Skip to content

Endpoint Assets GraphQL API🔗

Node🔗

Description: Used by Nautilus for other Red Cloak TDR graphQL model resolution.

Fields🔗

Field Type Description Arguments
id ID The unique identifier for the node.

ID🔗

Description: The ID scalar type represents a unique identifier, often used to refetch an object or as key for a cache. The ID type appears in a JSON response as a String; however, it is not intended to be human-readable. When expected as an input type, any string (such as "4") or integer (such as 4) input value will be accepted as an ID.

AssetState🔗

Description: Describes the current state of the asset.

AssetV2🔗

Description: Represents an asset in the Taegis ecosystem. Assets combine information from programs known as "agents" and the machines they are installed on. Agents emit telemetry to Taegis XDR, and approved ones (the Taegis, RCC, Defender, CrowdStrike, and CarbonBlack agents) are available as assets.

Fields🔗

Field Type Description Arguments
id ID The unique identifier for the asset.
hostId String The unique identifier for the host of the asset.
rn String The resource name of the asset.
tenantId String The unique identifier for the tenant of the asset.
sensorTenant String The unique identifier for the sensor tenant of the asset.
sensorId String The unique identifier for the sensor of the asset.
ingestTime Time The time when the asset data was ingested.
createdAt Time The time when the asset was created.
updatedAt Time The time when the asset was last updated.
deletedAt Time The time when the asset was deleted.
lastSeenAt Time The time when the asset was last seen.
biosSerial String The BIOS serial number of the asset.
firstDiskSerial String The serial number of the first disk of the asset.
systemVolumeSerial String The serial number of the system volume of the asset.
sensorVersion String The version of the sensor of the asset.
endpointType String The type of the endpoint of the asset.
endpointPlatform String The platform of the endpoint of the asset.
hostnames HostnameV2 The hostnames associated with the asset.
ethernetAddresses EthernetAddressV2 The ethernet addresses associated with the asset.
ipAddresses IpAddressV2 The IP addresses associated with the asset.
users UserV2 The users associated with the asset.
architecture String The architecture of the asset.
osFamily String The OS family of the asset.
osVersion String The OS version of the asset.
osVersionNormalized String The normalized OS version of the asset.
osDistributor String The distributor of the OS of the asset.
osRelease String The release of the OS of the asset.
systemType String The type of the system of the asset.
osCodename String The codename of the OS of the asset.
kernelRelease String The release of the kernel of the asset.
kernelVersion String The version of the kernel of the asset.
tags TagV2 The tags associated with the asset.
connectionStatus String The connection status of the asset. This field is deprecated.
isolationStatus String The isolation status of the asset.
desiredIsolationStatus String The desired isolation status of the asset.
model String The model of the asset.
cloudProviderName String The name of the cloud provider of the asset.
cloudInstanceId String The instance ID of the asset in the cloud provider.
endpointGroup EndpointGroupV2 The endpoint group associated with the asset.
status String The status of the asset.
investigations AssetInvestigation The investigations associated with the asset. first: Int, orderBy: InvestigationsOrderByInput
vulnerabilityDetails VulnerabilityDetails The vulnerability details of the asset.
agentSettings AgentSettings The agent settings of the asset.
connectionDetails ConnectionDetails The connection details of the asset.
unInstallable Boolean Whether the asset is uninstallable or not.
agentPolicyVersion String The version of the agent config policy the asset is using
uninstall Boolean Whether the asset is scheduled for uninstall.

String🔗

Description: The String scalar type represents textual data, represented as UTF-8 character sequences. The String type is most often used by GraphQL to represent free-form human-readable text.

Int🔗

Description: The Int scalar type represents non-fractional signed whole numeric values. Int can represent values between -(2^31) and 2^31 - 1.

Boolean🔗

Description: The Boolean scalar type represents true or false.

ConnectionDetails🔗

Description: Represents information about the connection of the asset to the backend

Fields🔗

Field Type Description Arguments
connectionStatus String The connection status of the asset.
updatedAt Time The time when the asset was last connected.
lastConnectedTS Time The time when the asset was last connected.
lastDisconnectedTS Time The time when the asset was last disconnected.
lastDisconnectReason String The reason for the last disconnection.
lastSeenAt Time The time we saw the last telemetries from the asset.
usingSSL Boolean True if the asset is connected via SSL.
remoteIP String The remote IP address of the asset.
remotePort Int The remote port of the asset.

FileAnalysis🔗

Description: Configurations for file analysis.

Fields🔗

Field Type Description Arguments
enabled Boolean True if file analysis is enabled.

AutoArchive🔗

Description: Configurations for auto archive.

Fields🔗

Field Type Description Arguments
enabled Boolean True if auto archive is enabled.
period Int Day of disconnection after which the asset is archived. This field is deprecated.
periodDays Int Day of disconnection after which the asset is archived.

TamperProtection🔗

Description: Configurations for tamper protection.

Fields🔗

Field Type Description Arguments
enabled Boolean True if tamper protection is enabled.

AdvancedKernelTelemetry🔗

Description: Configurations for advanced kernel telemetry.

Fields🔗

Field Type Description Arguments
enabled Boolean True if advanced kernel telemetry is enabled.

MaintenanceWindow🔗

Description: Configurations for maintenance window.

Fields🔗

Field Type Description Arguments
enabled Boolean True if maintenance window is enabled.

AgentSettings🔗

Description: Describes an asset's agent settings.

Fields🔗

Field Type Description Arguments
id ID The unique identifier for the agent settings.
isDefault Boolean True if the this configuration is the default.
tenantId String The unique identifier for the tenant.
name String The name of the agent settings.
policyName String The associated policy name of agent settings.
description String The description of the agent settings.
channel String The channel of the agent settings.
fileAnalysis FileAnalysis file analysis settings of the agent.
autoArchive AutoArchive auto archive settings of the agent.
tamperProtection TamperProtection tamper protection settings of the agent.
maintenanceWindow MaintenanceWindow maintenance window settings of the agent.
advancedKernelTelemetry AdvancedKernelTelemetry advanced kernel telemetry settings of the agent.
skipUpgrade Boolean if the agent should skip upgrades.
createdAt Time The time when the agent settings was created.
updatedAt Time The time when the agent settings was last updated.

VulnerabilityDetails🔗

Description: Describes an asset's vulnerability details as determined by VDR.

Fields🔗

Field Type Description Arguments
highCps String ?
highCvss String ?
vulnerabilityStatus String the status of the vulnerability
vdrInstance String vdr instance of the vulnerability
vdrAssetId String vdr asset id of the vulnerability
vdrOrganizationId String vdr organization id of the vulnerability
vdrHostname String vdr hostname of the vulnerability
createdAt Time When the vulnerability was created
updatedAt Time When this vulnerability was last updated

EndpointGroupV2🔗

Description: Describes the endpoint group information of a Taegis agent asset.

Fields🔗

Field Type Description Arguments
id ID The unique identifier for the endpoint group.
name String The name of the endpoint group.

HostnameV2🔗

Description: Describes the hostname of an asset.

Fields🔗

Field Type Description Arguments
id ID The unique identifier for the hostname.
createdAt Time The time when the hostname was created.
updatedAt Time The time when the hostname was last updated.
hostId String The unique identifier associated with this host.
hostname String The hostname of the asset.

EthernetAddressV2🔗

Description: Describes the ethernet address of an asset.

Fields🔗

Field Type Description Arguments
id ID The unique identifier for the ethernet address.
createdAt Time The time when the ethernet address was created.
updatedAt Time The time when the ethernet address was last updated.
hostId String The ethernet address of the asset.
mac String The ethernet address of the asset.

IpAddressV2🔗

Description: Describes the IP Address of an asset.

Fields🔗

Field Type Description Arguments
id ID The unique identifier for the IP address.
createdAt Time The time when the IP address was created.
updatedAt Time The time when the IP address was last updated.
ip String The IP address of the asset.
hostId String The unique identifier associated with this host.

UserV2🔗

Description: Describes the user of an asset.

Fields🔗

Field Type Description Arguments
id ID The unique identifier for the user.
createdAt Time The time when the user was created.
updatedAt Time The time when the user was last updated.
hostId String The unique identifier associated with this host this user exists on
username String The username of the user.

TagV2🔗

Description: Describes the tag data associated with an asset.

Fields🔗

Field Type Description Arguments
id ID The unique identifier for the tag.
hostId String The unique identifier associated with this host.
tenantId String The unique identifier associated with this tenant.
createdAt Time The time when the tag was created.
updatedAt Time The time when the tag was last updated.
tag String The tag key.
key String The key for the tag.
value String The value for the tag.
isVendorTag Boolean true if the tag is a vendor tag.

AssetInvestigation🔗

Description: Describes the investigations data associated with an asset.

Fields🔗

Field Type Description Arguments
id ID The unique identifier for the investigation.
investigationId String The unique identifier associated with this host.
createdAt Time When the investigation was created.
updatedAt Time When the investigation was last updated.
hostId String The unique identifier associated with this host.

EndpointTypeV2🔗

Description: Represents the different endpoint types supported by the API.

FacetV2🔗

Description: Describes a facet which can be used to filter assets.

Fields🔗

Field Type Description Arguments
label String The name of the facet.
facet String The value of the facet.
searchOnly Boolean true if the facet is a search only facet.

FacetInfoOrderByInputV2🔗

Description: Determines the ordering of the facet info results.

FacetInfoV2🔗

Description: Describes the facet info

Fields🔗

Field Type Description Arguments
facet String The name of the facet.
fields FacetFieldInfoV2 The fields for the facet.

FacetFieldInfoV2🔗

Description: Describes the details for a given facet.

Fields🔗

Field Type Description Arguments
field String The field of the facet.
count Int The count of the field.

AssetSearchOrderByInputV2🔗

Description: Determines the order of asset results returned.

AssetHostnameSearchOrderByInput🔗

Description: Determines the order of asset hostname results returned.

AssetIPAddressSearchOrderByInput🔗

Description: Determines the order of asset ipAddress results returned.

AssetMacAddressSearchOrderByInput🔗

Description: Determines the order of asset macAddress results returned.

InvestigationsOrderByInput🔗

Description: specifier for how the investigation results should be ordered.

TagWhereInputV2🔗

Description: Filters the tag keys/values as part of the TagFilter input.

Fields🔗

Field Type Description Arguments
key String key of the tag where input.
key_contains String key_contains of the tag where input.
value String value of the tag where input.
value_contains String value_contains of the tag where input.
tag String tag of the tag where input.
tag_contains String tag_contains of the tag where input.

AssetsV2🔗

Description: Asset query results.

Fields🔗

Field Type Description Arguments
totalCount Int The total number of assets returned.
assets AssetV2 The assets returned.
pageInfo PageInfoV2 The pagination information.

PageInfoV2🔗

Description: Describes the fields to support forward and backward pagination.

The API defaults to forward pagination. Sending a mix of forward and backward pagination arguments should be avoided: if arguments are a mix of forward and backward pagination, any arguments pertaining to backward pagination will be ignored, and only the arguments that relate to forward pagination will be used.

Fields🔗

Field Type Description Arguments
endCursor String Is passed to after to support forward pagination.
startCursor String Is passed to before to support backward pagination.
hasNextPage Boolean Is used to determine if there are more results to fetch during forward
pagination.

When using backward pagination this will be false, even if there are
results from a previously fetched page.
hasPreviousPage Boolean Is used to determine if there are more results to fetch during backward
pagination.

When using forward pagination this will be false, even if there are
results from a previously viewed page.

AssetFilter🔗

Description: Is the mechanism that filters asset results returned from a query, or filters the assets selected for mutations.

Fields🔗

Field Type Description Arguments
endpointTypes EndpointTypeV2 The endpoint types to filter by.
assetState AssetState The asset state to filter by.
where AssetWhereInputV2 the where clause to filter by.

AssetHostnameFilter🔗

Description: Is the mechanism that filters hostname results returned from a query, or filters the hostnames selected for mutations.

Fields🔗

Field Type Description Arguments
endpointTypes EndpointTypeV2 The endpoint types to filter by.
where AssetHostnameWhereInput The where clause to filter by.

AssetHostnameWhereInput🔗

Description: Where clause of the asset hostname filter.

Fields🔗

Field Type Description Arguments
and AssetHostnameWhereInput logical and.
or AssetHostnameWhereInput logical or.
not AssetHostnameWhereInput logical not
createdAt Time exact match of when the queried endpoint was created.
createdAt_lt Time return asset that were created before this time.
createdAt_lte Time return asset that were created before or equal to this time.
createdAt_gt Time return asset that were created after this time.
createdAt_gte Time return asset that were created after or equal to this time.
hostId String exact match query on this hostId.
hostId_contains String return assets, whose hostID contains this string.
hostId_autocomplete String hostId autocomplete.
hostname String exact match query on this hostname.
hostname_contains String return assets, whose hostname contains this string.
hostname_autocomplete String hostname autocomplete.
lastSeenAt Time exact match of when the queried endpoint was last seen.
lastSeenAt_lt Time return asset that were last seen before this time.
lastSeenAt_lte Time return asset that were last seen before or equal to this time.
lastSeenAt_gt Time return asset that were last seen after this time.
lastSeenAt_gte Time return asset that were last seen after or equal to this time.
updatedAt Time exact match of when the queried endpoint was last updated.
updatedAt_lt Time return asset that were last updated before this time.
updatedAt_lte Time return asset that were last updated before or equal to this time.
updatedAt_gt Time return asset that were last updated after this time.
updatedAt_gte Time return asset that were last updated after or equal to this time.

AssetIPAddressFilter🔗

Description: Is the mechanism that filters ip results returned from a query, or filters the ipAddresses selected for mutations.

Fields🔗

Field Type Description Arguments
endpointTypes EndpointTypeV2 The endpoint types to filter by.
where AssetIPAddressWhereInput The where clause to filter by.

AssetIPAddressWhereInput🔗

Description: Where clause of the asset ip address filter.

Fields🔗

Field Type Description Arguments
and AssetIPAddressWhereInput logical and.
or AssetIPAddressWhereInput logical or.
not AssetIPAddressWhereInput logical not.
createdAt Time exact match of when the queried endpoint was created.
createdAt_lt Time return asset that were created before this time.
createdAt_lte Time return asset that were created before or equal to this time.
createdAt_gt Time return asset that were created after this time.
createdAt_gte Time return asset that were created after or equal to this time.
hostId String exact match query on this hostId.
hostId_contains String return assets, whose hostID contains this string.
hostId_autocomplete String hostId autocomplete.
ip String exact match query on this ip.
ip_contains String return assets, whose ip contains this string.
ip_autocomplete String ip autocomplete.
lastSeenAt Time exact match of when the queried endpoint was last seen.
lastSeenAt_lt Time return asset that were last seen before this time.
lastSeenAt_lte Time return asset that were last seen before or equal to this time.
lastSeenAt_gt Time return asset that were last seen after this time.
lastSeenAt_gte Time return asset that were last seen after or equal to this time.
updatedAt Time exact match of when the queried endpoint was last updated.
updatedAt_lt Time return asset that were last updated before this time.
updatedAt_lte Time return asset that were last updated before or equal to this time.
updatedAt_gt Time return asset that were last updated after this time.
updatedAt_gte Time return asset that were last updated after or equal to this time.

AssetMacAddressFilter🔗

Description: Is the mechanism that filters Mac results returned from a query, or filters the MacAddresses selected for mutations.

Fields🔗

Field Type Description Arguments
endpointTypes EndpointTypeV2 The endpoint types to filter by.
where AssetMacAddressWhereInput The where clause to filter by.

AssetMacAddressWhereInput🔗

Description: Where clause of the asset mac address filter.

Fields🔗

Field Type Description Arguments
and AssetMacAddressWhereInput logical and.
or AssetMacAddressWhereInput logical or.
not AssetMacAddressWhereInput logical not.
createdAt Time exact match of when the queried endpoint was created.
createdAt_lt Time return asset that were created before this time.
createdAt_lte Time return asset that were created before or equal to this time.
createdAt_gt Time return asset that were created after this time.
createdAt_gte Time return asset that were created after or equal to this time.
hostId String exact match query on this hostId.
hostId_contains String return assets, whose hostID contains this string.
hostId_autocomplete String hostId autocomplete.
mac String exact match query on this mac address.
mac_contains String return assets, whose mac address contains this string.
mac_autocomplete String mac autocomplete.
lastSeenAt Time exact match of when the queried endpoint was last seen.
lastSeenAt_lt Time return asset that were last seen before this time.
lastSeenAt_lte Time return asset that were last seen before or equal to this time.
lastSeenAt_gt Time return asset that were last seen after this time.
lastSeenAt_gte Time return asset that were last seen after or equal to this time.
updatedAt Time exact match of when the queried endpoint was last updated.
updatedAt_lt Time return asset that were last updated before this time.
updatedAt_lte Time return asset that were last updated before or equal to this time.
updatedAt_gt Time return asset that were last updated after this time.
updatedAt_gte Time return asset that were last updated after or equal to this time.

TagFilter🔗

Description: Is used to filter the results of the tagKeysV2 and tagValuesV2 queries.

Fields🔗

Field Type Description Arguments
endpointTypes EndpointTypeV2 endpoint types to filter by.
where TagWhereInputV2 where clause to filter by.

CanIsolateResponse🔗

Description: Isolation Response values

Query🔗

Description: query command that don't change and state in the backend.

Fields🔗

Field Type Description Arguments
node Node id: ID
facetsV2 FacetV2 Retrieve a list of facets for a given endpoint type. endpointType: EndpointTypeV2
facetInfoV2 FacetInfoV2 Get facet info based on a currently selected facet. facets: String, orderBy: FacetInfoOrderByInputV2, filter: AssetFilter
assetsV2 AssetsV2 Retrieve assets. first: Int, last: Int, after: String, before: String, filter: AssetFilter, orderBy: AssetSearchOrderByInputV2
exportAssetsV2 AssetsExportOutputV2 Retrieve assets in a form coercible into CSV files. first: Int, after: String, filter: AssetFilter, orderBy: AssetSearchOrderByInputV2
tagKeysV2 String Fetch the tag keys matching the filter criteria. filter: TagFilter
tagValuesV2 String Fetch the tag values matching the filter criteria. filter: TagFilter
updateTagsForEndpointStatusV2 TaskInfoPayload Return the status of the updateTagsForEndpointV2 operation. id: ID
deleteAssetsStatusV2 TaskInfoPayload Return the status of the deleteAssetsV2 operation. id: ID
restoreAssetsStatusV2 TaskInfoPayload Return the status of the restoreAssetsV2 operation. id: ID
assignBulkAssetsToGroupStatus TaskInfoPayload Return the status of the assignBulkAssetsToGroup operation. id: ID
bulkUpdateTagsForEndpointsStatusV2 TaskInfoPayload Return the status of the bulkUpdateTagsForEndpointsV2 operation. id: ID
bulkDeleteTagsForEndpointsStatusV2 TaskInfoPayload Return the status of the bulkDeleteTagsForEndpointsV2 operation. id: ID
assignBulkAssetsToInvestigationStatus TaskInfoPayload Return the status of the assignBulkAssetsToInvestigation operation. id: ID
bulkDeleteInvestigationForEndpointsStatus TaskInfoPayload Return the status of the bulkDeleteInvestigationForEndpoints operation. id: ID
bulkReconnectNativeAssetsStatus TaskInfoPayload Return the status of the bulkReconnectNativeAssets operation. id: ID
bulkUninstallNativeAssetsStatus TaskInfoPayload Return the status of the bulkUninstallNativeAssets operation. id: ID
assetDeadPeriod String Return the tenant's asset dead period threshold used by the api. The value
from the tenants preference api is used if present, otherwise the default of
720h (30 days) is used.
subjectCanIsolate CanIsolateResponse Returns whether a subject can isolate an asset for the current tenant context
assetsHostname AssetsHostname "Retrieve hostname details first: Int, last: Int, after: String, before: String, filter: AssetHostnameFilter, orderBy: AssetHostnameSearchOrderByInput
assetsIPAddress AssetsIPAddress "Retrieve ipAddress details first: Int, last: Int, after: String, before: String, filter: AssetIPAddressFilter, orderBy: AssetIPAddressSearchOrderByInput
assetsMacAddress AssetsMacAddress "Retrieve Mac details first: Int, last: Int, after: String, before: String, filter: AssetMacAddressFilter, orderBy: AssetMacAddressSearchOrderByInput

AssetsHostname🔗

Description: Describes the output of assetHostname query

Fields🔗

Field Type Description Arguments
assetsHostnames AssetHostname The asset hostnames returned.
pageInfo PageInfoV2 The pagination information.
totalCount Int The total number of assets returned.

AssetsIPAddress🔗

Description: Describes the output of assetsIpAddress query

Fields🔗

Field Type Description Arguments
assetsIPAddresses AssetIPAddress The asset ip addresses returned.
pageInfo PageInfoV2 The pagination information.
totalCount Int The total number of assets returned.

AssetsMacAddress🔗

Description: Describes the output of assetsIpAddress query

Fields🔗

Field Type Description Arguments
assetsMacAddresses AssetMacAddress The asset mac addresses returned.
pageInfo PageInfoV2 The pagination information.
totalCount Int The total number of assets returned.

AssetHostname🔗

Description: Describes the hostname of an asset.

Fields🔗

Field Type Description Arguments
hostId String The hostID of the asset associated with this hostname.
tenantId String The tenant associated with this hostname.
hostname String The hostname of the asset.
createdAt Time The time when the hostname was created.
updatedAt Time The time when the asset was last updated.
deletedAt Time The time when the asset was deleted.
lastSeenAt Time The time when the asset was last seen.

AssetIPAddress🔗

Description: Describes the ip of an asset.

Fields🔗

Field Type Description Arguments
hostId String The hostID of the asset associated with this ip address.
tenantId String The tenant associated with this ip address.
ip String The ip of the asset.
createdAt Time The time when the ip was created.
updatedAt Time The time when the asset was last updated.
deletedAt Time The time when the asset was deleted.
lastSeenAt Time The time when the asset was last seen.

AssetMacAddress🔗

Description: Describes the mac of an asset.

Fields🔗

Field Type Description Arguments
hostId String The hostID of the asset associated with this mac address.
tenantId String The unique identifier for the mac address.
mac String The mac address of the asset.
createdAt Time The time when the mac was created.
updatedAt Time The time when the asset was last updated.
deletedAt Time The time when the asset was deleted.
lastSeenAt Time The time when the asset was last seen.

Mutation🔗

Description: Command the modify the backend in some way.

Fields🔗

Field Type Description Arguments
updateTagsForEndpointV2 BulkOpPayloadV2 Start a job to update the tags for a given endpoint. Use the task ID
in the response to poll the updateTagsForEndpointStatusV2 query to
determine if the job succeeded.

Note: any tags passed in the input will completely replace the current
tags for the endpoint. If the intention is to change/remove a single
tag, query the asset first to get the current set of tags for the
endpoint, then pass the complete set of tags desired with the changes
included.
input: UpdateTagsForEndpointInputV2
bulkUpdateTagsForEndpointsV2 BulkOpPayloadV2 Start a job to update the tags for multiple endpoints: it does not
overwrite tags, it adds the tags in the input to the endpoints. If any
endpoints have tags with the same key, but a different value, the value
will be updated with the value in the input. Use the task ID in the
response to poll the bulkUpdateTagsForEndpointsStatusV2 query to
determine if the job succeeded.
input: BulkUpdateTagsForEndpointsInputV2
deleteAssetsV2 BulkOpPayloadV2 Start a job to "soft" delete the assets matching the filter criteria.
Use the task ID in the response to poll the deleteAssetsStatusV2
query to determine if the job succeeded.
input: DeleteAssetsInputV2
restoreAssetsV2 BulkOpPayloadV2 Start a job to restore assets that were previously deleted and that
match the filter criteria. Use the task ID in the response to poll the
restoreAssetsStatusV2 query to determine if the job succeeded.
input: RestoreAssetsInputV2
assignBulkAssetsToGroup BulkOpPayloadV2 Start a job to assign the endpoints matching the filter criteria to the
endpoint group in the input. Use the task ID in the response to poll the
assignBulkAssetsToGroupStatus query to determine if the job succeeded.
input: AssignBulkAssetsToGroupInput
bulkDeleteTagsForEndpointsV2 BulkOpPayloadV2 Start a job to delete the provided tags from the endpoints matching the
filter criteria in the input. Use the task ID in the response to poll
the bulkDeleteTagsForEndpointsStatusV2 query to determine if the job
succeeded.
input: BulkDeleteTagsForEndpointsInputV2
assignBulkAssetsToInvestigation BulkOpPayloadV2 Start a job to assign the endpoints matching the filter criteria to the
investigation in the input. Use the task ID in the response to poll the
assignBulkAssetsToInvestigationStatus query to determine if the job succeeded.
input: AssignBulkAssetsToInvestigationInput
bulkDeleteInvestigationForEndpoints BulkOpPayloadV2 Start a job to delete the provided investigation from the endpoints matching
the filter criteria in the input. Use the task ID in the response to poll the
bulkDeleteInvestigationForEndpointsStatus query to determine if the job succeeded.
input: BulkDeleteInvestigationForEndpointsInput
bulkReconnectNativeAssets BulkOpPayloadV2 Start a job to reconnect taegis endpoints matching the filter criteria in the input. input: BulkReconnectNativeAssetsInput
bulkUninstallNativeAssets BulkOpPayloadV2 Start a job to uninstall taegis endpoints matching the filter criteria in the input. input: BulkUninstallNativeAssetsInput

UpdateTagsForEndpointInputV2🔗

Description: Describes the input for the updateTagsForEndpoint mutation.

Fields🔗

Field Type Description Arguments
endpointId ID The unique identifier for the endpoint.
tags KVTagInputV2 The tags to add to the endpoint.

KVTagInputV2🔗

Description: Is the key/value format tag input to the asset tagging mutations.

Fields🔗

Field Type Description Arguments
key String The key for the tag.
value String The value for the tag.

BulkOpPayloadV2🔗

Description: Describes the input for the bulkUpdateTagsForEndpoints mutation.

Fields🔗

Field Type Description Arguments
id ID The unique identifier for the task.
status BulkOpStatusV2 The status of the task.

TaskInfoPayload🔗

Description: Describes the task info payload.

Fields🔗

Field Type Description Arguments
id ID The unique identifier for the task.
status BulkOpStatusV2 The status of the task.
metadata TaskInfoMetadata The metadata for the task.

BulkUpdateTagsForEndpointsInputV2🔗

Description: Describes the input for the bulkUpdateTagsForEndpoints mutation.

Fields🔗

Field Type Description Arguments
filter AssetFilter The filter to select the assets to update the tags for.
tags KVTagInputV2 The tags to add to the assets.

BulkDeleteTagsForEndpointsInputV2🔗

Description: Describes the input for the bulkDeleteTagsForEndpoints mutation.

Fields🔗

Field Type Description Arguments
filter AssetFilter The filter to select the assets to delete the tags from.
tagKeys String The tags to delete from the assets.

TaskInfoMetadata🔗

Description: Describes the TaskInfoMetadata.

Fields🔗

Field Type Description Arguments
numEndpoints Int The number of endpoints that were processed.
numSucceeded Int The number of endpoints that succeeded.
numFailed Int The number of endpoints that failed.
syncSucceeded Boolean The number of sync that succeeded.

DeleteAssetsInputV2🔗

Description: Describes the input for the DeleteAssets.

Fields🔗

Field Type Description Arguments
filter AssetFilter The filter to select the assets to delete.

RestoreAssetsInputV2🔗

Description: Describes the input for the RestoreAssets.

Fields🔗

Field Type Description Arguments
filter AssetFilter The filter to select the assets to restore.

BulkOpStatusV2🔗

Description: Represents the possible states of a mutation.

AssetsExportOutputV2🔗

Description: Describes the output for the asset export query.

Fields🔗

Field Type Description Arguments
columnDef String the names of the columns.
rows String rows returned.
totalCount Int total number returned.
pageInfo PageInfoV2 The pagination information.

AssignBulkAssetsToGroupInput🔗

Description: Describes the input for the bulkReconnectNativeAssets mutation.

Fields🔗

Field Type Description Arguments
groupId String The group ID to assign to the assets.
filter AssetFilter The filter to select the assets to assign to the group.

AssignBulkAssetsToInvestigationInput🔗

Description: Describes the input for the bulkReconnectNativeAssets mutation.

Fields🔗

Field Type Description Arguments
investigationId String The investigation ID to assign to the assets.
filter AssetFilter The filter to select the assets to assign to the investigation.

BulkDeleteInvestigationForEndpointsInput🔗

Description: Describes the input for the bulkReconnectNativeAssets mutation.

Fields🔗

Field Type Description Arguments
filter AssetFilter The filter to select the assets to delete the investigation from.
investigationId String The investigation ID to delete from the assets.

BulkReconnectNativeAssetsInput🔗

Description: Describes the input for the bulkReconnectNativeAssets mutation.

Fields🔗

Field Type Description Arguments
where AssetWhereInputV2 The filter to select the assets to reconnect.
reason String The reason for the reconnect.

BulkUninstallNativeAssetsInput🔗

Description: Describes the input for the bulkUninstallNativeAssets mutation.

Fields🔗

Field Type Description Arguments
filter AssetFilter The filter to select the assets to delete the investigation from.
where AssetWhereInputV2 The filter to select the assets to uninstall.
reason String The reason for the uninstall.
agentCount Int The expected number of agents to uninstall.

Time🔗

Description: The default time implementation for this library.

AssetWhereInputV2🔗

Description: Allows for grouping filter operators logically with AND/OR to run arbitrarily complex queries. Queries cannot be nested greater than five levels deep. Any input value supplied as null, while allowed, is not supported. We make no guarantees of the validity of results for explicitly null inputs. Fields with contains queries will return results that contain the providedsubstring anywhere in the source's string. contains queries can also take a user defined wildcard pattern where the * character is the wildcard. For example hostname_contains: "123" will return results that have "123" anywhere in the hostname. hostname_contains: "12*3" will return results for hostnames that start with 1, then a 2, then any other character zero or more times, and end with the number 3.

Fields🔗

Field Type Description Arguments
and AssetWhereInputV2
or AssetWhereInputV2
not AssetWhereInputV2
id ID
agentSettingID String
agentSettingID_contains String
agentSettingID_autocomplete String
cloudInstanceId String
cloudInstanceId_contains String
cloudInstanceId_autocomplete String
connectionStatus String
createdAt Time
createdAt_lt Time
createdAt_lte Time
createdAt_gt Time
createdAt_gte Time
desiredIsolationStatus String
groupName String
groupName_contains String
groupName_autocomplete String
hostId String
hostId_contains String
hostId_autocomplete String
hostname String
hostname_contains String
hostname_autocomplete String
investigationId String
investigationId_contains String
investigationId_autocomplete String
ipAddress String
ipAddress_contains String
ipAddress_autocomplete String
isolationStatus String
lastSeenAt Time
lastSeenAt_lt Time
lastSeenAt_lte Time
lastSeenAt_gt Time
lastSeenAt_gte Time
macAddress String
macAddress_contains String
macAddress_autocomplete String
osDistributor String
osFamily String
osVersion String
osVersionNormalized String
osVersionNormalized_contains String
osVersionNormalized_autocomplete String
sensorVersion String
systemType String
tags TagWhereInputV2
tags_contains TagWhereInputV2
tags_autocomplete TagWhereInputV2
unInstallable Boolean
updatedAt Time
updatedAt_lt Time
updatedAt_lte Time
updatedAt_gt Time
updatedAt_gte Time
username String
username_contains String
username_autocomplete String
vulnerabilityStatus String
vulnerabilityStatus_contains String
vulnerabilityStatus_autocomplete String