Assets GraphQL API🔗
Node🔗
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| id | ID |
ID🔗
Description: The ID scalar type represents a unique identifier, often used to refetch an object or as key for a cache. The ID type appears in a JSON response as a String; however, it is not intended to be human-readable. When expected as an input type, any string (such as "4") or integer (such as 4) input value will be accepted as an ID.
Asset🔗
Description: Describes an Asset in Red Cloak TDR.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| id | ID | ||
| hostId | String | ||
| rn | String | ||
| tenantId | String | ||
| sensorTenant | String | ||
| sensorId | String | ||
| ingestTime | Time | ||
| createdAt | Time | ||
| updatedAt | Time | ||
| deletedAt | Time | ||
| lastSeenAt | Time | ||
| biosSerial | String | ||
| firstDiskSerial | String | ||
| systemVolumeSerial | String | ||
| sensorVersion | String | ||
| endpointType | String | ||
| endpointPlatform | String | ||
| hostnames | Hostname | ||
| ethernetAddresses | EthernetAddress | ||
| ipAddresses | IpAddress | ||
| users | User | ||
| architecture | String | ||
| osFamily | String | ||
| osVersion | String | ||
| osDistributor | String | ||
| osRelease | String | ||
| systemType | String | ||
| osCodename | String | ||
| kernelRelease | String | ||
| kernelVersion | String | ||
| tags | Tag | ||
| connectionStatus | String | ||
| model | String | ||
| cloudProviderName | String | ||
| cloudInstanceId | String | ||
| endpointGroup | EndpointGroup | ||
| status | String |
String🔗
Description: The String scalar type represents textual data, represented as UTF-8 character sequences. The String type is most often used by GraphQL to represent free-form human-readable text.
EndpointGroup🔗
Description: Describes the endpoint group information of a asset.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| id | ID |
AssetHistory🔗
Description: Describes the history of an asset.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| id | ID | ||
| createdAt | Time | ||
| updatedAt | Time | ||
| assetId | ID | ||
| tenantId | String | ||
| hostId | String | ||
| action | String | ||
| who | String | ||
| reason | String |
AssetRedCloakHistory🔗
Description: Describes the Red Cloak agent history of an asset.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| action | String | ||
| allowedDomain | String | ||
| assetId | String | ||
| contact | AssetHistoryContact | ||
| createdAt | String | ||
| event | AssetHistoryEvent | ||
| id | AssetHistoryId | ||
| reason | String | ||
| tenantId | String |
AssetHistoryContact🔗
Description: Describes the contact of an asset history.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| String | |||
| name | String | ||
| sub | String |
AssetHistoryEvent🔗
Description: Describes the event of an asset history.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| domainName | String | ||
| hostName | String |
AssetHistoryId🔗
Description: Contains the host id and instance id of an asset history.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| hostId | String | ||
| instanceId | String |
Hostname🔗
Description: Describes the hostname of an asset.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| id | ID | ||
| createdAt | Time | ||
| updatedAt | Time | ||
| hostId | String | ||
| hostname | String |
EthernetAddress🔗
Description: Describes the ethernet address of an asset.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| id | ID | ||
| createdAt | Time | ||
| updatedAt | Time | ||
| hostId | String | ||
| mac | String |
IpAddress🔗
Description: Describes the IP Address of an asset.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| id | ID | ||
| createdAt | Time | ||
| updatedAt | Time | ||
| ip | String | ||
| hostId | String |
User🔗
Description: Describes the user of an asset.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| id | ID | ||
| createdAt | Time | ||
| updatedAt | Time | ||
| hostId | String | ||
| username | String |
EndpointInfo🔗
Description: Describes the endpoint information of a Red Cloak agent asset.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| actualIsolationStatus | Boolean | ||
| allowedDomain | String | ||
| color | String | ||
| desiredIsolationStatus | Boolean | ||
| firstConnectTime | String | ||
| hostId | String | ||
| hostName | String | ||
| ignitionDetails | IgnitionDetails | ||
| lastConnectAddress | String | ||
| lastConnectServer | String | ||
| lastConnectTime | String | ||
| lastCrashCheck | String | ||
| lastModuleStatusTime | String | ||
| lastPredicateAuthtap | String | ||
| lastPredicateCyclorama | String | ||
| lastPredicateEntwine | String | ||
| lastPredicateGroundling | String | ||
| lastPredicateHostel | String | ||
| lastPredicateLacuna | String | ||
| lastPredicateMukluk | String | ||
| lastPredicatePeriodicscanControl | String | ||
| lastPredicatePeriodicscanResult | String | ||
| lastPredicateProcwall | String | ||
| lastPredicateSystemInformation | String | ||
| moduleHealth | ModuleHealth | ||
| moduleStatus | ModuleStatus | ||
| notableEventCount | Int | ||
| sensorVersion | Int | ||
| systemInformation | SystemInformation |
Boolean🔗
Description: The Boolean scalar type represents true or false.
Int🔗
Description: The Int scalar type represents non-fractional signed whole numeric values. Int can represent values between -(2^31) and 2^31 - 1.
IgnitionDetails🔗
Description: Describes the ignition details of a Red Cloak agent asset.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| isEndpointConfigExist | Boolean | ||
| requestStatus | String |
ModuleHealth🔗
Description: Describes the ModuleHealth of a Red Cloak agent asset.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| enabled | String | ||
| lastPredicateTime | String | ||
| lastRunningTime | String | ||
| moduleColor | String | ||
| moduleDisplayName | String |
ModuleStatus🔗
Description: Describes the module status of a Red Cloak agent asset.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| enabled | Boolean | ||
| moduleName | String | ||
| moduleState | String |
SystemInformation🔗
Description: Describes the system information of a Red Cloak agent asset.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| architecture | String | ||
| biosSerial | String | ||
| ethernetAddress | String | ||
| firstDiskSerial | String | ||
| hostName | String | ||
| ipAddress | String | ||
| isServerR2For2003And2008 | Boolean | ||
| productType | String | ||
| redcloakVersion | Int | ||
| servicePack | String | ||
| systemVolumeSerial | String | ||
| windowsVersion | String |
AssetCounts🔗
Description: Count of assets
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| count | Int |
AssetCountsByEndpointType🔗
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| endpointType | String | ||
| count | Int |
AgentType🔗
Description: Type of Red Cloak endpoint agent.
Tag🔗
Description: Describes the tag data associated with an asset
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| id | ID | ||
| hostId | String | ||
| tenantId | String | ||
| createdAt | Time | ||
| updatedAt | Time | ||
| tag | String | ||
| key | String |
UpdateTag🔗
Description: Describes the tag data associated with an asset
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| id | ID | ||
| tenantId | String | ||
| tag | String |
AssetInput🔗
Description: Describes the input of Asset data for creating an Asset Tag
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| id | ID | ||
| tags | String |
AssetsOrderByInput🔗
Description: Describes the enums available for the ordering of the AllAssets and SearchAssets queries.
AssetsOrderDirectionInput🔗
Description: Describes the order direction available for the order field of the AllAssets and SearchAssets queries.
AssetsResult🔗
Description: Describes the return type of the AllAssets and SearchAssets queries.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| totalResults | Int | ||
| offset | Int | ||
| limit | Int | ||
| assets | Asset |
AssetStateFilter🔗
SearchAssetsInput🔗
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| hostname | String | ||
| host_id | String | ||
| ip_address | String | ||
| mac_address | String | ||
| os_version | String | ||
| os_family | String | ||
| os_distributor | String | ||
| sensor_version | String | ||
| username | String | ||
| endpoint_type | String | ||
| tag | String | ||
| host_id_partial_match | Boolean | ||
| only_most_recent | Boolean | ||
| or_search | Boolean | ||
| filter_asset_state | AssetStateFilter | ||
| investigation_id | String |
SearchAssetsPaginationInput🔗
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| offset | Int | ||
| limit | Int | ||
| order_by | AssetsOrderByInput | ||
| order_direction | AssetsOrderDirectionInput |
AssetsExportOutput🔗
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| columnDef | String | ||
| rows | String | ||
| totalCount | Int |
EndpointType🔗
AssetsBySessionArguments🔗
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| key | String | ||
| offset | Int | ||
| limit | Int |
Query🔗
Description: Red Cloak TDR uses GraphQL queries, which can either be a read (Query) or a write (Mutation) operation. A GraphQL query is used to read or fetch values; mutations write or post values. Responses are provided in a JSON format.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| node | Node | id: ID | |
| tag | Tag | Gen an asset tag by id | id: ID |
| asset | Asset | Get an asset by id | id: ID |
| assetsByTag | Asset | Get a list of assets with tag | tags: String |
| allUniqueTags | String | Get a list of all unique tags | |
| assetEndpointInfo | EndpointInfo | Get RedCloak endpoint info by id | id: ID |
| allAssets | AssetsResult | Get a list of assets | offset: Int, limit: Int, order_by: AssetsOrderByInput, order_direction: AssetsOrderDirectionInput, filter_asset_state: AssetStateFilter, only_most_recent: Boolean |
| allAssetsExport | AssetsResult | Get a list of assets for export to CSV | offset: Int, limit: Int |
| assetCount | AssetCounts | Count of assets of a specific endpoint_type | endpoint_type: AgentType |
| assetCountGroupByEndpointType | AssetCountsByEndpointType | Count of assets of grouped by endpoint_type | |
| allAssetsCount | AssetCounts | Count of all assets | |
| assetsByIds | Asset | Bulk lookup by ids | ids: ID |
| assetsByHostIds | Asset | Bulk lookup by hostIds | hostIds: String |
| assetsByIpAddresses | Asset | Bulk lookup by ipAddress | ipAddresses: String |
| allAssetHistories | AssetHistory | Get a list of asset histories for the tenant | offset: Int, limit: Int |
| assetRedCloakHistories | AssetRedCloakHistory | Get history of actions on an asset by id (includes RedCloack history) | id: ID, offset: Int, limit: Int |
| searchAssets | AssetsResult | search assets. Soon to be deprecated | offset: Int, limit: Int, hostname: String, host_id: String, ip_address: String, mac_address: String, os_version: String, os_family: String, os_distributor: String, sensor_version: String, username: String, endpoint_type: String, tag: String, host_id_partial_match: Boolean, only_most_recent: Boolean, order_by: AssetsOrderByInput, order_direction: AssetsOrderDirectionInput, or_search: Boolean, filter_asset_state: AssetStateFilter |
| searchAssetsV2 | AssetsResult | search assets v2 | input: SearchAssetsInput, paginationInput: SearchAssetsPaginationInput |
| exportSearchAssets | AssetsExportOutput | export search assets results | input: SearchAssetsInput, paginationInput: SearchAssetsPaginationInput, legacy: Boolean |
| assetsBySession | Asset | Return a list of assets for multiple tenants | arguments: AssetsBySessionArguments |
Mutation🔗
Description: Mutations in GraphQL enable you to modify data. For the Red Cloak TDR Alerts GraphQL API, mutations allow you to create alerts and input information into alerts. For more information on GraphQL mutations see Mutation and Input Types.
Fields🔗
| Field | Type | Description | Arguments |
|---|---|---|---|
| isolateAsset | Asset | Isolate an asset by id | id: ID, reason: String |
| integrateAsset | Asset | Integate an asset by id | id: ID, reason: String |
| deleteAssets | Boolean | Delete or un-delete asset | ids: ID, undelete: Boolean |
| createAssetTag | Tag | Create a new tag for an asseti | hostId: String, tag: String |
| updateAssetTag | Tag | Updates a tag for an asset | id: ID, tag: String |
| deleteAssetTag | Tag | Deletes a tag for an asset | id: ID |
| updateAsset | Asset | Updated the tags for an asset | assetInput: AssetInput |
| addInvestigationAssets | Asset | add investigation assets relation for the list of host_ids and return the asset ids | hostIds: String, assetIds: String, investigationId: String |
| removeInvestigationAssets | Boolean | remove investigation assets relation | assetIds: String, investigationId: String |
Time🔗
Description: Default time implementation for this library.