Endpoint Assets GraphQL API🔗
Node🔗
Description: Used by Nautilus for other Red Cloak TDR graphQL model resolution.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
id | ID | The unique identifier for the node. |
ID🔗
Description: The ID
scalar type represents a unique identifier, often used to refetch an object or as key for a cache. The ID type appears in a JSON response as a String; however, it is not intended to be human-readable. When expected as an input type, any string (such as "4"
) or integer (such as 4
) input value will be accepted as an ID.
AssetState🔗
Description: Describes the current state of the asset.
AssetV2🔗
Description: Represents an asset in the Taegis ecosystem. Assets combine information from programs known as "agents" and the machines they are installed on. Agents emit telemetry to Taegis XDR, and approved ones (the Taegis, RCC, Defender, CrowdStrike, and CarbonBlack agents) are available as assets.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
id | ID | The unique identifier for the asset. | |
hostId | String | The unique identifier for the host of the asset. | |
rn | String | The resource name of the asset. | |
tenantId | String | The unique identifier for the tenant of the asset. | |
sensorTenant | String | The unique identifier for the sensor tenant of the asset. | |
sensorId | String | The unique identifier for the sensor of the asset. | |
ingestTime | Time | The time when the asset data was ingested. | |
createdAt | Time | The time when the asset was created. | |
updatedAt | Time | The time when the asset was last updated. | |
deletedAt | Time | The time when the asset was deleted. | |
lastSeenAt | Time | The time when the asset was last seen. | |
biosSerial | String | The BIOS serial number of the asset. | |
firstDiskSerial | String | The serial number of the first disk of the asset. | |
systemVolumeSerial | String | The serial number of the system volume of the asset. | |
sensorVersion | String | The version of the sensor of the asset. | |
endpointType | String | The type of the endpoint of the asset. | |
endpointPlatform | String | The platform of the endpoint of the asset. | |
hostnames | HostnameV2 | The hostnames associated with the asset. | |
ethernetAddresses | EthernetAddressV2 | The ethernet addresses associated with the asset. | |
ipAddresses | IpAddressV2 | The IP addresses associated with the asset. | |
users | UserV2 | The users associated with the asset. | |
architecture | String | The architecture of the asset. | |
osFamily | String | The OS family of the asset. | |
osVersion | String | The OS version of the asset. | |
osVersionNormalized | String | The normalized OS version of the asset. | |
osDistributor | String | The distributor of the OS of the asset. | |
osRelease | String | The release of the OS of the asset. | |
systemType | String | The type of the system of the asset. | |
osCodename | String | The codename of the OS of the asset. | |
kernelRelease | String | The release of the kernel of the asset. | |
kernelVersion | String | The version of the kernel of the asset. | |
tags | TagV2 | The tags associated with the asset. | |
connectionStatus | String | The connection status of the asset. This field is deprecated. | |
isolationStatus | String | The isolation status of the asset. | |
desiredIsolationStatus | String | The desired isolation status of the asset. | |
model | String | The model of the asset. | |
cloudProviderName | String | The name of the cloud provider of the asset. | |
cloudInstanceId | String | The instance ID of the asset in the cloud provider. | |
endpointGroup | EndpointGroupV2 | The endpoint group associated with the asset. | |
status | String | The status of the asset. | |
investigations | AssetInvestigation | The investigations associated with the asset. | first: Int, orderBy: InvestigationsOrderByInput |
vulnerabilityDetails | VulnerabilityDetails | The vulnerability details of the asset. | |
agentSettings | AgentSettings | The agent settings of the asset. | |
connectionDetails | ConnectionDetails | The connection details of the asset. | |
unInstallable | Boolean | Whether the asset is uninstallable or not. | |
agentPolicyVersion | String | The version of the agent config policy the asset is using | |
uninstall | Boolean | Whether the asset is scheduled for uninstall. |
String🔗
Description: The String
scalar type represents textual data, represented as UTF-8 character sequences. The String type is most often used by GraphQL to represent free-form human-readable text.
Int🔗
Description: The Int
scalar type represents non-fractional signed whole numeric values. Int can represent values between -(2^31) and 2^31 - 1.
Boolean🔗
Description: The Boolean
scalar type represents true
or false
.
ConnectionDetails🔗
Description: Represents information about the connection of the asset to the backend
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
connectionStatus | String | The connection status of the asset. | |
updatedAt | Time | The time when the asset was last connected. | |
lastConnectedTS | Time | The time when the asset was last connected. | |
lastDisconnectedTS | Time | The time when the asset was last disconnected. | |
lastDisconnectReason | String | The reason for the last disconnection. | |
lastSeenAt | Time | The time we saw the last telemetries from the asset. | |
usingSSL | Boolean | True if the asset is connected via SSL. | |
remoteIP | String | The remote IP address of the asset. | |
remotePort | Int | The remote port of the asset. |
FileAnalysis🔗
Description: Configurations for file analysis.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
enabled | Boolean | True if file analysis is enabled. |
AutoArchive🔗
Description: Configurations for auto archive.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
enabled | Boolean | True if auto archive is enabled. | |
period | Int | Day of disconnection after which the asset is archived. This field is deprecated. | |
periodDays | Int | Day of disconnection after which the asset is archived. |
TamperProtection🔗
Description: Configurations for tamper protection.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
enabled | Boolean | True if tamper protection is enabled. |
AdvancedKernelTelemetry🔗
Description: Configurations for advanced kernel telemetry.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
enabled | Boolean | True if advanced kernel telemetry is enabled. |
MaintenanceWindow🔗
Description: Configurations for maintenance window.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
enabled | Boolean | True if maintenance window is enabled. |
AgentSettings🔗
Description: Describes an asset's agent settings.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
id | ID | The unique identifier for the agent settings. | |
isDefault | Boolean | True if the this configuration is the default. | |
tenantId | String | The unique identifier for the tenant. | |
name | String | The name of the agent settings. | |
policyName | String | The associated policy name of agent settings. | |
description | String | The description of the agent settings. | |
channel | String | The channel of the agent settings. | |
fileAnalysis | FileAnalysis | file analysis settings of the agent. | |
autoArchive | AutoArchive | auto archive settings of the agent. | |
tamperProtection | TamperProtection | tamper protection settings of the agent. | |
maintenanceWindow | MaintenanceWindow | maintenance window settings of the agent. | |
advancedKernelTelemetry | AdvancedKernelTelemetry | advanced kernel telemetry settings of the agent. | |
skipUpgrade | Boolean | if the agent should skip upgrades. | |
createdAt | Time | The time when the agent settings was created. | |
updatedAt | Time | The time when the agent settings was last updated. |
VulnerabilityDetails🔗
Description: Describes an asset's vulnerability details as determined by VDR.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
highCps | String | ? | |
highCvss | String | ? | |
vulnerabilityStatus | String | the status of the vulnerability | |
vdrInstance | String | vdr instance of the vulnerability | |
vdrAssetId | String | vdr asset id of the vulnerability | |
vdrOrganizationId | String | vdr organization id of the vulnerability | |
vdrHostname | String | vdr hostname of the vulnerability | |
createdAt | Time | When the vulnerability was created | |
updatedAt | Time | When this vulnerability was last updated |
EndpointGroupV2🔗
Description: Describes the endpoint group information of a Taegis agent asset.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
id | ID | The unique identifier for the endpoint group. | |
name | String | The name of the endpoint group. |
HostnameV2🔗
Description: Describes the hostname of an asset.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
id | ID | The unique identifier for the hostname. | |
createdAt | Time | The time when the hostname was created. | |
updatedAt | Time | The time when the hostname was last updated. | |
hostId | String | The unique identifier associated with this host. | |
hostname | String | The hostname of the asset. |
EthernetAddressV2🔗
Description: Describes the ethernet address of an asset.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
id | ID | The unique identifier for the ethernet address. | |
createdAt | Time | The time when the ethernet address was created. | |
updatedAt | Time | The time when the ethernet address was last updated. | |
hostId | String | The ethernet address of the asset. | |
mac | String | The ethernet address of the asset. |
IpAddressV2🔗
Description: Describes the IP Address of an asset.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
id | ID | The unique identifier for the IP address. | |
createdAt | Time | The time when the IP address was created. | |
updatedAt | Time | The time when the IP address was last updated. | |
ip | String | The IP address of the asset. | |
hostId | String | The unique identifier associated with this host. |
UserV2🔗
Description: Describes the user of an asset.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
id | ID | The unique identifier for the user. | |
createdAt | Time | The time when the user was created. | |
updatedAt | Time | The time when the user was last updated. | |
hostId | String | The unique identifier associated with this host this user exists on | |
username | String | The username of the user. |
TagV2🔗
Description: Describes the tag data associated with an asset.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
id | ID | The unique identifier for the tag. | |
hostId | String | The unique identifier associated with this host. | |
tenantId | String | The unique identifier associated with this tenant. | |
createdAt | Time | The time when the tag was created. | |
updatedAt | Time | The time when the tag was last updated. | |
tag | String | The tag key. | |
key | String | The key for the tag. | |
value | String | The value for the tag. | |
isVendorTag | Boolean | true if the tag is a vendor tag. |
AssetInvestigation🔗
Description: Describes the investigations data associated with an asset.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
id | ID | The unique identifier for the investigation. | |
investigationId | String | The unique identifier associated with this host. | |
createdAt | Time | When the investigation was created. | |
updatedAt | Time | When the investigation was last updated. | |
hostId | String | The unique identifier associated with this host. |
EndpointTypeV2🔗
Description: Represents the different endpoint types supported by the API.
FacetV2🔗
Description: Describes a facet which can be used to filter assets.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
label | String | The name of the facet. | |
facet | String | The value of the facet. | |
searchOnly | Boolean | true if the facet is a search only facet. |
FacetInfoOrderByInputV2🔗
Description: Determines the ordering of the facet info results.
FacetInfoV2🔗
Description: Describes the facet info
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
facet | String | The name of the facet. | |
fields | FacetFieldInfoV2 | The fields for the facet. |
FacetFieldInfoV2🔗
Description: Describes the details for a given facet.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
field | String | The field of the facet. | |
count | Int | The count of the field. |
AssetSearchOrderByInputV2🔗
Description: Determines the order of asset results returned.
AssetHostnameSearchOrderByInput🔗
Description: Determines the order of asset hostname results returned.
AssetIPAddressSearchOrderByInput🔗
Description: Determines the order of asset ipAddress results returned.
AssetMacAddressSearchOrderByInput🔗
Description: Determines the order of asset macAddress results returned.
InvestigationsOrderByInput🔗
Description: specifier for how the investigation results should be ordered.
TagWhereInputV2🔗
Description: Filters the tag keys/values as part of the TagFilter input.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
key | String | key of the tag where input. | |
key_contains | String | key_contains of the tag where input. | |
value | String | value of the tag where input. | |
value_contains | String | value_contains of the tag where input. | |
tag | String | tag of the tag where input. | |
tag_contains | String | tag_contains of the tag where input. |
AssetsV2🔗
Description: Asset query results.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
totalCount | Int | The total number of assets returned. | |
assets | AssetV2 | The assets returned. | |
pageInfo | PageInfoV2 | The pagination information. |
PageInfoV2🔗
Description: Describes the fields to support forward and backward pagination.
The API defaults to forward pagination. Sending a mix of forward and backward pagination arguments should be avoided: if arguments are a mix of forward and backward pagination, any arguments pertaining to backward pagination will be ignored, and only the arguments that relate to forward pagination will be used.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
endCursor | String | Is passed to after to support forward pagination. |
|
startCursor | String | Is passed to before to support backward pagination. |
|
hasNextPage | Boolean | Is used to determine if there are more results to fetch during forward pagination. When using backward pagination this will be false, even if there are results from a previously fetched page. |
|
hasPreviousPage | Boolean | Is used to determine if there are more results to fetch during backward pagination. When using forward pagination this will be false, even if there are results from a previously viewed page. |
AssetFilter🔗
Description: Is the mechanism that filters asset results returned from a query, or filters the assets selected for mutations.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
endpointTypes | EndpointTypeV2 | The endpoint types to filter by. | |
assetState | AssetState | The asset state to filter by. | |
where | AssetWhereInputV2 | the where clause to filter by. |
AssetHostnameFilter🔗
Description: Is the mechanism that filters hostname results returned from a query, or filters the hostnames selected for mutations.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
endpointTypes | EndpointTypeV2 | The endpoint types to filter by. | |
where | AssetHostnameWhereInput | The where clause to filter by. |
AssetHostnameWhereInput🔗
Description: Where clause of the asset hostname filter.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
and | AssetHostnameWhereInput | logical and. | |
or | AssetHostnameWhereInput | logical or. | |
not | AssetHostnameWhereInput | logical not | |
createdAt | Time | exact match of when the queried endpoint was created. | |
createdAt_lt | Time | return asset that were created before this time. | |
createdAt_lte | Time | return asset that were created before or equal to this time. | |
createdAt_gt | Time | return asset that were created after this time. | |
createdAt_gte | Time | return asset that were created after or equal to this time. | |
hostId | String | exact match query on this hostId. | |
hostId_contains | String | return assets, whose hostID contains this string. | |
hostId_autocomplete | String | hostId autocomplete. | |
hostname | String | exact match query on this hostname. | |
hostname_contains | String | return assets, whose hostname contains this string. | |
hostname_autocomplete | String | hostname autocomplete. | |
lastSeenAt | Time | exact match of when the queried endpoint was last seen. | |
lastSeenAt_lt | Time | return asset that were last seen before this time. | |
lastSeenAt_lte | Time | return asset that were last seen before or equal to this time. | |
lastSeenAt_gt | Time | return asset that were last seen after this time. | |
lastSeenAt_gte | Time | return asset that were last seen after or equal to this time. | |
updatedAt | Time | exact match of when the queried endpoint was last updated. | |
updatedAt_lt | Time | return asset that were last updated before this time. | |
updatedAt_lte | Time | return asset that were last updated before or equal to this time. | |
updatedAt_gt | Time | return asset that were last updated after this time. | |
updatedAt_gte | Time | return asset that were last updated after or equal to this time. |
AssetIPAddressFilter🔗
Description: Is the mechanism that filters ip results returned from a query, or filters the ipAddresses selected for mutations.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
endpointTypes | EndpointTypeV2 | The endpoint types to filter by. | |
where | AssetIPAddressWhereInput | The where clause to filter by. |
AssetIPAddressWhereInput🔗
Description: Where clause of the asset ip address filter.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
and | AssetIPAddressWhereInput | logical and. | |
or | AssetIPAddressWhereInput | logical or. | |
not | AssetIPAddressWhereInput | logical not. | |
createdAt | Time | exact match of when the queried endpoint was created. | |
createdAt_lt | Time | return asset that were created before this time. | |
createdAt_lte | Time | return asset that were created before or equal to this time. | |
createdAt_gt | Time | return asset that were created after this time. | |
createdAt_gte | Time | return asset that were created after or equal to this time. | |
hostId | String | exact match query on this hostId. | |
hostId_contains | String | return assets, whose hostID contains this string. | |
hostId_autocomplete | String | hostId autocomplete. | |
ip | String | exact match query on this ip. | |
ip_contains | String | return assets, whose ip contains this string. | |
ip_autocomplete | String | ip autocomplete. | |
lastSeenAt | Time | exact match of when the queried endpoint was last seen. | |
lastSeenAt_lt | Time | return asset that were last seen before this time. | |
lastSeenAt_lte | Time | return asset that were last seen before or equal to this time. | |
lastSeenAt_gt | Time | return asset that were last seen after this time. | |
lastSeenAt_gte | Time | return asset that were last seen after or equal to this time. | |
updatedAt | Time | exact match of when the queried endpoint was last updated. | |
updatedAt_lt | Time | return asset that were last updated before this time. | |
updatedAt_lte | Time | return asset that were last updated before or equal to this time. | |
updatedAt_gt | Time | return asset that were last updated after this time. | |
updatedAt_gte | Time | return asset that were last updated after or equal to this time. |
AssetMacAddressFilter🔗
Description: Is the mechanism that filters Mac results returned from a query, or filters the MacAddresses selected for mutations.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
endpointTypes | EndpointTypeV2 | The endpoint types to filter by. | |
where | AssetMacAddressWhereInput | The where clause to filter by. |
AssetMacAddressWhereInput🔗
Description: Where clause of the asset mac address filter.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
and | AssetMacAddressWhereInput | logical and. | |
or | AssetMacAddressWhereInput | logical or. | |
not | AssetMacAddressWhereInput | logical not. | |
createdAt | Time | exact match of when the queried endpoint was created. | |
createdAt_lt | Time | return asset that were created before this time. | |
createdAt_lte | Time | return asset that were created before or equal to this time. | |
createdAt_gt | Time | return asset that were created after this time. | |
createdAt_gte | Time | return asset that were created after or equal to this time. | |
hostId | String | exact match query on this hostId. | |
hostId_contains | String | return assets, whose hostID contains this string. | |
hostId_autocomplete | String | hostId autocomplete. | |
mac | String | exact match query on this mac address. | |
mac_contains | String | return assets, whose mac address contains this string. | |
mac_autocomplete | String | mac autocomplete. | |
lastSeenAt | Time | exact match of when the queried endpoint was last seen. | |
lastSeenAt_lt | Time | return asset that were last seen before this time. | |
lastSeenAt_lte | Time | return asset that were last seen before or equal to this time. | |
lastSeenAt_gt | Time | return asset that were last seen after this time. | |
lastSeenAt_gte | Time | return asset that were last seen after or equal to this time. | |
updatedAt | Time | exact match of when the queried endpoint was last updated. | |
updatedAt_lt | Time | return asset that were last updated before this time. | |
updatedAt_lte | Time | return asset that were last updated before or equal to this time. | |
updatedAt_gt | Time | return asset that were last updated after this time. | |
updatedAt_gte | Time | return asset that were last updated after or equal to this time. |
TagFilter🔗
Description: Is used to filter the results of the tagKeysV2 and tagValuesV2 queries.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
endpointTypes | EndpointTypeV2 | endpoint types to filter by. | |
where | TagWhereInputV2 | where clause to filter by. |
CanIsolateResponse🔗
Description: Isolation Response values
Query🔗
Description: query command that don't change and state in the backend.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
node | Node | id: ID | |
facetsV2 | FacetV2 | Retrieve a list of facets for a given endpoint type. | endpointType: EndpointTypeV2 |
facetInfoV2 | FacetInfoV2 | Get facet info based on a currently selected facet. | facets: String, orderBy: FacetInfoOrderByInputV2, filter: AssetFilter |
assetsV2 | AssetsV2 | Retrieve assets. | first: Int, last: Int, after: String, before: String, filter: AssetFilter, orderBy: AssetSearchOrderByInputV2 |
exportAssetsV2 | AssetsExportOutputV2 | Retrieve assets in a form coercible into CSV files. | first: Int, after: String, filter: AssetFilter, orderBy: AssetSearchOrderByInputV2 |
tagKeysV2 | String | Fetch the tag keys matching the filter criteria. | filter: TagFilter |
tagValuesV2 | String | Fetch the tag values matching the filter criteria. | filter: TagFilter |
updateTagsForEndpointStatusV2 | TaskInfoPayload | Return the status of the updateTagsForEndpointV2 operation. | id: ID |
deleteAssetsStatusV2 | TaskInfoPayload | Return the status of the deleteAssetsV2 operation. | id: ID |
restoreAssetsStatusV2 | TaskInfoPayload | Return the status of the restoreAssetsV2 operation. | id: ID |
assignBulkAssetsToGroupStatus | TaskInfoPayload | Return the status of the assignBulkAssetsToGroup operation. | id: ID |
bulkUpdateTagsForEndpointsStatusV2 | TaskInfoPayload | Return the status of the bulkUpdateTagsForEndpointsV2 operation. | id: ID |
bulkDeleteTagsForEndpointsStatusV2 | TaskInfoPayload | Return the status of the bulkDeleteTagsForEndpointsV2 operation. | id: ID |
assignBulkAssetsToInvestigationStatus | TaskInfoPayload | Return the status of the assignBulkAssetsToInvestigation operation. | id: ID |
bulkDeleteInvestigationForEndpointsStatus | TaskInfoPayload | Return the status of the bulkDeleteInvestigationForEndpoints operation. | id: ID |
bulkReconnectNativeAssetsStatus | TaskInfoPayload | Return the status of the bulkReconnectNativeAssets operation. | id: ID |
bulkUninstallNativeAssetsStatus | TaskInfoPayload | Return the status of the bulkUninstallNativeAssets operation. | id: ID |
assetDeadPeriod | String | Return the tenant's asset dead period threshold used by the api. The value from the tenants preference api is used if present, otherwise the default of 720h (30 days) is used. |
|
subjectCanIsolate | CanIsolateResponse | Returns whether a subject can isolate an asset for the current tenant context | |
assetsHostname | AssetsHostname | "Retrieve hostname details | first: Int, last: Int, after: String, before: String, filter: AssetHostnameFilter, orderBy: AssetHostnameSearchOrderByInput |
assetsIPAddress | AssetsIPAddress | "Retrieve ipAddress details | first: Int, last: Int, after: String, before: String, filter: AssetIPAddressFilter, orderBy: AssetIPAddressSearchOrderByInput |
assetsMacAddress | AssetsMacAddress | "Retrieve Mac details | first: Int, last: Int, after: String, before: String, filter: AssetMacAddressFilter, orderBy: AssetMacAddressSearchOrderByInput |
AssetsHostname🔗
Description: Describes the output of assetHostname query
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
assetsHostnames | AssetHostname | The asset hostnames returned. | |
pageInfo | PageInfoV2 | The pagination information. | |
totalCount | Int | The total number of assets returned. |
AssetsIPAddress🔗
Description: Describes the output of assetsIpAddress query
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
assetsIPAddresses | AssetIPAddress | The asset ip addresses returned. | |
pageInfo | PageInfoV2 | The pagination information. | |
totalCount | Int | The total number of assets returned. |
AssetsMacAddress🔗
Description: Describes the output of assetsIpAddress query
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
assetsMacAddresses | AssetMacAddress | The asset mac addresses returned. | |
pageInfo | PageInfoV2 | The pagination information. | |
totalCount | Int | The total number of assets returned. |
AssetHostname🔗
Description: Describes the hostname of an asset.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
hostId | String | The hostID of the asset associated with this hostname. | |
tenantId | String | The tenant associated with this hostname. | |
hostname | String | The hostname of the asset. | |
createdAt | Time | The time when the hostname was created. | |
updatedAt | Time | The time when the asset was last updated. | |
deletedAt | Time | The time when the asset was deleted. | |
lastSeenAt | Time | The time when the asset was last seen. |
AssetIPAddress🔗
Description: Describes the ip of an asset.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
hostId | String | The hostID of the asset associated with this ip address. | |
tenantId | String | The tenant associated with this ip address. | |
ip | String | The ip of the asset. | |
createdAt | Time | The time when the ip was created. | |
updatedAt | Time | The time when the asset was last updated. | |
deletedAt | Time | The time when the asset was deleted. | |
lastSeenAt | Time | The time when the asset was last seen. |
AssetMacAddress🔗
Description: Describes the mac of an asset.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
hostId | String | The hostID of the asset associated with this mac address. | |
tenantId | String | The unique identifier for the mac address. | |
mac | String | The mac address of the asset. | |
createdAt | Time | The time when the mac was created. | |
updatedAt | Time | The time when the asset was last updated. | |
deletedAt | Time | The time when the asset was deleted. | |
lastSeenAt | Time | The time when the asset was last seen. |
Mutation🔗
Description: Command the modify the backend in some way.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
updateTagsForEndpointV2 | BulkOpPayloadV2 | Start a job to update the tags for a given endpoint. Use the task ID in the response to poll the updateTagsForEndpointStatusV2 query to determine if the job succeeded. Note: any tags passed in the input will completely replace the current tags for the endpoint. If the intention is to change/remove a single tag, query the asset first to get the current set of tags for the endpoint, then pass the complete set of tags desired with the changes included. |
input: UpdateTagsForEndpointInputV2 |
bulkUpdateTagsForEndpointsV2 | BulkOpPayloadV2 | Start a job to update the tags for multiple endpoints: it does not overwrite tags, it adds the tags in the input to the endpoints. If any endpoints have tags with the same key, but a different value, the value will be updated with the value in the input. Use the task ID in the response to poll the bulkUpdateTagsForEndpointsStatusV2 query to determine if the job succeeded. |
input: BulkUpdateTagsForEndpointsInputV2 |
deleteAssetsV2 | BulkOpPayloadV2 | Start a job to "soft" delete the assets matching the filter criteria. Use the task ID in the response to poll the deleteAssetsStatusV2 query to determine if the job succeeded. |
input: DeleteAssetsInputV2 |
restoreAssetsV2 | BulkOpPayloadV2 | Start a job to restore assets that were previously deleted and that match the filter criteria. Use the task ID in the response to poll the restoreAssetsStatusV2 query to determine if the job succeeded. |
input: RestoreAssetsInputV2 |
assignBulkAssetsToGroup | BulkOpPayloadV2 | Start a job to assign the endpoints matching the filter criteria to the endpoint group in the input. Use the task ID in the response to poll the assignBulkAssetsToGroupStatus query to determine if the job succeeded. |
input: AssignBulkAssetsToGroupInput |
bulkDeleteTagsForEndpointsV2 | BulkOpPayloadV2 | Start a job to delete the provided tags from the endpoints matching the filter criteria in the input. Use the task ID in the response to poll the bulkDeleteTagsForEndpointsStatusV2 query to determine if the job succeeded. |
input: BulkDeleteTagsForEndpointsInputV2 |
assignBulkAssetsToInvestigation | BulkOpPayloadV2 | Start a job to assign the endpoints matching the filter criteria to the investigation in the input. Use the task ID in the response to poll the assignBulkAssetsToInvestigationStatus query to determine if the job succeeded. |
input: AssignBulkAssetsToInvestigationInput |
bulkDeleteInvestigationForEndpoints | BulkOpPayloadV2 | Start a job to delete the provided investigation from the endpoints matching the filter criteria in the input. Use the task ID in the response to poll the bulkDeleteInvestigationForEndpointsStatus query to determine if the job succeeded. |
input: BulkDeleteInvestigationForEndpointsInput |
bulkReconnectNativeAssets | BulkOpPayloadV2 | Start a job to reconnect taegis endpoints matching the filter criteria in the input. | input: BulkReconnectNativeAssetsInput |
bulkUninstallNativeAssets | BulkOpPayloadV2 | Start a job to uninstall taegis endpoints matching the filter criteria in the input. | input: BulkUninstallNativeAssetsInput |
UpdateTagsForEndpointInputV2🔗
Description: Describes the input for the updateTagsForEndpoint mutation.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
endpointId | ID | The unique identifier for the endpoint. | |
tags | KVTagInputV2 | The tags to add to the endpoint. |
KVTagInputV2🔗
Description: Is the key/value format tag input to the asset tagging mutations.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
key | String | The key for the tag. | |
value | String | The value for the tag. |
BulkOpPayloadV2🔗
Description: Describes the input for the bulkUpdateTagsForEndpoints mutation.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
id | ID | The unique identifier for the task. | |
status | BulkOpStatusV2 | The status of the task. |
TaskInfoPayload🔗
Description: Describes the task info payload.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
id | ID | The unique identifier for the task. | |
status | BulkOpStatusV2 | The status of the task. | |
metadata | TaskInfoMetadata | The metadata for the task. |
BulkUpdateTagsForEndpointsInputV2🔗
Description: Describes the input for the bulkUpdateTagsForEndpoints mutation.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
filter | AssetFilter | The filter to select the assets to update the tags for. | |
tags | KVTagInputV2 | The tags to add to the assets. |
BulkDeleteTagsForEndpointsInputV2🔗
Description: Describes the input for the bulkDeleteTagsForEndpoints mutation.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
filter | AssetFilter | The filter to select the assets to delete the tags from. | |
tagKeys | String | The tags to delete from the assets. |
TaskInfoMetadata🔗
Description: Describes the TaskInfoMetadata.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
numEndpoints | Int | The number of endpoints that were processed. | |
numSucceeded | Int | The number of endpoints that succeeded. | |
numFailed | Int | The number of endpoints that failed. | |
syncSucceeded | Boolean | The number of sync that succeeded. |
DeleteAssetsInputV2🔗
Description: Describes the input for the DeleteAssets.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
filter | AssetFilter | The filter to select the assets to delete. |
RestoreAssetsInputV2🔗
Description: Describes the input for the RestoreAssets.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
filter | AssetFilter | The filter to select the assets to restore. |
BulkOpStatusV2🔗
Description: Represents the possible states of a mutation.
AssetsExportOutputV2🔗
Description: Describes the output for the asset export query.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
columnDef | String | the names of the columns. | |
rows | String | rows returned. | |
totalCount | Int | total number returned. | |
pageInfo | PageInfoV2 | The pagination information. |
AssignBulkAssetsToGroupInput🔗
Description: Describes the input for the bulkReconnectNativeAssets mutation.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
groupId | String | The group ID to assign to the assets. | |
filter | AssetFilter | The filter to select the assets to assign to the group. |
AssignBulkAssetsToInvestigationInput🔗
Description: Describes the input for the bulkReconnectNativeAssets mutation.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
investigationId | String | The investigation ID to assign to the assets. | |
filter | AssetFilter | The filter to select the assets to assign to the investigation. |
BulkDeleteInvestigationForEndpointsInput🔗
Description: Describes the input for the bulkReconnectNativeAssets mutation.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
filter | AssetFilter | The filter to select the assets to delete the investigation from. | |
investigationId | String | The investigation ID to delete from the assets. |
BulkReconnectNativeAssetsInput🔗
Description: Describes the input for the bulkReconnectNativeAssets mutation.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
where | AssetWhereInputV2 | The filter to select the assets to reconnect. | |
reason | String | The reason for the reconnect. |
BulkUninstallNativeAssetsInput🔗
Description: Describes the input for the bulkUninstallNativeAssets mutation.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
filter | AssetFilter | The filter to select the assets to delete the investigation from. | |
where | AssetWhereInputV2 | The filter to select the assets to uninstall. | |
reason | String | The reason for the uninstall. | |
agentCount | Int | The expected number of agents to uninstall. |
Time🔗
Description: The default time implementation for this library.
AssetWhereInputV2🔗
Description: Allows for grouping filter operators logically with AND/OR to run arbitrarily complex queries. Queries cannot be nested greater than five levels deep. Any input value supplied as null, while allowed, is not supported. We make no guarantees of the validity of results for explicitly null inputs. Fields with contains queries will return results that contain the providedsubstring anywhere in the source's string. contains queries can also take a user defined wildcard pattern where the *
character is the wildcard. For example hostname_contains: "123"
will return results that have "123" anywhere in the hostname. hostname_contains: "12*3"
will return results for hostnames that start with 1, then a 2, then any other character zero or more times, and end with the number 3.
Fields🔗
Field | Type | Description | Arguments |
---|---|---|---|
and | AssetWhereInputV2 | ||
or | AssetWhereInputV2 | ||
not | AssetWhereInputV2 | ||
id | ID | ||
agentSettingID | String | ||
agentSettingID_contains | String | ||
agentSettingID_autocomplete | String | ||
cloudInstanceId | String | ||
cloudInstanceId_contains | String | ||
cloudInstanceId_autocomplete | String | ||
connectionStatus | String | ||
createdAt | Time | ||
createdAt_lt | Time | ||
createdAt_lte | Time | ||
createdAt_gt | Time | ||
createdAt_gte | Time | ||
desiredIsolationStatus | String | ||
groupName | String | ||
groupName_contains | String | ||
groupName_autocomplete | String | ||
hostId | String | ||
hostId_contains | String | ||
hostId_autocomplete | String | ||
hostname | String | ||
hostname_contains | String | ||
hostname_autocomplete | String | ||
investigationId | String | ||
investigationId_contains | String | ||
investigationId_autocomplete | String | ||
ipAddress | String | ||
ipAddress_contains | String | ||
ipAddress_autocomplete | String | ||
isolationStatus | String | ||
lastSeenAt | Time | ||
lastSeenAt_lt | Time | ||
lastSeenAt_lte | Time | ||
lastSeenAt_gt | Time | ||
lastSeenAt_gte | Time | ||
macAddress | String | ||
macAddress_contains | String | ||
macAddress_autocomplete | String | ||
osDistributor | String | ||
osFamily | String | ||
osVersion | String | ||
osVersionNormalized | String | ||
osVersionNormalized_contains | String | ||
osVersionNormalized_autocomplete | String | ||
sensorVersion | String | ||
systemType | String | ||
tags | TagWhereInputV2 | ||
tags_contains | TagWhereInputV2 | ||
tags_autocomplete | TagWhereInputV2 | ||
unInstallable | Boolean | ||
updatedAt | Time | ||
updatedAt_lt | Time | ||
updatedAt_lte | Time | ||
updatedAt_gt | Time | ||
updatedAt_gte | Time | ||
username | String | ||
username_contains | String | ||
username_autocomplete | String | ||
vulnerabilityStatus | String | ||
vulnerabilityStatus_contains | String | ||
vulnerabilityStatus_autocomplete | String |