
            }
          ],
          "vulnerabilityCounts": {},
          "problem": [
            {
              "instance": "string",
              "type": "string",
              "parameters": {},
              "title": "string",
              "status": {
                "reasonPhrase": "string",
                "statusCode": 0
              },
              "detail": "string"
            }
          ]
        }
      ],
      "finding": [
        {
          "problem": [
            {
              "instance": "string",
              "type": "string",
              "parameters": {},
              "title": "string",
              "status": {
                "reasonPhrase": "string",
                "statusCode": 0
              },
              "detail": "string"
            }
          ],
          "accountId": "string",
          "count": "string",
          "createdOn": 0,
          "customerId": 0,
          "cveId": "string",
          "description": "string",
          "externalId": 0,
          "id": "string",
          "normalizedName": "string",
          "normalizedNames": [
            "string"
          ],
          "nvdUrl": "string",
          "link": "string",
          "rawData": "string",
          "regionId": "string",
          "resourceCloudId": "string",
          "resourceId": 0,
          "resourceUrl": "string",
          "riskFactors": [
            "CRITICAL_SEVERITY"
          ],
          "rlUpdatedOn": 0,
          "scanId": "string",
          "score": "string",
          "severity": "informational",
          "source": "aws_inspector",
          "sourceData": {},
          "status": "pending",
          "title": "string",
          "type": "string",
          "packageName": "string",
          "updatedOn": 0
        }
      ],
      "findings": [
        {
          "problem": [
            {
              "instance": "string",
              "type": "string",
              "parameters": {},
              "title": "string",
              "status": {
                "reasonPhrase": "string",
                "statusCode": 0
              },
              "detail": "string"
            }
          ],
          "accountId": "string",
          "count": "string",
          "createdOn": 0,
          "customerId": 0,
          "cveId": "string",
          "description": "string",
          "externalId": 0,
          "id": "string",
          "normalizedName": "string",
          "normalizedNames": [
            "string"
          ],
          "nvdUrl": "string",
          "link": "string",
          "rawData": "string",
          "regionId": "string",
          "resourceCloudId": "string",
          "resourceId": 0,
          "resourceUrl": "string",
          "riskFactors": [
            "CRITICAL_SEVERITY"
          ],
          "rlUpdatedOn": 0,
          "scanId": "string",
          "score": "string",
          "severity": "informational",
          "source": "aws_inspector",
          "sourceData": {},
          "status": "pending",
          "title": "string",
          "type": "string",
          "packageName": "string",
          "updatedOn": 0
        }
      ],
      "vulnerabilities": [
        {
          "problem": [
            {
              "instance": "string",
              "type": "string",
              "parameters": {},
              "title": "string",
              "status": {
                "reasonPhrase": "string",
                "statusCode": 0
              },
              "detail": "string"
            }
          ],
          "accountId": "string",
          "count": "string",
          "createdOn": 0,
          "customerId": 0,
          "cveId": "string",
          "description": "string",
          "externalId": 0,
          "id": "string",
          "normalizedName": "string",
          "normalizedNames": [
            "string"
          ],
          "nvdUrl": "string",
          "link": "string",
          "rawData": "string",
          "regionId": "string",
          "resourceCloudId": "string",
          "resourceId": 0,
          "resourceUrl": "string",
          "riskFactors": [
            "CRITICAL_SEVERITY"
          ],
          "rlUpdatedOn": 0,
          "scanId": "string",
          "score": "string",
          "severity": "informational",
          "source": "aws_inspector",
          "sourceData": {},
          "status": "pending",
          "title": "string",
          "type": "string",
          "packageName": "string",
          "updatedOn": 0
        }
      ],
      "externalIntegration": [
        {
          "problem": {
            "instance": "string",
            "type": "string",
            "parameters": {},
            "title": "string",
            "status": {
              "reasonPhrase": "string",
              "statusCode": 0
            },
            "detail": "string"
          },
          "id": "string",
          "name": "string",
          "firstSeen": 0,
          "lastSeen": 0,
          "rlUpdatedOn": 0,
          "source": "string",
          "hasAgent": true,
          "tags": [
            {}
          ],
          "assetJson": {}
        }
      ],
      "network": [
        {
          "problem": {
            "instance": "string",
            "type": "string",
            "parameters": {},
            "title": "string",
            "status": {
              "reasonPhrase": "string",
              "statusCode": 0
            },
            "detail": "string"
          },
          "id": 0,
          "access": "string",
          "direction": "string",
          "ips": "string",
          "ports": "string",
          "protocol": "string",
          "priority": 0
        }
      ],
      "renderAttribute": {
        "assetId": "string",
        "appName": [
          "string"
        ],
        "allowDrillDown": true,
        "hasNetwork": true,
        "hasExternalFinding": true,
        "hasExternalIntegration": true,
        "hasExtFindingRiskFactors": true,
        "assetClassId": "string",
        "assetClass": "string",
        "alertsCount": [
          {
            "severity": "string",
            "count": 0
          }
        ],
        "findingTypes": [
          "string"
        ],
        "relatedImages": {},
        "assetCategory": "string",
        "problem": [
          {
            "instance": "string",
            "type": "string",
            "parameters": {},
            "title": "string",
            "status": {
              "reasonPhrase": "string",
              "statusCode": 0
            },
            "detail": "string"
          }
        ]
      },
      "timeline": [
        {
          "problem": {
            "instance": "string",
            "type": "string",
            "parameters": {},
            "title": "string",
            "status": {
              "reasonPhrase": "string",
              "statusCode": 0
            },
            "detail": "string"
          },
          "id": "string",
          "eventName": "string",
          "eventType": "string",
          "type": "state_change",
          "timestamp": 0,
          "alertIds": [
            "string"
          ],
          "firstState": true,
          "similarSince": 0,
          "similarStateCount": 0,
          "user": "string",
          "vulnerabilities": [
            {
              "id": "string",
              "url": "string"
            }
          ],
          "previousStateId": "string",
          "discoveredTs": 0
        }
      ],
      "ipAddresses": [
        "string"
      ]
    }
  },
  "errors": {
    "message": "string",
    "path": [
      {}
    ],
    "locations": [
      {}
    ],
    "extensions": {
      "errorType": "UNKNOWN",
      "errorDetail": "string",
      "origin": "string",
      "debugInfo": {
        "subquery": "string",
        "variables": {}
      },
      "classification": "string"
    },
    "pathAsString": "string"
  }
}

Loading...