Get Asset
POST/uai/v1/asset
Returns detailed information for the asset with the given id.
The data field in the response object contains the raw JSON blob as returned by the source cloud service provider API for the given asset.
Only the rrn parameter in the request body is used for this API. Ignore the timelineItemId and findingType fields.
Ensure to add the required parameters for the asset query parameter with type as follows:
Type | Conditionally Required Query Parameters |
---|---|
external_finding |
|
alerts | alertIds |
attack_path | attackPathIds |
package_info |
|
labels | filters |
vulnerability_aggregates | filters |
process_info | filters |
vulnerabilities_group_by_type |
|
asset_cwp_vulns |
|
Request
- application/json
Body
required
- Array [
- ]
Unified Asset Id or RRN (Restricted Resource Name)
Possible values: [external_finding
, asset
, asset_lite
, alerts
, alerts_counts
, alert_summary
, finding_summary
, attack_path
, attack_path_summary
, raw_config
, network
, timeline
, external_integration
, asset_data_indicators
, relationships
, findings
, vulnerabilities
, permissions
, package_info
, labels
, vulnerability_aggregates
, process_info
, vulnerabilities_group_by_type
, asset_cwp_vulns
, app_contexts
, attributes
]
Asset Domain Service query type.
Possible values: [HOST_VULNERABILITY_CVE
, CONTAINER_IMAGE_VULNERABILITY_CVE
, VIRTUAL_IMAGE_VULNERABILITY_CVE
, SERVERLESS_VULNERABILITY
, PACKAGE_VULNERABILITY
, COMPLIANCE_CIS
, GUARD_DUTY_HOST
, GUARD_DUTY_IAM
, INSPECTOR_RBA
, INSPECTOR_SBP
, NETWORK_REACHABILITY
, AZURE_SECURITY_CENTER_ALERTS
]
External Finding Types
Possible values: [CRITICAL_SEVERITY
, HIGH_SEVERITY
, MEDIUM_SEVERITY
, HAS_FIX
, REMOTE_EXECUTION
, DOS
, RECENT_VULNERABILITY
, EXPLOIT_EXISTS
, ATTACK_COMPLEXITY_LOW
, ATTACK_VECTOR_NETWORK
, REACHABLE_FROM_THE_INTERNET
, LISTENING_PORTS
, CONTAINER_IS_RUNNING_AS_ROOT
, NO_MANDATORY_SECURITY_PROFILE_APPLIED
, RUNNING_AS_PRIVILEGED_CONTAINER
, PACKAGE_IN_USE
, DOS_LOW
, DOS_HIGH
, EXPLOIT_EXISTS_IN_THE_WILD
, EXPLOIT_EXISTS_POC
, SENSITIVE_INFORMATION
, ROOT_MOUNT
, RUNTIME_SOCKET
, HOST_ACCESS
]
External finding risk factors
Timeline Item ID
List of Alert Ids
attackPathIds object[]required
List of Attack Path Ids
Possible values: [ALERT_ID
]
Limit number of records
Permissions Type
Next Page Token
Filter Hyperion Findings
CVE Idf, or Package Id or Layer Id. The value needs to be fetched from one of the group by api calls
Possible values: [CVE
, PACKAGE
, LAYER
]
Supported Vuln Info Types: Package, layer and CVE
filters object
Filters applied to CWP Vulns
Responses
- 200
Successful Operation
- application/json
- Schema
- Example (from schema)
Schema
- Array [
- ]
- Array [
- ]
- Array [
- ]
- Array [
- Array [
- ]
- Array [
- ]
- Array [
- ]
- ]
- Array [
- Array [
- ]
- ]
- Array [
- Array [
- ]
- ]
- Array [
- Array [
- ]
- ]
- Array [
- ]
- Array [
- ]
- Array [
- ]
- Array [
- ]
- Array [
- Array [
- ]
- ]
data object
Asset Domain Service Object type.
asset object
Asset Domain Service Object type.
problem object[]
parameters object
status object
Possible values: [all
, aws
, azure
, gcp
, alibaba_cloud
, oci
, other
, ibm
]
attributes object
alertsCount object[]
alerts object[]
problem object
parameters object
status object
relationships object[]
alertsCount object[]
alertCountBySeverity object[]
problem object[]required
parameters object
status object
finding object[]
problem object[]
parameters object
status object
Possible values: [CRITICAL_SEVERITY
, HIGH_SEVERITY
, MEDIUM_SEVERITY
, HAS_FIX
, REMOTE_EXECUTION
, DOS
, RECENT_VULNERABILITY
, EXPLOIT_EXISTS
, ATTACK_COMPLEXITY_LOW
, ATTACK_VECTOR_NETWORK
, REACHABLE_FROM_THE_INTERNET
, LISTENING_PORTS
, CONTAINER_IS_RUNNING_AS_ROOT
, NO_MANDATORY_SECURITY_PROFILE_APPLIED
, RUNNING_AS_PRIVILEGED_CONTAINER
, PACKAGE_IN_USE
, DOS_LOW
, DOS_HIGH
, EXPLOIT_EXISTS_IN_THE_WILD
, EXPLOIT_EXISTS_POC
, SENSITIVE_INFORMATION
, ROOT_MOUNT
, RUNTIME_SOCKET
, HOST_ACCESS
]
Possible values: [informational
, low
, medium
, high
, critical
, error
, warning
, info
]
Possible values: [aws_inspector
, aws_guard_duty
, tenable
, qualys
, prisma_cloud
, azure_security_center
, prismacloud
, inspector
, guardduty
, azuresecuritycenter
]
Possible values: [pending
, no_error
, error
, enabled
, disabled
, open
, dismissed
, resolved
, descoped
, risk_scoring_error
, active
, closed
, suppressed
]
findings object[]
problem object[]
parameters object
status object
Possible values: [CRITICAL_SEVERITY
, HIGH_SEVERITY
, MEDIUM_SEVERITY
, HAS_FIX
, REMOTE_EXECUTION
, DOS
, RECENT_VULNERABILITY
, EXPLOIT_EXISTS
, ATTACK_COMPLEXITY_LOW
, ATTACK_VECTOR_NETWORK
, REACHABLE_FROM_THE_INTERNET
, LISTENING_PORTS
, CONTAINER_IS_RUNNING_AS_ROOT
, NO_MANDATORY_SECURITY_PROFILE_APPLIED
, RUNNING_AS_PRIVILEGED_CONTAINER
, PACKAGE_IN_USE
, DOS_LOW
, DOS_HIGH
, EXPLOIT_EXISTS_IN_THE_WILD
, EXPLOIT_EXISTS_POC
, SENSITIVE_INFORMATION
, ROOT_MOUNT
, RUNTIME_SOCKET
, HOST_ACCESS
]
Possible values: [informational
, low
, medium
, high
, critical
, error
, warning
, info
]
Possible values: [aws_inspector
, aws_guard_duty
, tenable
, qualys
, prisma_cloud
, azure_security_center
, prismacloud
, inspector
, guardduty
, azuresecuritycenter
]
Possible values: [pending
, no_error
, error
, enabled
, disabled
, open
, dismissed
, resolved
, descoped
, risk_scoring_error
, active
, closed
, suppressed
]
vulnerabilities object[]
problem object[]
parameters object
status object
Possible values: [CRITICAL_SEVERITY
, HIGH_SEVERITY
, MEDIUM_SEVERITY
, HAS_FIX
, REMOTE_EXECUTION
, DOS
, RECENT_VULNERABILITY
, EXPLOIT_EXISTS
, ATTACK_COMPLEXITY_LOW
, ATTACK_VECTOR_NETWORK
, REACHABLE_FROM_THE_INTERNET
, LISTENING_PORTS
, CONTAINER_IS_RUNNING_AS_ROOT
, NO_MANDATORY_SECURITY_PROFILE_APPLIED
, RUNNING_AS_PRIVILEGED_CONTAINER
, PACKAGE_IN_USE
, DOS_LOW
, DOS_HIGH
, EXPLOIT_EXISTS_IN_THE_WILD
, EXPLOIT_EXISTS_POC
, SENSITIVE_INFORMATION
, ROOT_MOUNT
, RUNTIME_SOCKET
, HOST_ACCESS
]
Possible values: [informational
, low
, medium
, high
, critical
, error
, warning
, info
]
Possible values: [aws_inspector
, aws_guard_duty
, tenable
, qualys
, prisma_cloud
, azure_security_center
, prismacloud
, inspector
, guardduty
, azuresecuritycenter
]
Possible values: [pending
, no_error
, error
, enabled
, disabled
, open
, dismissed
, resolved
, descoped
, risk_scoring_error
, active
, closed
, suppressed
]
externalIntegration object[]
problem object
parameters object
status object
network object[]
problem object
parameters object
status object
renderAttribute object
alertsCount object[]required
problem object[]required
parameters object
status object
timeline object[]
problem object
parameters object
status object
Possible values: [state_change
, event
, vulnerability
]
vulnerabilities object[]
errors object
Error Object.
extensions object
Possible values: [UNKNOWN
, INTERNAL
, NOT_FOUND
, UNAUTHENTICATED
, PERMISSION_DENIED
, BAD_REQUEST
, UNAVAILABLE
, FAILED_PRECONDITION
]
debugInfo objectrequired
variables objectrequired
{
"data": {
"asset": {
"problem": [
{
"instance": "string",
"type": "string",
"parameters": {},
"title": "string",
"status": {
"reasonPhrase": "string",
"statusCode": 0
},
"detail": "string"
}
],
"id": "string",
"prismaId": "string",
"appName": [
"string"
],
"externalAssetId": "string",
"assetTypeId": 0,
"cloudType": "all",
"createdTs": 0,
"insertTs": 0,
"data": {},
"dynamicData": {},
"riskGrade": "string",
"stateId": "string",
"name": "string",
"regionId": "string",
"regionName": "string",
"altAssetId": [
"string"
],
"url": "string",
"vpcId": "string",
"vpcExternalAssetId": "string",
"vpcName": "string",
"tags": {},
"relationshipCounts": 0,
"vulnerabilityCounts": {},
"accountGroup": "string",
"accountName": "string",
"assetType": "string",
"serviceName": "string",
"resourceType": "string",
"deleted": true,
"assetClassId": "string",
"assetClass": "string",
"attributes": {},
"packageInfo": {},
"vulnerabilitiesAggregates": {},
"alertsCount": [
{
"severity": "string",
"count": 0
}
],
"alerts": [
{
"problem": {
"instance": "string",
"type": "string",
"parameters": {},
"title": "string",
"status": {
"reasonPhrase": "string",
"statusCode": 0
},
"detail": "string"
},
"id": "string",
"severity": "string",
"policyId": "string",
"isHyperionPolicy": true,
"policyType": "string",
"policyName": "string",
"policyDescription": "string",
"alertTime": 0
}
],
"relationships": [
{
"assetId": "string",
"relationshipType": "string",
"assetTypeId": 0,
"assetType": "string",
"assetName": "string",
"externalAssetId": "string",
"cloudId": "string",
"cloudName": "string",
"pseudoAsset": true,
"region": "string",
"cloudAccountId": "string",
"assetClassId": "string",
"assetClass": "string",
"alertsCount": [
{
"severity": "string",
"count": 0
}
],
"alertCountBySeverity": [
{
"severity": "string",
"count": 0
}
],
"vulnerabilityCounts": {},
"problem": [
{
"instance": "string",
"type": "string",
"parameters": {},
"title": "string",
"status": {
"reasonPhrase": "string",
"statusCode": 0
},
"detail": "string"
}
]
}
],
"finding": [
{
"problem": [
{
"instance": "string",
"type": "string",
"parameters": {},
"title": "string",
"status": {
"reasonPhrase": "string",
"statusCode": 0
},
"detail": "string"
}
],
"accountId": "string",
"count": "string",
"createdOn": 0,
"customerId": 0,
"cveId": "string",
"description": "string",
"externalId": 0,
"id": "string",
"normalizedName": "string",
"normalizedNames": [
"string"
],
"nvdUrl": "string",
"link": "string",
"rawData": "string",
"regionId": "string",
"resourceCloudId": "string",
"resourceId": 0,
"resourceUrl": "string",
"riskFactors": [
"CRITICAL_SEVERITY"
],
"rlUpdatedOn": 0,
"scanId": "string",
"score": "string",
"severity": "informational",
"source": "aws_inspector",
"sourceData": {},
"status": "pending",
"title": "string",
"type": "string",
"packageName": "string",
"updatedOn": 0
}
],
"findings": [
{
"problem": [
{
"instance": "string",
"type": "string",
"parameters": {},
"title": "string",
"status": {
"reasonPhrase": "string",
"statusCode": 0
},
"detail": "string"
}
],
"accountId": "string",
"count": "string",
"createdOn": 0,
"customerId": 0,
"cveId": "string",
"description": "string",
"externalId": 0,
"id": "string",
"normalizedName": "string",
"normalizedNames": [
"string"
],
"nvdUrl": "string",
"link": "string",
"rawData": "string",
"regionId": "string",
"resourceCloudId": "string",
"resourceId": 0,
"resourceUrl": "string",
"riskFactors": [
"CRITICAL_SEVERITY"
],
"rlUpdatedOn": 0,
"scanId": "string",
"score": "string",
"severity": "informational",
"source": "aws_inspector",
"sourceData": {},
"status": "pending",
"title": "string",
"type": "string",
"packageName": "string",
"updatedOn": 0
}
],
"vulnerabilities": [
{
"problem": [
{
"instance": "string",
"type": "string",
"parameters": {},
"title": "string",
"status": {
"reasonPhrase": "string",
"statusCode": 0
},
"detail": "string"
}
],
"accountId": "string",
"count": "string",
"createdOn": 0,
"customerId": 0,
"cveId": "string",
"description": "string",
"externalId": 0,
"id": "string",
"normalizedName": "string",
"normalizedNames": [
"string"
],
"nvdUrl": "string",
"link": "string",
"rawData": "string",
"regionId": "string",
"resourceCloudId": "string",
"resourceId": 0,
"resourceUrl": "string",
"riskFactors": [
"CRITICAL_SEVERITY"
],
"rlUpdatedOn": 0,
"scanId": "string",
"score": "string",
"severity": "informational",
"source": "aws_inspector",
"sourceData": {},
"status": "pending",
"title": "string",
"type": "string",
"packageName": "string",
"updatedOn": 0
}
],
"externalIntegration": [
{
"problem": {
"instance": "string",
"type": "string",
"parameters": {},
"title": "string",
"status": {
"reasonPhrase": "string",
"statusCode": 0
},
"detail": "string"
},
"id": "string",
"name": "string",
"firstSeen": 0,
"lastSeen": 0,
"rlUpdatedOn": 0,
"source": "string",
"hasAgent": true,
"tags": [
{}
],
"assetJson": {}
}
],
"network": [
{
"problem": {
"instance": "string",
"type": "string",
"parameters": {},
"title": "string",
"status": {
"reasonPhrase": "string",
"statusCode": 0
},
"detail": "string"
},
"id": 0,
"access": "string",
"direction": "string",
"ips": "string",
"ports": "string",
"protocol": "string",
"priority": 0
}
],
"renderAttribute": {
"assetId": "string",
"appName": [
"string"
],
"allowDrillDown": true,
"hasNetwork": true,
"hasExternalFinding": true,
"hasExternalIntegration": true,
"hasExtFindingRiskFactors": true,
"assetClassId": "string",
"assetClass": "string",
"alertsCount": [
{
"severity": "string",
"count": 0
}
],
"findingTypes": [
"string"
],
"relatedImages": {},
"assetCategory": "string",
"problem": [
{
"instance": "string",
"type": "string",
"parameters": {},
"title": "string",
"status": {
"reasonPhrase": "string",
"statusCode": 0
},
"detail": "string"
}
]
},
"timeline": [
{
"problem": {
"instance": "string",
"type": "string",
"parameters": {},
"title": "string",
"status": {
"reasonPhrase": "string",
"statusCode": 0
},
"detail": "string"
},
"id": "string",
"eventName": "string",
"eventType": "string",
"type": "state_change",
"timestamp": 0,
"alertIds": [
"string"
],
"firstState": true,
"similarSince": 0,
"similarStateCount": 0,
"user": "string",
"vulnerabilities": [
{
"id": "string",
"url": "string"
}
],
"previousStateId": "string",
"discoveredTs": 0
}
],
"ipAddresses": [
"string"
]
}
},
"errors": {
"message": "string",
"path": [
{}
],
"locations": [
{}
],
"extensions": {
"errorType": "UNKNOWN",
"errorDetail": "string",
"origin": "string",
"debugInfo": {
"subquery": "string",
"variables": {}
},
"classification": "string"
},
"pathAsString": "string"
}
}