Get Discovered Assets

Authorizations

Authorization

string

header

required

The access token received from the authorization server in the OAuth 2.0 flow.

Path Parameters

organizationUid

string

required

Unique identifier for an organization.

Query Parameters

listingUid[]

string[]

Unique identifier for an listing. If not supplied the request will apply to all listings the user is authorized to access.

Unique identifier for an listing.

assetType[]

enum<string>[]

Restrict the returned asset summaries to only assets of the specified type.

Available options:

cloudaccount,

host,

network,

mobileapp,

webapp

hostType[]

enum<string>[]

Restrict the returned asset summaries to only the types of host assets requested when assetType also includes host.

Available options:

ip,

cidr,

fqdn,

as

seedUid[]

string

Restrict the returned asset summaries to only those discovered from provided seed identifier. Unique identifier for an E-ASM seed.

string

Optional query parameter for a search string that will be used to match within the label or location properties of assets. If this query parameter is provided, any location query parameter will be ignored.

perPage

integer<int32>

Requested page size for pagination. A server-selected default of 100 will be used when no perPage is requested via query parameter.

Required range: 1 <= x <= 5000

page

integer<int32>

Page to retrieve in paginated response. A server-selected default of 1 will be used when no page is requested via query parameter.

Required range: x >= 1

sort

enum<string>

Optional property to sort results by.

Available options:

location,

label,

createdAt,

updatedAt,

lastReachableAt

sortDir

enum<string>

default:asc

Direction of sort-order for items in the response.

Available options:

asc,

desc

Response

Paginated discovered asset summaries.

totalByStatus

object

Show child attributes

totalByStatus.all

number

totalByStatus.unconfirmed

number

totalByStatus.inTriage

number

totalByStatus.triaged

number

totalByStatus.confirmed

number

totalByStatus.rejected

number

discoveredAssets

object[]

Show child attributes

discoveredAssets.createdAt

string<date-time>

required

Automatically set by the server to the time the request was processed whenever the resource was created.

discoveredAssets.createdBy

string

required

Automatically set by the server to the requesting user whenever the resource is updated. May be a user account or a service account if the action is performed by an automated.

discoveredAssets.uid

string

Unique Identifier.

discoveredAssets.organizationUid

string

Unique identifier for an organization.

discoveredAssets.location

string

Derived human-readable text representation of the asset, based on assetType and other properties.

discoveredAssets.assetType

enum<string>

Derived from the properties associated with the asset.

Available options:

cloudaccount,

host,

network,

mobileapp,

webapp

discoveredAssets.label

string

Optional label for the asset. If present, label is part of the derived property of asset location, which enables creation of multiple assets with different labels under a single organization.

discoveredAssets.origin

enum<string>

default:provided

Indicates the origin for the asset, i.e. whether the asset was provided manually or it was discovered by some sort of automation.

Available options:

provided,

discovered

discoveredAssets.changeStatus

enum<string>

default:unchanged

Indicates whether the asset is newly discovered, has changed since last evaluated, or is unchanged.

Available options:

new,

changed,

unchanged

discoveredAssets.providerName

string

Name of the cloud or hosting provider according to fingerprinting.

discoveredAssets.lastCheckedAt

string<date-time>

The last date time the credential was checked.

discoveredAssets.lastReachableAt

string<date-time>

The last date time the asset was successfully checked for reachability.

discoveredAssets.lastSuccessfulScan

string<date-time>

The last date time the asset scan was successful.

discoveredAssets.lastFailedScan

string<date-time>

The last date time the asset scan was failed.

discoveredAssets.firstSeen

string<date-time>

For assets with an origin of discovered. The date time when the asset was first discovered.

discoveredAssets.lastSeen

string<date-time>

For assets with an origin of discovered. The date time when the asset was last discovered or fingerprinted.

discoveredAssets.status

enum<string>

Status reported by automated checkers.

Available options:

unchecked,

invalid,

valid

discoveredAssets.errorCode

integer<int32>

Optional numeric error code set by an automated process such as scanning or checking.

discoveredAssets.listings

object[]

Array of listings the asset belongs to.

Show child attributes

discoveredAssets.listings.listingUid

string

Unique identifier for an listing.

discoveredAssets.listings.scope

enum<string>

Set to in-scope means automated and manual testing should occur; out-of-scope means automated and manual testing must not occur; discovered means observed through automated discovery and may be automatically removed if not observed again during subseqent discovery activities.

Available options:

in,

out,

discovered,

blocked

discoveredAssets.listings.scopeRules

object[]

Out of scope locations for this asset.

Show child attributes

discoveredAssets.listings.scopeRules.uid

string

required

Unique Identifier.

discoveredAssets.listings.scopeRules.rule

string

required

A textual definition of the scope rule. Format will vary by assetType.

discoveredAssets.listings.scopeRules.scope

enum<string>

required

Available options:

in,

out

discoveredAssets.listings.scopeRules.appliesTo

enum<string>

required

Available options:

scanners,

srt,

both

discoveredAssets.listings.scopeRules.createdAt

string<date-time>

required

Automatically set by the server to the time the request was processed whenever the resource was created.

discoveredAssets.listings.scopeRules.createdBy

string

required

Automatically set by the server to the requesting user whenever the resource is updated. May be a user account or a service account if the action is performed by an automated.

discoveredAssets.listings.scopeRules.updatedAt

string<date-time>

Automatically set by the server to the time the request was processed whenever the resource is updated.

discoveredAssets.listings.scopeRules.updatedBy

string

Automatically set by the server to the requesting user whenever the resource is updated. May be a user account or a service account if the action is performed by an automated.

discoveredAssets.listings.createdAt

string<date-time>

Automatically set by the server to the time the listing asset association was created.

discoveredAssets.listings.updatedAt

string<date-time>

Automatically set by the server to the time the listing asset association is updated.

Relationships which this asset participates in, either as a source or as a target.

Show child attributes

Unique Identifier.

Available options:

cloudaccount,

host,

network,

mobileapp,

webapp

Derived human-readable text representation of the asset, based on assetType and other properties.

Optional label for the asset. If present, label is part of the derived property of asset location, which enables creation of multiple assets with different labels under a single organization.

discoveredAssets.updatedAt

string<date-time>

Automatically set by the server to the time the request was processed whenever the resource is updated.

discoveredAssets.updatedBy

string

Automatically set by the server to the requesting user whenever the resource is updated. May be a user account or a service account if the action is performed by an automated.

Asset Management v2 API

Vulnerability Management API

Asset Tagging v1 API

Platform v1 API

Query API v1

Authorizations

Path Parameters

Query Parameters

Response