Skip to main content

Infinipoint

This Integration is part of the Infinipoint Pack.#

Configure Infinipoint in Cortex#

ParameterDescriptionRequired
access_keyAccess KeyTrue
private_keyPrivate KeyTrue
isFetchFetch incidentsFalse
incident_typeIncident type - event, alertFalse
max_fetchMaximum number of incidents per fetchFalse
first_fetchFirst fetch timeFalse
insecureTrust any certificate (not secure)False
proxyUse system proxy settingsFalse
incidentTypeIncident typeFalse

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

infinipoint-get-vulnerable-devices#


Get Vulnerable Devices

Base Command#

infinipoint-get-vulnerable-devices

Input#

Argument NameDescriptionRequired
device_osThe device operating system, e.g. Ubutnu, Amazon Linux AMI, CentOS, etcOptional
device_riskDevice risk scoreOptional

Context Output#

PathTypeDescription
Infinipoint.Vulnerability.Devices.$deviceStringInfinipoint device ID
Infinipoint.Vulnerability.Devices.$hostStringHostname
Infinipoint.Vulnerability.Devices.cve_idUnknownCVE id
Infinipoint.Vulnerability.Devices.device_riskNumberDevice risk level
Infinipoint.Vulnerability.Devices.device_risk_typeNumberDevice risk type
Infinipoint.Vulnerability.Devices.software_nameUnknownVulnerabilities software name
Infinipoint.Vulnerability.Devices.vulnerability_countNumberVulnerabilities count

Command Example#

!infinipoint-get-vulnerable-devices device_risk=3

Context Example#

{
"Infinipoint": {
"Vulnerability": {
"Devices": [
{
"$device": "XXXX-XXXX-XXXX-XXXX-XXXX",
"$host": "ubuntu-test",
"cve_id": null,
"device_risk": 10,
"device_risk_type": 4,
"mac_address": "-",
"os_name": "Ubuntu",
"platform": "ubuntu",
"software_name": null,
"vulnerability_count": 245
},
{
"$device": "XXXX-XXXX-YYYY-XXXX-YYYY",
"$host": "DESKTOP-test",
"cve_id": null,
"device_risk": 6.34,
"device_risk_type": 3,
"mac_address": "-",
"os_name": "Microsoft Windows 10 Enterprise Evaluation",
"platform": "windows",
"software_name": null,
"vulnerability_count": 83
}
]
}
}
}

Human Readable Output#

Results#

$device$hostcve_iddevice_riskdevice_risk_typemac_addressos_nameplatformsoftware_namevulnerability_count
XXXX-XXXX-XXXX-XXXX-XXXXOSX-Machine104-Mac OS X 10.15.3darwin103
XXXX-XXXX-XXXX-XXXX-YYYYubuntu104-Ubuntuubuntu245
XXXX-XXXX-XXXX-XXXX-WWWWDESKTOP-Machine6.343-Microsoft Windows 10 Enterprise Evaluationwindows83

infinipoint-get-assets-programs#


infinipoint get assets programs

Base Command#

infinipoint-get-assets-programs

Input#

Argument NameDescriptionRequired
nameSoftware name, e.g. VMwareOptional
publisherSoftware publisher name, e.g. Microsoft CorporationOptional
versionSoftware version, e.g. 12.0.21005Optional

Context Output#

PathTypeDescription
Infinipoint.Assets.Programs.items.$deviceStringInfinipoint device ID
Infinipoint.Assets.Programs.items.$hostStringHostname
Infinipoint.Assets.Programs.items.$timeNumberTimestamp
Infinipoint.Assets.Programs.items.$typeStringAssets type
Infinipoint.Assets.Programs.items.nameStringPrograms name
Infinipoint.Assets.Programs.items.os_typeStringOS type - 1 = Windows, 2 = Linux, 4 = macOS
Infinipoint.Assets.Programs.items.program_existsStringSoftware exists on disk
Infinipoint.Assets.Programs.items.publisherStringSoftware publisher name
Infinipoint.Assets.Programs.items.versionStringSoftware version
Infinipoint.Assets.Programs.items.install_update_dateDateInstall update date
Infinipoint.Assets.Programs.itemsTotalNumberTotal software

Command Example#

!infinipoint-get-assets-programs name="VMware"

Context Example#

{
"Infinipoint": {
"Assets": {
"Programs": [
{
"$device": "XXXX-XXXX-XXXX-XXXX-XXXX",
"$host": "ubuntu-VM",
"$time": "2020-08-04T10:30:37+00:00",
"$type": "csv",
"name": "xserver-xorg-video-vmware-hwe-18.04",
"os_type": "2",
"program_exists": "",
"publisher": "",
"version": "1:13.3.0-2build1~18.04.1"
},
{
"$device": "XXXX-XXXX-XXXX-XXXX-YYYY",
"$host": "DESKTOP-VM",
"$time": "2020-07-13T10:52:59+00:00",
"$type": "csv",
"install_update_date": "2020-05-21",
"name": "VMware Tools",
"os_type": "1",
"program_exists": "Found On Disk",
"publisher": "VMware, Inc.",
"version": "11.0.5.15389592"
}
]
}
}
}

Human Readable Output#

Results#

$device$host$time$typenameos_typeprogram_existspublisherversion
XXXX-XXXX-XXXX-XXXX-XXXXubuntu-VM2020-07-20T09:13:31+00:00csvxserver-xorg-video-vmware-hwe-18.0421:13.3.0-2build1~18.04.1
XXXX-XXXX-XXXX-XXXX-YYYYubuntu-VM2020-08-04T10:30:37+00:00csvxserver-xorg-video-vmware-hwe-18.0421:13.3.0-2build1~18.04.1
XXXX-XXXX-XXXX-XXXX-ZZZZDESKTOP-VM2020-07-13T10:52:59+00:00csvVMware Tools1Found On DiskVMware, Inc.11.0.5.15389592

infinipoint-get-cve#


infinipoint get cve

Base Command#

infinipoint-get-cve

Input#

Argument NameDescriptionRequired
cve_idcve id, e.g. CVE-2020-1301Required

Context Output#

PathTypeDescription
Infinipoint.Cve.Details.campaign_intelligence.aptStringapt
Infinipoint.Cve.Details.campaign_intelligence.descriptionStringCVE description
Infinipoint.Cve.Details.campaign_intelligence.targeted_countriesStringCVE targeted countries
Infinipoint.Cve.Details.campaign_intelligence.targeted_industriesStringCVE targeted industries
Infinipoint.Cve.Details.cve_descriptionStringCVE description
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.ac_insuf_infoStringac insuf info
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.access_vectorStringaccess vector
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.attack_complexityStringattack complexity
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.authenticationStringauthentication
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.availability_impactStringavailability impact
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.base_scoreStringbase score
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.confidentiality_impactStringconfidentiality impact
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.exploitability_scoreStringexploitability score
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.impact_scoreStringimpact score
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.Stringintegrity impact
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.obtain_all_privilegeStringobtain all privilege
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.obtain_other_privilegeStringobtain other privilege
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.obtain_user_privilegeStringobtain user privilege
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.severityStringseverity
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.user_interaction_requiredStringuser interaction required
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.vector_stringStringvector string
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.attack_complexityStringattack complexity
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.attack_vectorStringattack vector
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.availability_impactStringavailability impact
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.base_scoreStringbase score
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.base_severityStringbase severity
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.confidentiality_impactStringconfidentiality impact
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.exploitability_scoreStringexploitability score
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.impact_scoreStringimpact score
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.integrity_impactStringintegrity impact
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.privileges_requiredStringprivileges required
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.scopeStringscope
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.user_interactionStringuser interaction
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.vector_stringStringvector string
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.attack_complexityStringattack complexity
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.campaignsNumbercampaigns
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.device_countNumberdevice count
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.exploitability_riskStringexploitability risk
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.exploitsNumberexploits
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.risk_labelStringrisk label
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.risk_levelNumberrisk level
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.risk_typeNumberrisk type
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.trends_levelStringtrends level
Infinipoint.Cve.Details.cve_idStringcve id
Infinipoint.Cve.Details.cwe_descriptionStringcwe description
Infinipoint.Cve.Details.cwe_idStringcwe id
Infinipoint.Cve.Details.devices.$deviceStringInfinipoint device ID
Infinipoint.Cve.Details.devices.device_name_stringStringDevice name
Infinipoint.Cve.Details.devices.device_osStringDevice OS
Infinipoint.Cve.Details.devices.device_riskNumberDevice risk
Infinipoint.Cve.Details.devices.map_idStringInfinipoint map id
Infinipoint.Cve.Details.devices.vulnerableProductStringVulnerable product
Infinipoint.Cve.Details.devices.vulnerableVersionStringVulnerable Version
Infinipoint.Cve.Details.scan_dateUnknownscan date
Infinipoint.Cve.Details.software_list.cpe_name_stringStringcpe name string
Infinipoint.Cve.Details.software_list.cpe_typeStringcpe type
Infinipoint.Cve.Details.top_devices.$deviceStringInfinipoint device ID
Infinipoint.Cve.Details.top_devices.device_name_stringStringDevice name
Infinipoint.Cve.Details.top_devices.device_osStringDevice OS
Infinipoint.Cve.Details.top_devices.device_riskNumberDevice risk
Infinipoint.Cve.Details.top_devices.map_idStringInfinipoint map id
Infinipoint.Cve.Details.top_devices.vulnerableProductStringVulnerable product
Infinipoint.Cve.Details.top_devices.vulnerableVersionStringVulnerable version

Command Example#

!infinipoint-get-cve cve_id="CVE-2020-9859"

Context Example#

{
"CVE": {
"CVSS": "7.2",
"Description": "A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.",
"ID": "CVE-2020-9859"
},
"DBotScore": {
"Indicator": "CVE-2020-9859",
"Score": 0,
"Type": "cve",
"Vendor": null
},
"Infinipoint": {
"Cve": {
"Details": {
"campaign_intelligence": [
{
"apt": "Publicly Available Exploit",
"description": "The zero-day vulnerability tracked as CVE-2020-9859 is exploited by the Unc0ver jailbreak tool ",
"targeted_countries": [
""
],
"targeted_industries": [
""
]
}
],
"cve_description": "A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.",
"cve_dynamic_data": {
"base_metric_v2": {
"ac_insuf_info": "False",
"access_vector": "LOCAL",
"attack_complexity": "LOW",
"authentication": "NONE",
"availability_impact": "COMPLETE",
"base_score": "7.2",
"confidentiality_impact": "COMPLETE",
"exploitability_score": "3.9",
"impact_score": "10.0",
"integrity_impact": "COMPLETE",
"obtain_all_privilege": "False",
"obtain_other_privilege": "False",
"obtain_user_privilege": "False",
"severity": "HIGH",
"user_interaction_required": "False",
"vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C"
},
"base_metric_v3": {
"attack_complexity": "LOW",
"attack_vector": "LOCAL",
"availability_impact": "HIGH",
"base_score": "7.8",
"base_severity": "HIGH",
"confidentiality_impact": "HIGH",
"exploitability_score": "1.8",
"impact_score": "5.9",
"integrity_impact": "HIGH",
"privileges_required": "LOW",
"scope": "UNCHANGED",
"user_interaction": "NONE",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
"infinipoint_base_metric": {
"attack_complexity": "10",
"campaigns": 1,
"device_count": 1,
"exploitability_risk": "3.9",
"exploits": 1,
"risk_label": "Critical",
"risk_level": 10,
"risk_type": 4,
"trends_level": "10"
}
},
"cve_id": "CVE-2020-9859",
"cwe_description": "Uncontrolled Resource Consumption (Resource Exhaustion)",
"cwe_id": "CWE-400",
"devices": [
{
"$device": "XXXX-XXXX-XXXX-XXXX-YYYY",
"device_name_string": "OSX-Machine",
"device_os": "Mac OS X 10.15.3",
"device_risk": 10,
"is_managed": true,
"map_id": "XXXX-XXXX-XXXX-XXXX-YYYY",
"vulnerableProduct": "Mac OS X 10.15.3",
"vulnerableVersion": "Mac OS X 10.15.3"
}
],
"scan_date": null,
"software_list": [
{
"cpe_name_string": "Mac OS X 10.15.3 10.15.3",
"cpe_strings": [],
"cpe_type": "OS_ONLY"
}
],
"top_devices": [
{
"$device": "XXXX-XXXX-XXXX-XXXX-YYYY",
"device_name_string": "OSX-Machine",
"device_os": "Mac OS X 10.15.3",
"device_risk": 10,
"is_managed": true,
"map_id": "XXXX-XXXX-XXXX-XXXX-YYYY",
"vulnerableProduct": "Mac OS X 10.15.3",
"vulnerableVersion": "Mac OS X 10.15.3"
}
]
}
}
}
}

Human Readable Output#

Results#

campaign_intelligencecve_descriptioncve_dynamic_datacve_idcwe_descriptioncwe_iddevicesscan_datesoftware_listtop_devices
{'apt': 'Publicly Available Exploit', 'description': 'The zero-day vulnerability tracked as CVE-2020-9859 is exploited by the Unc0ver jailbreak tool ', 'targeted_countries': [''], 'targeted_industries': ['']}A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.infinipoint_base_metric: {"device_count": 1, "risk_level": 10, "attack_complexity": "10", "campaigns": 1, "exploits": 1, "trends_level": "10", "exploitability_risk": "3.9", "risk_label": "Critical", "risk_type": 4}
base_metric_v2: {"vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "access_vector": "LOCAL", "attack_complexity": "LOW", "authentication": "NONE", "confidentiality_impact": "COMPLETE", "integrity_impact": "COMPLETE", "availability_impact": "COMPLETE", "base_score": "7.2", "severity": "HIGH", "exploitability_score": "3.9", "impact_score": "10.0", "ac_insuf_info": "False", "obtain_all_privilege": "False", "obtain_other_privilege": "False", "obtain_user_privilege": "False", "user_interaction_required": "False"}
base_metric_v3: {"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attack_vector": "LOCAL", "attack_complexity": "LOW", "privileges_required": "LOW", "user_interaction": "NONE", "scope": "UNCHANGED", "confidentiality_impact": "HIGH", "integrity_impact": "HIGH", "availability_impact": "HIGH", "base_score": "7.8", "base_severity": "HIGH", "exploitability_score": "1.8", "impact_score": "5.9"}
CVE-2020-9859Uncontrolled Resource Consumption (Resource Exhaustion)CWE-400{'$device': 'XXXX-XXXX-XXXX-XXXX-YYYY', 'device_name_string': 'OSX-Machine', 'vulnerableProduct': 'Mac OS X 10.15.3', 'vulnerableVersion': 'Mac OS X 10.15.3', 'device_risk': 10, 'map_id': 'XXXX-XXXX-XXXX-XXXX-YYYY', 'device_os': 'Mac OS X 10.15.3', 'is_managed': True}{'cpe_name_string': 'Mac OS X 10.15.3 10.15.3', 'cpe_type': 'OS_ONLY', 'cpe_strings': []}{'$device': 'XXXX-XXXX-XXXX-XXXX-YYYY', 'device_name_string': 'OSX-Machine', 'vulnerableProduct': 'Mac OS X 10.15.3', 'vulnerableVersion': 'Mac OS X 10.15.3', 'device_risk': 10, 'map_id': 'XXXX-XXXX-XXXX-XXXX-YYYY', 'device_os': 'Mac OS X 10.15.3', 'is_managed': True}

infinipoint-get-device#


get device

Base Command#

infinipoint-get-device

Input#

Argument NameDescriptionRequired
hosthostname, e.g. DESKTOP-CIK123Optional
osTypechoose a OS type - 1 = Windows | 2 = Linux | 4 = macOSOptional
osNameDevice operating system full name e.g. windows-10.0.18363.836Optional
statusDevice current status:- 0 = Offline | 1 = OnlineOptional
agentVersionInfinipoint agent version, e.g. 3.200.10.0Optional

Context Output#

PathTypeDescription
Infinipoint.Devices.agentVersionStringInfinipoint agent version
Infinipoint.Devices.clientTypeNumberClient type
Infinipoint.Devices.discoveryIdStringInfinipoint discovery id
Infinipoint.Devices.domainStringDomin name
Infinipoint.Devices.edgeNumberInfinipoint edge
Infinipoint.Devices.ftDidRespondNumberftDidRespond
Infinipoint.Devices.ftIsSuccessfulNumberftIsSuccessful
Infinipoint.Devices.ftResultStringftResult
Infinipoint.Devices.gatewayIpNumberGetway IP
Infinipoint.Devices.gatewayMACAddressDateGateway MAC Address
Infinipoint.Devices.hostStringhostname
Infinipoint.Devices.idStringInfinipoint device id
Infinipoint.Devices.ipNumberIP address
Infinipoint.Devices.lastSeenDateLast Seen device
Infinipoint.Devices.macAddressStringMAC Address
Infinipoint.Devices.networkIdNumberInfinipoint network ID
Infinipoint.Devices.networks.aliasStringNetworks alias
Infinipoint.Devices.networks.cidrStringcidr
Infinipoint.Devices.networks.gatewayIpNumberGateway IP
Infinipoint.Devices.networks.gatewayMACAddressDateGateway MACAddress
Infinipoint.Devices.osNameStringOS name
Infinipoint.Devices.osTypeNumberOS Type
Infinipoint.Devices.policyVersionStringInfinipoint policy version
Infinipoint.Devices.productTypeStringProduct type
Infinipoint.Devices.regDateDateRegister date
Infinipoint.Devices.statusNumberInfinipoint Device status
Infinipoint.Devices.statusCodeUnknownInfinipoint status Code
Infinipoint.Devices.statusDescriptionUnknownInfinipoint status Description
Infinipoint.Devices.supportIdUnknownInfinipoint support Id
Infinipoint.Devices.tags.colorStringTag color
Infinipoint.Devices.tags.nameStringTag name
Infinipoint.Devices.tags.tagIdStringInfinipoint Tag ID
Infinipoint.Devices.uniqueHostnameStringInfinipoint unique Hostname

Command Example#

!infinipoint-get-device osType=1

Context Example#

{
"Infinipoint": {
"Devices": {
"agentVersion": "3.200.20.0",
"clientType": 0,
"discoveryId": "",
"domain": "WORKGROUP",
"edge": true,
"ftDidRespond": false,
"ftIsSuccessful": false,
"ftResult": "",
"gatewayIp": -10000001,
"gatewayMACAddress": "00:50:56:00:00:00",
"host": "DESKTOP-U0QSLQ8",
"id": "XXXX-XXXX-XXXX-XXXX-YYYY",
"ip": -10000001,
"lastSeen": "2020-07-13T11:06:06.632976Z",
"macAddress": "00:0C:29:BB:74:92",
"networkAlias": "GCP",
"networkId": 5866697,
"networks": [
{
"alias": "GCP",
"cidr": "192.1.1.0/24",
"gatewayIp": -10000001,
"gatewayMACAddress": "00:50:56:00:00:00"
}
],
"osName": "windows-10.0.17763.1282",
"osType": 1,
"policyVersion": "1.0.0",
"productType": "Work Station",
"regDate": "2020-07-13T09:46:43.385267Z",
"status": 0,
"statusCode": null,
"statusDescription": null,
"supportId": null,
"tags": [
{
"color": "fefb08",
"name": "et",
"tagId": "XXXX-XXXX-XXXX-XXXX-YYYY"
}
],
"uniqueHostname": "DESKTOP-U0QSLQ8-xkp"
}
}
}

Human Readable Output#

Results#

agentVersionclientTypediscoveryIddomainedgeftDidRespondftIsSuccessfulftResultgatewayIpgatewayMACAddresshostidiplastSeenmacAddressnetworkAliasnetworkIdnetworksosNameosTypepolicyVersionproductTyperegDatestatusstatusCodestatusDescriptionsupportIdtagsuniqueHostname
3.200.20.00WORKGROUPtruefalsefalse-106267110200:50:56:00:00:00DESKTOP-VMXXXX-XXXX-XXXX-XXXX-YYYY-100000012020-07-13T11:06:06.632976Z00:0C:29:BB:74:92GCP5866697{'alias': 'GCP', 'cidr': '192.1.1.0/24', 'gatewayIp': -100000001, 'gatewayMACAddress': '00:50:56:00:00:00'}windows-10.0.17763.128211.0.0Work Station2020-07-13T09:46:43.385267Z0{'color': 'fefb08', 'name': 'et', 'tagId': 'XXXX-XXXX-XXXX-XXXX-YYYY'}DESKTOP-VM-xkp

infinipoint-get-tag#


get tag

Base Command#

infinipoint-get-tag

Input#

Argument NameDescriptionRequired
nameTag name, e.g. it-department-tagOptional

Context Output#

PathTypeDescription
Infinipoint.Tags.colorStringTag color
Infinipoint.Tags.countNumberAmount of devices under tag
Infinipoint.Tags.descriptionStringTag description
Infinipoint.Tags.nameStringTag name
Infinipoint.Tags.tagIdStringInfinipoint tag id
Infinipoint.Tags.typeNumberTag type

Command Example#

!infinipoint-get-tag name=et

Context Example#

{
"Infinipoint": {
"Tags": {
"color": "fefb08",
"count": 1,
"description": "et",
"name": "et",
"tagId": "XXXX-XXXX-XXXX-XXXX-YYYY",
"type": 0
}
}
}

Human Readable Output#

Results#

colorcountdescriptionnametagIdtype
fefb081etet6d0b5156-eb2d-4b28-9c7c-3cb6e80f2cfb0

infinipoint-get-networks#


get networks

Base Command#

infinipoint-get-networks

Input#

Argument NameDescriptionRequired
alias, e.g. officenetwork alias nameOptional
cidrcidr, e.g. 10.65.0.1/16Optional

Context Output#

PathTypeDescription
Infinipoint.Networks.Info.aliasStringAlias name
Infinipoint.Networks.Info.cidrStringCidr
Infinipoint.Networks.Info.cityUnknownCity
Infinipoint.Networks.Info.countryUnknownCountry
Infinipoint.Networks.Info.cronExpressionStringCron Expression
Infinipoint.Networks.Info.dnsNameStringDNS name
Infinipoint.Networks.Info.externalIpNumberExternal ip
Infinipoint.Networks.Info.firstSeenDateDate first seen
Infinipoint.Networks.Info.floorUnknownfloor
Infinipoint.Networks.Info.gatewayIpNumbergateway IP
Infinipoint.Networks.Info.gatewayMacAddressStringgateway MAC Address
Infinipoint.Networks.Info.ipNumberIP address
Infinipoint.Networks.Info.ipSubnetMaskNumberIP subnet mask
Infinipoint.Networks.Info.lastRunDateLast scan Run
Infinipoint.Networks.Info.lastSeenDateLast Seen
Infinipoint.Networks.Info.latitudeUnknownLatitude
Infinipoint.Networks.Info.longitudeUnknownLongitude
Infinipoint.Networks.Info.managedCountNumbermanaged devices count
Infinipoint.Networks.Info.nameStringNetwork name
Infinipoint.Networks.Info.networkIdNumberInfinipoint network ID
Infinipoint.Networks.Info.nextRunDateNext scan
Infinipoint.Networks.Info.onPremNumberOnPrem
Infinipoint.Networks.Info.roomUnknownroom
Infinipoint.Networks.Info.scheduleStatusNumberinfinipoint Schedule Status
Infinipoint.Networks.Info.stateUnknownstate
Infinipoint.Networks.Info.streetUnknownstreet
Infinipoint.Networks.Info.typeNumberType
Infinipoint.Networks.Info.unmanagedCountNumberUnmanaged devices count

Command Example#

!infinipoint-get-networks alias=GCP

Context Example#

{
"Infinipoint": {
"Networks": {
"Info": {
"alias": "GCP",
"cidr": "192.0.0.0/24",
"city": null,
"country": null,
"cronExpression": "",
"dnsName": "",
"externalIp": 0,
"firstSeen": "2020-07-13T09:46:43.376984Z",
"floor": "",
"gatewayIp": -10000001,
"gatewayMacAddress": "00:50:56:00:00:00",
"hidden": false,
"ip": 0,
"ipSubnetMask": 0,
"lastRun": "1970-01-01T00:00:00Z",
"lastSeen": "2020-08-09T14:13:47.084573Z",
"latitude": null,
"longitude": null,
"managedCount": 3,
"name": "",
"networkId": 5866697,
"nextRun": "1970-01-01T00:00:00Z",
"onPrem": false,
"room": "",
"scheduleStatus": 3,
"state": null,
"street": null,
"type": 0,
"unmanagedCount": 0
}
}
}
}

Human Readable Output#

Results#

aliascidrcitycountrycronExpressiondnsNameexternalIpfirstSeenfloorgatewayIpgatewayMacAddresshiddenipipSubnetMasklastRunlastSeenlatitudelongitudemanagedCountnamenetworkIdnextRunonPremroomscheduleStatusstatestreettypeunmanagedCount
GCP192.1.1.0/2402020-07-13T09:46:43.376984Z-106267110200:50:56:F9:90:54false001970-01-01T00:00:00Z2020-08-09T14:13:47.084573Z358666971970-01-01T00:00:00Zfalse300

infinipoint-get-assets-devices#


get assets hardware

Base Command#

infinipoint-get-assets-devices

Input#

Argument NameDescriptionRequired
hosthostname, e.g. DESKTOP-CIK123Optional
os_typechoose a OS type - 1 = Windows | 2 = Linux | 4 = macOSOptional

Context Output#

PathTypeDescription
Infinipoint.Assets.Hardware.$deviceStringInfinipoint device ID
Infinipoint.Assets.Hardware.$hostStringhostname
Infinipoint.Assets.Hardware.$timeNumberTimestamp
Infinipoint.Assets.Hardware.$typeStringAssets type
Infinipoint.Assets.Hardware.cpu_brandStringCPU brand
Infinipoint.Assets.Hardware.cpu_logical_coresStringCPU logical cores
Infinipoint.Assets.Hardware.cpu_physical_coresStringCPU physical cores
Infinipoint.Assets.Hardware.hardware_modelStringHardware model
Infinipoint.Assets.Hardware.hardware_serialStringHardware serial
Infinipoint.Assets.Hardware.hardware_vendorStringHardware vendor
Infinipoint.Assets.Hardware.kernel_versionStringKernel version
Infinipoint.Assets.Hardware.os_buildStringOS build
Infinipoint.Assets.Hardware.os_nameStringOS name
Infinipoint.Assets.Hardware.os_patch_versionStringOS patch version
Infinipoint.Assets.Hardware.os_typeStringinfinipint OS type
Infinipoint.Assets.Hardware.os_versionStringOS version
Infinipoint.Assets.Hardware.physical_memoryStringPhysical memory
Infinipoint.Assets.Hardware.platformStringPlatform
Infinipoint.Assets.Hardware.userStringLast logged in user

Command Example#

!infinipoint-get-assets-devices os_type="1"

Context Example#

{
"Infinipoint": {
"Assets": {
"Hardware": {
"$device": "XXXX-XXXX-XXXX-XXXX-YYYY",
"$host": "DESKTOP-VM",
"$time": "2020-07-13T11:19:57+00:00",
"$type": "csv",
"cpu_brand": "Intel(R) Core(TM) i7-10510U CPU @ 1.80GHz",
"cpu_logical_cores": "2",
"cpu_physical_cores": "1",
"hardware_model": "VMware Virtual Platform",
"hardware_serial": "VMware-56 4d 8c d8 6d 32 31 e2-ed 43 1f 09 ff bb 74 92",
"hardware_vendor": "VMware, Inc.",
"kernel_version": "10.0.17763.1282",
"os_build": "17763",
"os_name": "Microsoft Windows 10 Enterprise Evaluation",
"os_patch_version": "",
"os_type": "1",
"os_version": "10.0.17763",
"physical_memory": "4.0",
"platform": "windows",
"user": "tesst2"
}
}
}
}

Human Readable Output#

Results#

$device$host$time$typecpu_brandcpu_logical_corescpu_physical_coreshardware_modelhardware_serialhardware_vendorkernel_versionos_buildos_nameos_patch_versionos_typeos_versionphysical_memoryplatformuser
22ddf738-7e1c-4f20-a9c7-07620d1f2110DESKTOP-U0QSLQ82020-07-13T11:19:57+00:00csvIntel(R) Core(TM) i7-10510U CPU @ 1.80GHz21VMware Virtual PlatformVMware-56 4d 8c d8 6d 32 31 e2-ed 43 1f 09 ff bb 74 92VMware, Inc.10.0.17763.128217763Microsoft Windows 10 Enterprise Evaluation110.0.177634.0windowstesst2

infinipoint-get-assets-cloud#


get assets cloud

Base Command#

infinipoint-get-assets-cloud

Input#

Argument NameDescriptionRequired
hosthostnameOptional
os_typeOS Type - 1 = Windows | 2 = Linux | 4 = macOSOptional
source"AWS API" | "GCP API"Optional

Context Output#

PathTypeDescription
Infinipoint.Assets.Cloud.$deviceStringInfinipoint device ID
Infinipoint.Assets.Cloud.$hostStringHostname
Infinipoint.Assets.Cloud.$timeNumberTimestamp
Infinipoint.Assets.Cloud.$typeStringAssets type
Infinipoint.Assets.Cloud.cloud_scan_timestampNumbercloud scan timestamp
Infinipoint.Assets.Cloud.cpu_brandStringCPU brand
Infinipoint.Assets.Cloud.cpu_logical_coresStringCPU logical cores
Infinipoint.Assets.Cloud.cpu_physical_coresStringCPU physical cores
Infinipoint.Assets.Cloud.creation_timeStringCreation time
Infinipoint.Assets.Cloud.hardware_modelStringHardware model
Infinipoint.Assets.Cloud.hardware_serialStringHardware serial
Infinipoint.Assets.Cloud.hardware_vendorStringHardware vendor
Infinipoint.Assets.Cloud.instance_idDateInstance id
Infinipoint.Assets.Cloud.instance_stateStringInstance state
Infinipoint.Assets.Cloud.instance_typeStringInstance type
Infinipoint.Assets.Cloud.os_buildStringOS build
Infinipoint.Assets.Cloud.os_nameStringOS name
Infinipoint.Assets.Cloud.os_patch_versionStringOS patch version
Infinipoint.Assets.Cloud.os_typeStringOS type
Infinipoint.Assets.Cloud.physical_memoryStringPhysical memory
Infinipoint.Assets.Cloud.platformStringPlatform
Infinipoint.Assets.Cloud.sourceStringCloud source
Infinipoint.Assets.Cloud.userStringUsername
Infinipoint.Assets.Cloud.zoneStringZone
Infinipoint.Assets.Cloud.open_portsNumberList of open ports

Command Example#

!infinipoint-get-assets-cloud source="GCP API"

Context Example#

{
"Infinipoint": {
"Assets": {
"Cloud": {
"$device": "XXXX-XXXX-XXXX-XXXX-YYYY",
"$host": "ubu-et",
"$time": "2020-07-13T13:19:37+00:00",
"$type": "csv",
"cloud_scan_timestamp": 1594644075,
"cpu_brand": "Intel(R) Xeon(R) CPU @ 2.30GHz",
"cpu_logical_cores": "1",
"cpu_physical_cores": "1",
"hardware_model": "Google Compute Engine",
"hardware_serial": "GoogleCloud-46BCBFA9C0E1789A71BA4A36CAD5E7A0",
"hardware_vendor": "Google",
"instance_id": "10000000001",
"kernel_version": "5.4.0-1019-gcp",
"os_build": "",
"os_name": "Ubuntu",
"os_patch_version": "",
"os_type": "2",
"os_version": "20.04 LTS (Focal Fossa)",
"physical_memory": "4.0",
"platform": "ubuntu",
"source": "GCP API",
"user": "et"
}
}
}
}

Human Readable Output#

Results#

$device$host$time$typecloud_scan_timestampcpu_brandcpu_logical_corescpu_physical_coreshardware_modelhardware_serialhardware_vendorinstance_idkernel_versionos_buildos_nameos_patch_versionos_typeos_versionphysical_memoryplatformsourceuser
a523014f-1612-4b65-90a8-7974b116cb44ubu-et2020-07-13T13:19:37+00:00csv1594644075Intel(R) Xeon(R) CPU @ 2.30GHz11Google Compute EngineGoogleCloud-46BCBFA9C0E1789A71BA4A36CAD5E7A0Google77302833006039504665.4.0-1019-gcpUbuntu220.04 LTS (Focal Fossa)4.0ubuntuGCP APIeturjeman_riscale_com

infinipoint-get-assets-users#


get assets users

Base Command#

infinipoint-get-assets-users

Input#

Argument NameDescriptionRequired
hosthost nameOptional
usernameuser nameOptional

Context Output#

PathTypeDescription
Infinipoint.Assets.User.$deviceStringInfinipoint device ID
Infinipoint.Assets.User.$hostStringhostname
Infinipoint.Assets.User.$timeNumberTimestamp
Infinipoint.Assets.User.$typeStringAssets type
Infinipoint.Assets.User.descriptionStringDescription
Infinipoint.Assets.User.directoryStringUser directory
Infinipoint.Assets.User.usernameStringUsername

Command Example#

!infinipoint-get-assets-users username="et"

Context Example#

{
"Infinipoint": {
"Assets": {
"User": [
{
"$device": "XXXX-XXXX-XXXX-XXXX-YYYY",
"$host": "OSX-Machine",
"$time": "2020-08-05T07:01:49+00:00",
"$type": "csv",
"description": "ET",
"directory": "/Users/et",
"username": "et"
},
{
"$device": "XXXX-XXXX-XXXX-XXXX-ZZZZ",
"$host": "DESKTOP-VM",
"$time": "2020-07-13T10:52:41+00:00",
"$type": "csv",
"description": "",
"directory": "",
"username": "et"
},
{
"$device": "XXXX-XXXX-XXXX-XXXX-QQQQ",
"$host": "ubu-et",
"$time": "2020-07-13T12:42:17+00:00",
"$type": "csv",
"description": "",
"directory": "/home/et",
"username": "et"
}
]
}
}
}

Human Readable Output#

Results#

$device$host$time$typedescriptiondirectoryusername
XXXX-XXXX-XXXX-XXXX-YYYYOSX-Machine2020-08-05T07:01:49+00:00csvSetup User/var/setup_mbsetupuser
XXXX-XXXX-XXXX-XXXX-QQQQDESKTOP-VM2020-07-13T10:52:41+00:00csvet
XXXX-XXXX-XXXX-XXXX-WWWWOSX-VM2020-08-05T07:01:49+00:00csvET/Users/etet
XXXX-XXXX-XXXX-XXXX-EEEEubu-et2020-07-13T12:42:17+00:00csv/home/etet

infinipoint-get-action-results#


get action

Base Command#

infinipoint-get-action-results

Input#

Argument NameDescriptionRequired
action_id, e.g. 9ef2494d-862e-43c8-963c-3587cde75c4dAction id (infinipoint)Required

Context Output#

PathTypeDescription
Infinipoint.Responses.$dataStringTimestamp
Infinipoint.Responses.$deviceStringInfinipoint device ID
Infinipoint.Responses.$hostStringHostname
Infinipoint.Responses.$timeNumberExpoh time
Infinipoint.Responses.$typeStringResponses type

Command Example#

!infinipoint-get-action-results action_id=8761df7a-05fd-4343-8c7e-794bc6d06940

Human Readable Output#

infinipoint-get-queries#


get queries

Base Command#

infinipoint-get-queries

Input#

Argument NameDescriptionRequired
nameQuery name, e.g Windows Logon SessionRequired

Context Output#

PathTypeDescription
Infinipoint.Scripts.Search.aggregationNumberAggregation included
Infinipoint.Scripts.Search.createdOnDateDate query created on
Infinipoint.Scripts.Search.formatNumberQuery format
Infinipoint.Scripts.Search.idStringInfinipoint query id
Infinipoint.Scripts.Search.interpNumberinterp
Infinipoint.Scripts.Search.moduleNumberInfinipoint module
Infinipoint.Scripts.Search.nameStringQuery name
Infinipoint.Scripts.Search.osTypeNumberOS type

Command Example#

!infinipoint-get-queries name=os_version

Context Example#

{
"Infinipoint": {
"Scripts": {
"Search": {
"aggregation": true,
"createdOn": "2020-02-02T09:28:00.500226Z",
"description": "Retrieves information FROM the Operative Systems.",
"format": 2,
"id": "XXXX-XXXX-XXXX-XXXX-YYYY",
"interp": 0,
"module": 4,
"name": "OS versions",
"osType": 7
}
}
}
}

Human Readable Output#

Results#

aggregationcreatedOndescriptionformatidinterpmodulenameosType
true2020-02-02T09:28:00.500226ZRetrieves information FROM the Operative Systems.2XXXX-XXXX-XXXX-XXXX-YYYY04OS versions7

infinipoint-execute-action#


run queries

Base Command#

infinipoint-execute-action

Input#

Argument NameDescriptionRequired
idQuery ID, e.g 9b071f4c-da87-409c-9cd1-59a275e52c9dRequired
targetTarget devices ID,e.g ["4f16532e-AAAAA-4b78-BBBB-946d3d3619ca"]Optional

Context Output#

PathTypeDescription
Infinipoint.Scripts.execute.actionIdStringAction ID
Infinipoint.Scripts.execute.aggColumnsStringAggregation columns
Infinipoint.Scripts.execute.devicesCountNumberAmount of devices
Infinipoint.Scripts.execute.nameStringQuery name

Command Example#

!infinipoint-execute-action id=0b5004ce-0a18-11ea-9a9f-362b9e155667

Context Example#

{
"Infinipoint": {
"Scripts": {
"execute": {
"actionId": "40151026-c5a6-4a3a-92a4-39a0bbee5902",
"aggColumns": [
"Name"
],
"devicesCount": 0,
"name": "User Profile Not In Use (90 days)"
}
}
}
}

Human Readable Output#

Results#

actionIdaggColumnsdevicesCountname
40151026-c5a6-4a3a-92a4-39a0bbee5902Name0User Profile Not In Use (90 days)

infinipoint-get-non-compliance#


get non compliance devices

Base Command#

infinipoint-get-non-compliance

Input#

Argument NameDescriptionRequired
offsetInfinipoint offset - First fetch timeRequired
limitLimit of responsesRequired

Context Output#

PathTypeDescription
Infinipoint.Compliance.Incidents.deviceIDStringInfinipoint device ID
Infinipoint.Compliance.Incidents.eventTimeNumberEvent Time
Infinipoint.Compliance.Incidents.hostnameDatehostname
Infinipoint.Compliance.Incidents.issues.issueIDStringInfinipoint issue ID
Infinipoint.Compliance.Incidents.issues.issueTypeStringIssue Type
Infinipoint.Compliance.Incidents.issues.policyIdxNumberInfinipoint policyIdx
Infinipoint.Compliance.Incidents.issues.refStringInfinipoint ref
Infinipoint.Compliance.Incidents.policyIDStringpolicy ID
Infinipoint.Compliance.Incidents.policyNameStringpolicy name
Infinipoint.Compliance.Incidents.policyVersionNumberpolicy version
Infinipoint.Compliance.Incidents.timestampNumbertimestamp

Command Example#

!infinipoint-get-non-compliance limit=100 offset=0

Human Readable Output#

infinipoint-get-device-details#


get device details

Base Command#

infinipoint-get-device-details

Input#

Argument NameDescriptionRequired
discoveryIddiscovery id, e.g 23eb50e7ceb907975686ba5cebbd3520Required

Context Output#

PathTypeDescription
Infinipoint.Device.Details.$deviceStringInfinipoint device ID
Infinipoint.Device.Details.$typeStringInfo Type
Infinipoint.Device.Details._keyStringInfinipoint key
Infinipoint.Device.Details.archiveNumberInfinipoint archive
Infinipoint.Device.Details.buildingStringbuilding
Infinipoint.Device.Details.classificationStringclassification
Infinipoint.Device.Details.departmentStringdepartment
Infinipoint.Device.Details.emailStringemail
Infinipoint.Device.Details.enroll_dateDateenroll date
Infinipoint.Device.Details.first_seenNumberfirst_seen
Infinipoint.Device.Details.hiddenNumberhidden
Infinipoint.Device.Details.host_name.nameStringhostname
Infinipoint.Device.Details.host_name.valueStringInfinipoint value
Infinipoint.Device.Details.jamf_tagStringjamf tag
Infinipoint.Device.Details.last_report_dateNumberlast report date
Infinipoint.Device.Details.last_seenNumberlast seen
Infinipoint.Device.Details.mac_address.nameStringInfinipoint name
Infinipoint.Device.Details.mac_address.valueStringInfinipoint value
Infinipoint.Device.Details.modelStringInfinipoint model
Infinipoint.Device.Details.name_tagStringInfinipoint name_tag
Infinipoint.Device.Details.os_name.nameStringInfinipoint name
Infinipoint.Device.Details.os_name.valueStringInfinipoint value
Infinipoint.Device.Details.phone_numberStringphone number
Infinipoint.Device.Details.positionStringposition
Infinipoint.Device.Details.providersStringproviders
Infinipoint.Device.Details.roomStringRoom
Infinipoint.Device.Details.serialStringserial
Infinipoint.Device.Details.siteStringsite
Infinipoint.Device.Details.udidStringudid
Infinipoint.Device.Details.unique_idStringunique id
Infinipoint.Device.Details.usernameStringUser name

Command Example#

!infinipoint-get-device-details discoveryId=23eb50e7ceb907975686ba5cebbd3520

Human Readable Output#

infinipoint-get-compliance-status#


get compliance status

Base Command#

infinipoint-get-compliance-status

Input#

Argument NameDescriptionRequired
device_iddevice idRequired

Context Output#

PathTypeDescription
Infinipoint.Compliance.Device.response.complianceNumbercompliance statius - 0 - error, 1 - compliance, 2 - non-compliance
Infinipoint.Compliance.Device.successNumbersuccess

Command Example#

!infinipoint-get-compliance-status device_id=40151026-c5a6-4a3a-92a4-39a0bbee5902

Human Readable Output#