Infinipoint
Infinipoint Pack.#
This Integration is part of the#
Configure Infinipoint in CortexParameter | Description | Required |
---|---|---|
access_key | Access Key | True |
private_key | Private Key | True |
isFetch | Fetch incidents | False |
incident_type | Incident type - event, alert | False |
max_fetch | Maximum number of incidents per fetch | False |
first_fetch | First fetch time | False |
insecure | Trust any certificate (not secure) | False |
proxy | Use system proxy settings | False |
incidentType | Incident type | False |
#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
infinipoint-get-vulnerable-devicesGet Vulnerable Devices
#
Base Commandinfinipoint-get-vulnerable-devices
#
InputArgument Name | Description | Required |
---|---|---|
device_os | The device operating system, e.g. Ubutnu, Amazon Linux AMI, CentOS, etc | Optional |
device_risk | Device risk score | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Vulnerability.Devices.$device | String | Infinipoint device ID |
Infinipoint.Vulnerability.Devices.$host | String | Hostname |
Infinipoint.Vulnerability.Devices.cve_id | Unknown | CVE id |
Infinipoint.Vulnerability.Devices.device_risk | Number | Device risk level |
Infinipoint.Vulnerability.Devices.device_risk_type | Number | Device risk type |
Infinipoint.Vulnerability.Devices.software_name | Unknown | Vulnerabilities software name |
Infinipoint.Vulnerability.Devices.vulnerability_count | Number | Vulnerabilities count |
#
Command Example!infinipoint-get-vulnerable-devices device_risk=3
#
Context Example#
Human Readable Output#
Results
$device $host cve_id device_risk device_risk_type mac_address os_name platform software_name vulnerability_count XXXX-XXXX-XXXX-XXXX-XXXX OSX-Machine 10 4 - Mac OS X 10.15.3 darwin 103 XXXX-XXXX-XXXX-XXXX-YYYY ubuntu 10 4 - Ubuntu ubuntu 245 XXXX-XXXX-XXXX-XXXX-WWWW DESKTOP-Machine 6.34 3 - Microsoft Windows 10 Enterprise Evaluation windows 83
#
infinipoint-get-assets-programsinfinipoint get assets programs
#
Base Commandinfinipoint-get-assets-programs
#
InputArgument Name | Description | Required |
---|---|---|
name | Software name, e.g. VMware | Optional |
publisher | Software publisher name, e.g. Microsoft Corporation | Optional |
version | Software version, e.g. 12.0.21005 | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Assets.Programs.items.$device | String | Infinipoint device ID |
Infinipoint.Assets.Programs.items.$host | String | Hostname |
Infinipoint.Assets.Programs.items.$time | Number | Timestamp |
Infinipoint.Assets.Programs.items.$type | String | Assets type |
Infinipoint.Assets.Programs.items.name | String | Programs name |
Infinipoint.Assets.Programs.items.os_type | String | OS type - 1 = Windows, 2 = Linux, 4 = macOS |
Infinipoint.Assets.Programs.items.program_exists | String | Software exists on disk |
Infinipoint.Assets.Programs.items.publisher | String | Software publisher name |
Infinipoint.Assets.Programs.items.version | String | Software version |
Infinipoint.Assets.Programs.items.install_update_date | Date | Install update date |
Infinipoint.Assets.Programs.itemsTotal | Number | Total software |
#
Command Example!infinipoint-get-assets-programs name="VMware"
#
Context Example#
Human Readable Output#
Results
$device $host $time $type name os_type program_exists publisher version XXXX-XXXX-XXXX-XXXX-XXXX ubuntu-VM 2020-07-20T09:13:31+00:00 csv xserver-xorg-video-vmware-hwe-18.04 2 1:13.3.0-2build1~18.04.1 XXXX-XXXX-XXXX-XXXX-YYYY ubuntu-VM 2020-08-04T10:30:37+00:00 csv xserver-xorg-video-vmware-hwe-18.04 2 1:13.3.0-2build1~18.04.1 XXXX-XXXX-XXXX-XXXX-ZZZZ DESKTOP-VM 2020-07-13T10:52:59+00:00 csv VMware Tools 1 Found On Disk VMware, Inc. 11.0.5.15389592
#
infinipoint-get-cveinfinipoint get cve
#
Base Commandinfinipoint-get-cve
#
InputArgument Name | Description | Required |
---|---|---|
cve_id | cve id, e.g. CVE-2020-1301 | Required |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Cve.Details.campaign_intelligence.apt | String | apt |
Infinipoint.Cve.Details.campaign_intelligence.description | String | CVE description |
Infinipoint.Cve.Details.campaign_intelligence.targeted_countries | String | CVE targeted countries |
Infinipoint.Cve.Details.campaign_intelligence.targeted_industries | String | CVE targeted industries |
Infinipoint.Cve.Details.cve_description | String | CVE description |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.ac_insuf_info | String | ac insuf info |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.access_vector | String | access vector |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.attack_complexity | String | attack complexity |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.authentication | String | authentication |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.availability_impact | String | availability impact |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.base_score | String | base score |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.confidentiality_impact | String | confidentiality impact |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.exploitability_score | String | exploitability score |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.impact_score | String | impact score |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2. | String | integrity impact |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.obtain_all_privilege | String | obtain all privilege |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.obtain_other_privilege | String | obtain other privilege |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.obtain_user_privilege | String | obtain user privilege |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.severity | String | severity |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.user_interaction_required | String | user interaction required |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v2.vector_string | String | vector string |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.attack_complexity | String | attack complexity |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.attack_vector | String | attack vector |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.availability_impact | String | availability impact |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.base_score | String | base score |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.base_severity | String | base severity |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.confidentiality_impact | String | confidentiality impact |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.exploitability_score | String | exploitability score |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.impact_score | String | impact score |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.integrity_impact | String | integrity impact |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.privileges_required | String | privileges required |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.scope | String | scope |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.user_interaction | String | user interaction |
Infinipoint.Cve.Details.cve_dynamic_data.base_metric_v3.vector_string | String | vector string |
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.attack_complexity | String | attack complexity |
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.campaigns | Number | campaigns |
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.device_count | Number | device count |
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.exploitability_risk | String | exploitability risk |
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.exploits | Number | exploits |
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.risk_label | String | risk label |
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.risk_level | Number | risk level |
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.risk_type | Number | risk type |
Infinipoint.Cve.Details.cve_dynamic_data.infinipoint_base_metric.trends_level | String | trends level |
Infinipoint.Cve.Details.cve_id | String | cve id |
Infinipoint.Cve.Details.cwe_description | String | cwe description |
Infinipoint.Cve.Details.cwe_id | String | cwe id |
Infinipoint.Cve.Details.devices.$device | String | Infinipoint device ID |
Infinipoint.Cve.Details.devices.device_name_string | String | Device name |
Infinipoint.Cve.Details.devices.device_os | String | Device OS |
Infinipoint.Cve.Details.devices.device_risk | Number | Device risk |
Infinipoint.Cve.Details.devices.map_id | String | Infinipoint map id |
Infinipoint.Cve.Details.devices.vulnerableProduct | String | Vulnerable product |
Infinipoint.Cve.Details.devices.vulnerableVersion | String | Vulnerable Version |
Infinipoint.Cve.Details.scan_date | Unknown | scan date |
Infinipoint.Cve.Details.software_list.cpe_name_string | String | cpe name string |
Infinipoint.Cve.Details.software_list.cpe_type | String | cpe type |
Infinipoint.Cve.Details.top_devices.$device | String | Infinipoint device ID |
Infinipoint.Cve.Details.top_devices.device_name_string | String | Device name |
Infinipoint.Cve.Details.top_devices.device_os | String | Device OS |
Infinipoint.Cve.Details.top_devices.device_risk | Number | Device risk |
Infinipoint.Cve.Details.top_devices.map_id | String | Infinipoint map id |
Infinipoint.Cve.Details.top_devices.vulnerableProduct | String | Vulnerable product |
Infinipoint.Cve.Details.top_devices.vulnerableVersion | String | Vulnerable version |
#
Command Example!infinipoint-get-cve cve_id="CVE-2020-9859"
#
Context Example#
Human Readable Output#
Results
campaign_intelligence cve_description cve_dynamic_data cve_id cwe_description cwe_id devices scan_date software_list top_devices {'apt': 'Publicly Available Exploit', 'description': 'The zero-day vulnerability tracked as CVE-2020-9859 is exploited by the Unc0ver jailbreak tool ', 'targeted_countries': [''], 'targeted_industries': ['']} A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges. infinipoint_base_metric: {"device_count": 1, "risk_level": 10, "attack_complexity": "10", "campaigns": 1, "exploits": 1, "trends_level": "10", "exploitability_risk": "3.9", "risk_label": "Critical", "risk_type": 4}
base_metric_v2: {"vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "access_vector": "LOCAL", "attack_complexity": "LOW", "authentication": "NONE", "confidentiality_impact": "COMPLETE", "integrity_impact": "COMPLETE", "availability_impact": "COMPLETE", "base_score": "7.2", "severity": "HIGH", "exploitability_score": "3.9", "impact_score": "10.0", "ac_insuf_info": "False", "obtain_all_privilege": "False", "obtain_other_privilege": "False", "obtain_user_privilege": "False", "user_interaction_required": "False"}
base_metric_v3: {"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attack_vector": "LOCAL", "attack_complexity": "LOW", "privileges_required": "LOW", "user_interaction": "NONE", "scope": "UNCHANGED", "confidentiality_impact": "HIGH", "integrity_impact": "HIGH", "availability_impact": "HIGH", "base_score": "7.8", "base_severity": "HIGH", "exploitability_score": "1.8", "impact_score": "5.9"}CVE-2020-9859 Uncontrolled Resource Consumption (Resource Exhaustion) CWE-400 {'$device': 'XXXX-XXXX-XXXX-XXXX-YYYY', 'device_name_string': 'OSX-Machine', 'vulnerableProduct': 'Mac OS X 10.15.3', 'vulnerableVersion': 'Mac OS X 10.15.3', 'device_risk': 10, 'map_id': 'XXXX-XXXX-XXXX-XXXX-YYYY', 'device_os': 'Mac OS X 10.15.3', 'is_managed': True} {'cpe_name_string': 'Mac OS X 10.15.3 10.15.3', 'cpe_type': 'OS_ONLY', 'cpe_strings': []} {'$device': 'XXXX-XXXX-XXXX-XXXX-YYYY', 'device_name_string': 'OSX-Machine', 'vulnerableProduct': 'Mac OS X 10.15.3', 'vulnerableVersion': 'Mac OS X 10.15.3', 'device_risk': 10, 'map_id': 'XXXX-XXXX-XXXX-XXXX-YYYY', 'device_os': 'Mac OS X 10.15.3', 'is_managed': True}
#
infinipoint-get-deviceget device
#
Base Commandinfinipoint-get-device
#
InputArgument Name | Description | Required |
---|---|---|
host | hostname, e.g. DESKTOP-CIK123 | Optional |
osType | choose a OS type - 1 = Windows | 2 = Linux | 4 = macOS | Optional |
osName | Device operating system full name e.g. windows-10.0.18363.836 | Optional |
status | Device current status:- 0 = Offline | 1 = Online | Optional |
agentVersion | Infinipoint agent version, e.g. 3.200.10.0 | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Devices.agentVersion | String | Infinipoint agent version |
Infinipoint.Devices.clientType | Number | Client type |
Infinipoint.Devices.discoveryId | String | Infinipoint discovery id |
Infinipoint.Devices.domain | String | Domin name |
Infinipoint.Devices.edge | Number | Infinipoint edge |
Infinipoint.Devices.ftDidRespond | Number | ftDidRespond |
Infinipoint.Devices.ftIsSuccessful | Number | ftIsSuccessful |
Infinipoint.Devices.ftResult | String | ftResult |
Infinipoint.Devices.gatewayIp | Number | Getway IP |
Infinipoint.Devices.gatewayMACAddress | Date | Gateway MAC Address |
Infinipoint.Devices.host | String | hostname |
Infinipoint.Devices.id | String | Infinipoint device id |
Infinipoint.Devices.ip | Number | IP address |
Infinipoint.Devices.lastSeen | Date | Last Seen device |
Infinipoint.Devices.macAddress | String | MAC Address |
Infinipoint.Devices.networkId | Number | Infinipoint network ID |
Infinipoint.Devices.networks.alias | String | Networks alias |
Infinipoint.Devices.networks.cidr | String | cidr |
Infinipoint.Devices.networks.gatewayIp | Number | Gateway IP |
Infinipoint.Devices.networks.gatewayMACAddress | Date | Gateway MACAddress |
Infinipoint.Devices.osName | String | OS name |
Infinipoint.Devices.osType | Number | OS Type |
Infinipoint.Devices.policyVersion | String | Infinipoint policy version |
Infinipoint.Devices.productType | String | Product type |
Infinipoint.Devices.regDate | Date | Register date |
Infinipoint.Devices.status | Number | Infinipoint Device status |
Infinipoint.Devices.statusCode | Unknown | Infinipoint status Code |
Infinipoint.Devices.statusDescription | Unknown | Infinipoint status Description |
Infinipoint.Devices.supportId | Unknown | Infinipoint support Id |
Infinipoint.Devices.tags.color | String | Tag color |
Infinipoint.Devices.tags.name | String | Tag name |
Infinipoint.Devices.tags.tagId | String | Infinipoint Tag ID |
Infinipoint.Devices.uniqueHostname | String | Infinipoint unique Hostname |
#
Command Example!infinipoint-get-device osType=1
#
Context Example#
Human Readable Output#
Results
agentVersion clientType discoveryId domain edge ftDidRespond ftIsSuccessful ftResult gatewayIp gatewayMACAddress host id ip lastSeen macAddress networkAlias networkId networks osName osType policyVersion productType regDate status statusCode statusDescription supportId tags uniqueHostname 3.200.20.0 0 WORKGROUP true false false -1062671102 00:50:56:00:00:00 DESKTOP-VM XXXX-XXXX-XXXX-XXXX-YYYY -10000001 2020-07-13T11:06:06.632976Z 00:0C:29:BB:74:92 GCP 5866697 {'alias': 'GCP', 'cidr': '192.1.1.0/24', 'gatewayIp': -100000001, 'gatewayMACAddress': '00:50:56:00:00:00'} windows-10.0.17763.1282 1 1.0.0 Work Station 2020-07-13T09:46:43.385267Z 0 {'color': 'fefb08', 'name': 'et', 'tagId': 'XXXX-XXXX-XXXX-XXXX-YYYY'} DESKTOP-VM-xkp
#
infinipoint-get-tagget tag
#
Base Commandinfinipoint-get-tag
#
InputArgument Name | Description | Required |
---|---|---|
name | Tag name, e.g. it-department-tag | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Tags.color | String | Tag color |
Infinipoint.Tags.count | Number | Amount of devices under tag |
Infinipoint.Tags.description | String | Tag description |
Infinipoint.Tags.name | String | Tag name |
Infinipoint.Tags.tagId | String | Infinipoint tag id |
Infinipoint.Tags.type | Number | Tag type |
#
Command Example!infinipoint-get-tag name=et
#
Context Example#
Human Readable Output#
Results
color count description name tagId type fefb08 1 et et 6d0b5156-eb2d-4b28-9c7c-3cb6e80f2cfb 0
#
infinipoint-get-networksget networks
#
Base Commandinfinipoint-get-networks
#
InputArgument Name | Description | Required |
---|---|---|
alias, e.g. office | network alias name | Optional |
cidr | cidr, e.g. 10.65.0.1/16 | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Networks.Info.alias | String | Alias name |
Infinipoint.Networks.Info.cidr | String | Cidr |
Infinipoint.Networks.Info.city | Unknown | City |
Infinipoint.Networks.Info.country | Unknown | Country |
Infinipoint.Networks.Info.cronExpression | String | Cron Expression |
Infinipoint.Networks.Info.dnsName | String | DNS name |
Infinipoint.Networks.Info.externalIp | Number | External ip |
Infinipoint.Networks.Info.firstSeen | Date | Date first seen |
Infinipoint.Networks.Info.floor | Unknown | floor |
Infinipoint.Networks.Info.gatewayIp | Number | gateway IP |
Infinipoint.Networks.Info.gatewayMacAddress | String | gateway MAC Address |
Infinipoint.Networks.Info.ip | Number | IP address |
Infinipoint.Networks.Info.ipSubnetMask | Number | IP subnet mask |
Infinipoint.Networks.Info.lastRun | Date | Last scan Run |
Infinipoint.Networks.Info.lastSeen | Date | Last Seen |
Infinipoint.Networks.Info.latitude | Unknown | Latitude |
Infinipoint.Networks.Info.longitude | Unknown | Longitude |
Infinipoint.Networks.Info.managedCount | Number | managed devices count |
Infinipoint.Networks.Info.name | String | Network name |
Infinipoint.Networks.Info.networkId | Number | Infinipoint network ID |
Infinipoint.Networks.Info.nextRun | Date | Next scan |
Infinipoint.Networks.Info.onPrem | Number | OnPrem |
Infinipoint.Networks.Info.room | Unknown | room |
Infinipoint.Networks.Info.scheduleStatus | Number | infinipoint Schedule Status |
Infinipoint.Networks.Info.state | Unknown | state |
Infinipoint.Networks.Info.street | Unknown | street |
Infinipoint.Networks.Info.type | Number | Type |
Infinipoint.Networks.Info.unmanagedCount | Number | Unmanaged devices count |
#
Command Example!infinipoint-get-networks alias=GCP
#
Context Example#
Human Readable Output#
Results
alias cidr city country cronExpression dnsName externalIp firstSeen floor gatewayIp gatewayMacAddress hidden ip ipSubnetMask lastRun lastSeen latitude longitude managedCount name networkId nextRun onPrem room scheduleStatus state street type unmanagedCount GCP 192.1.1.0/24 0 2020-07-13T09:46:43.376984Z -1062671102 00:50:56:F9:90:54 false 0 0 1970-01-01T00:00:00Z 2020-08-09T14:13:47.084573Z 3 5866697 1970-01-01T00:00:00Z false 3 0 0
#
infinipoint-get-assets-devicesget assets hardware
#
Base Commandinfinipoint-get-assets-devices
#
InputArgument Name | Description | Required |
---|---|---|
host | hostname, e.g. DESKTOP-CIK123 | Optional |
os_type | choose a OS type - 1 = Windows | 2 = Linux | 4 = macOS | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Assets.Hardware.$device | String | Infinipoint device ID |
Infinipoint.Assets.Hardware.$host | String | hostname |
Infinipoint.Assets.Hardware.$time | Number | Timestamp |
Infinipoint.Assets.Hardware.$type | String | Assets type |
Infinipoint.Assets.Hardware.cpu_brand | String | CPU brand |
Infinipoint.Assets.Hardware.cpu_logical_cores | String | CPU logical cores |
Infinipoint.Assets.Hardware.cpu_physical_cores | String | CPU physical cores |
Infinipoint.Assets.Hardware.hardware_model | String | Hardware model |
Infinipoint.Assets.Hardware.hardware_serial | String | Hardware serial |
Infinipoint.Assets.Hardware.hardware_vendor | String | Hardware vendor |
Infinipoint.Assets.Hardware.kernel_version | String | Kernel version |
Infinipoint.Assets.Hardware.os_build | String | OS build |
Infinipoint.Assets.Hardware.os_name | String | OS name |
Infinipoint.Assets.Hardware.os_patch_version | String | OS patch version |
Infinipoint.Assets.Hardware.os_type | String | infinipint OS type |
Infinipoint.Assets.Hardware.os_version | String | OS version |
Infinipoint.Assets.Hardware.physical_memory | String | Physical memory |
Infinipoint.Assets.Hardware.platform | String | Platform |
Infinipoint.Assets.Hardware.user | String | Last logged in user |
#
Command Example!infinipoint-get-assets-devices os_type="1"
#
Context Example#
Human Readable Output#
Results
$device $host $time $type cpu_brand cpu_logical_cores cpu_physical_cores hardware_model hardware_serial hardware_vendor kernel_version os_build os_name os_patch_version os_type os_version physical_memory platform user 22ddf738-7e1c-4f20-a9c7-07620d1f2110 DESKTOP-U0QSLQ8 2020-07-13T11:19:57+00:00 csv Intel(R) Core(TM) i7-10510U CPU @ 1.80GHz 2 1 VMware Virtual Platform VMware-56 4d 8c d8 6d 32 31 e2-ed 43 1f 09 ff bb 74 92 VMware, Inc. 10.0.17763.1282 17763 Microsoft Windows 10 Enterprise Evaluation 1 10.0.17763 4.0 windows tesst2
#
infinipoint-get-assets-cloudget assets cloud
#
Base Commandinfinipoint-get-assets-cloud
#
InputArgument Name | Description | Required |
---|---|---|
host | hostname | Optional |
os_type | OS Type - 1 = Windows | 2 = Linux | 4 = macOS | Optional |
source | "AWS API" | "GCP API" | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Assets.Cloud.$device | String | Infinipoint device ID |
Infinipoint.Assets.Cloud.$host | String | Hostname |
Infinipoint.Assets.Cloud.$time | Number | Timestamp |
Infinipoint.Assets.Cloud.$type | String | Assets type |
Infinipoint.Assets.Cloud.cloud_scan_timestamp | Number | cloud scan timestamp |
Infinipoint.Assets.Cloud.cpu_brand | String | CPU brand |
Infinipoint.Assets.Cloud.cpu_logical_cores | String | CPU logical cores |
Infinipoint.Assets.Cloud.cpu_physical_cores | String | CPU physical cores |
Infinipoint.Assets.Cloud.creation_time | String | Creation time |
Infinipoint.Assets.Cloud.hardware_model | String | Hardware model |
Infinipoint.Assets.Cloud.hardware_serial | String | Hardware serial |
Infinipoint.Assets.Cloud.hardware_vendor | String | Hardware vendor |
Infinipoint.Assets.Cloud.instance_id | Date | Instance id |
Infinipoint.Assets.Cloud.instance_state | String | Instance state |
Infinipoint.Assets.Cloud.instance_type | String | Instance type |
Infinipoint.Assets.Cloud.os_build | String | OS build |
Infinipoint.Assets.Cloud.os_name | String | OS name |
Infinipoint.Assets.Cloud.os_patch_version | String | OS patch version |
Infinipoint.Assets.Cloud.os_type | String | OS type |
Infinipoint.Assets.Cloud.physical_memory | String | Physical memory |
Infinipoint.Assets.Cloud.platform | String | Platform |
Infinipoint.Assets.Cloud.source | String | Cloud source |
Infinipoint.Assets.Cloud.user | String | Username |
Infinipoint.Assets.Cloud.zone | String | Zone |
Infinipoint.Assets.Cloud.open_ports | Number | List of open ports |
#
Command Example!infinipoint-get-assets-cloud source="GCP API"
#
Context Example#
Human Readable Output#
Results
$device $host $time $type cloud_scan_timestamp cpu_brand cpu_logical_cores cpu_physical_cores hardware_model hardware_serial hardware_vendor instance_id kernel_version os_build os_name os_patch_version os_type os_version physical_memory platform source user a523014f-1612-4b65-90a8-7974b116cb44 ubu-et 2020-07-13T13:19:37+00:00 csv 1594644075 Intel(R) Xeon(R) CPU @ 2.30GHz 1 1 Google Compute Engine GoogleCloud-46BCBFA9C0E1789A71BA4A36CAD5E7A0 7730283300603950466 5.4.0-1019-gcp Ubuntu 2 20.04 LTS (Focal Fossa) 4.0 ubuntu GCP API eturjeman_riscale_com
#
infinipoint-get-assets-usersget assets users
#
Base Commandinfinipoint-get-assets-users
#
InputArgument Name | Description | Required |
---|---|---|
host | host name | Optional |
username | user name | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Assets.User.$device | String | Infinipoint device ID |
Infinipoint.Assets.User.$host | String | hostname |
Infinipoint.Assets.User.$time | Number | Timestamp |
Infinipoint.Assets.User.$type | String | Assets type |
Infinipoint.Assets.User.description | String | Description |
Infinipoint.Assets.User.directory | String | User directory |
Infinipoint.Assets.User.username | String | Username |
#
Command Example!infinipoint-get-assets-users username="et"
#
Context Example#
Human Readable Output#
Results
$device $host $time $type description directory username XXXX-XXXX-XXXX-XXXX-YYYY OSX-Machine 2020-08-05T07:01:49+00:00 csv Setup User /var/setup _mbsetupuser XXXX-XXXX-XXXX-XXXX-QQQQ DESKTOP-VM 2020-07-13T10:52:41+00:00 csv et XXXX-XXXX-XXXX-XXXX-WWWW OSX-VM 2020-08-05T07:01:49+00:00 csv ET /Users/et et XXXX-XXXX-XXXX-XXXX-EEEE ubu-et 2020-07-13T12:42:17+00:00 csv /home/et et
#
infinipoint-get-action-resultsget action
#
Base Commandinfinipoint-get-action-results
#
InputArgument Name | Description | Required |
---|---|---|
action_id, e.g. 9ef2494d-862e-43c8-963c-3587cde75c4d | Action id (infinipoint) | Required |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Responses.$data | String | Timestamp |
Infinipoint.Responses.$device | String | Infinipoint device ID |
Infinipoint.Responses.$host | String | Hostname |
Infinipoint.Responses.$time | Number | Expoh time |
Infinipoint.Responses.$type | String | Responses type |
#
Command Example!infinipoint-get-action-results action_id=8761df7a-05fd-4343-8c7e-794bc6d06940
#
Human Readable Output#
infinipoint-get-queriesget queries
#
Base Commandinfinipoint-get-queries
#
InputArgument Name | Description | Required |
---|---|---|
name | Query name, e.g Windows Logon Session | Required |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Scripts.Search.aggregation | Number | Aggregation included |
Infinipoint.Scripts.Search.createdOn | Date | Date query created on |
Infinipoint.Scripts.Search.format | Number | Query format |
Infinipoint.Scripts.Search.id | String | Infinipoint query id |
Infinipoint.Scripts.Search.interp | Number | interp |
Infinipoint.Scripts.Search.module | Number | Infinipoint module |
Infinipoint.Scripts.Search.name | String | Query name |
Infinipoint.Scripts.Search.osType | Number | OS type |
#
Command Example!infinipoint-get-queries name=os_version
#
Context Example#
Human Readable Output#
Results
aggregation createdOn description format id interp module name osType true 2020-02-02T09:28:00.500226Z Retrieves information FROM the Operative Systems. 2 XXXX-XXXX-XXXX-XXXX-YYYY 0 4 OS versions 7
#
infinipoint-execute-actionrun queries
#
Base Commandinfinipoint-execute-action
#
InputArgument Name | Description | Required |
---|---|---|
id | Query ID, e.g 9b071f4c-da87-409c-9cd1-59a275e52c9d | Required |
target | Target devices ID,e.g ["4f16532e-AAAAA-4b78-BBBB-946d3d3619ca"] | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Scripts.execute.actionId | String | Action ID |
Infinipoint.Scripts.execute.aggColumns | String | Aggregation columns |
Infinipoint.Scripts.execute.devicesCount | Number | Amount of devices |
Infinipoint.Scripts.execute.name | String | Query name |
#
Command Example!infinipoint-execute-action id=0b5004ce-0a18-11ea-9a9f-362b9e155667
#
Context Example#
Human Readable Output#
Results
actionId aggColumns devicesCount name 40151026-c5a6-4a3a-92a4-39a0bbee5902 Name 0 User Profile Not In Use (90 days)
#
infinipoint-get-non-complianceget non compliance devices
#
Base Commandinfinipoint-get-non-compliance
#
InputArgument Name | Description | Required |
---|---|---|
offset | Infinipoint offset - First fetch time | Required |
limit | Limit of responses | Required |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Compliance.Incidents.deviceID | String | Infinipoint device ID |
Infinipoint.Compliance.Incidents.eventTime | Number | Event Time |
Infinipoint.Compliance.Incidents.hostname | Date | hostname |
Infinipoint.Compliance.Incidents.issues.issueID | String | Infinipoint issue ID |
Infinipoint.Compliance.Incidents.issues.issueType | String | Issue Type |
Infinipoint.Compliance.Incidents.issues.policyIdx | Number | Infinipoint policyIdx |
Infinipoint.Compliance.Incidents.issues.ref | String | Infinipoint ref |
Infinipoint.Compliance.Incidents.policyID | String | policy ID |
Infinipoint.Compliance.Incidents.policyName | String | policy name |
Infinipoint.Compliance.Incidents.policyVersion | Number | policy version |
Infinipoint.Compliance.Incidents.timestamp | Number | timestamp |
#
Command Example !infinipoint-get-non-compliance limit=100 offset=0
#
Human Readable Output#
infinipoint-get-device-detailsget device details
#
Base Commandinfinipoint-get-device-details
#
InputArgument Name | Description | Required |
---|---|---|
discoveryId | discovery id, e.g 23eb50e7ceb907975686ba5cebbd3520 | Required |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Device.Details.$device | String | Infinipoint device ID |
Infinipoint.Device.Details.$type | String | Info Type |
Infinipoint.Device.Details._key | String | Infinipoint key |
Infinipoint.Device.Details.archive | Number | Infinipoint archive |
Infinipoint.Device.Details.building | String | building |
Infinipoint.Device.Details.classification | String | classification |
Infinipoint.Device.Details.department | String | department |
Infinipoint.Device.Details.email | String | |
Infinipoint.Device.Details.enroll_date | Date | enroll date |
Infinipoint.Device.Details.first_seen | Number | first_seen |
Infinipoint.Device.Details.hidden | Number | hidden |
Infinipoint.Device.Details.host_name.name | String | hostname |
Infinipoint.Device.Details.host_name.value | String | Infinipoint value |
Infinipoint.Device.Details.jamf_tag | String | jamf tag |
Infinipoint.Device.Details.last_report_date | Number | last report date |
Infinipoint.Device.Details.last_seen | Number | last seen |
Infinipoint.Device.Details.mac_address.name | String | Infinipoint name |
Infinipoint.Device.Details.mac_address.value | String | Infinipoint value |
Infinipoint.Device.Details.model | String | Infinipoint model |
Infinipoint.Device.Details.name_tag | String | Infinipoint name_tag |
Infinipoint.Device.Details.os_name.name | String | Infinipoint name |
Infinipoint.Device.Details.os_name.value | String | Infinipoint value |
Infinipoint.Device.Details.phone_number | String | phone number |
Infinipoint.Device.Details.position | String | position |
Infinipoint.Device.Details.providers | String | providers |
Infinipoint.Device.Details.room | String | Room |
Infinipoint.Device.Details.serial | String | serial |
Infinipoint.Device.Details.site | String | site |
Infinipoint.Device.Details.udid | String | udid |
Infinipoint.Device.Details.unique_id | String | unique id |
Infinipoint.Device.Details.username | String | User name |
#
Command Example!infinipoint-get-device-details discoveryId=23eb50e7ceb907975686ba5cebbd3520
#
Human Readable Output#
infinipoint-get-compliance-statusget compliance status
#
Base Commandinfinipoint-get-compliance-status
#
InputArgument Name | Description | Required |
---|---|---|
device_id | device id | Required |
#
Context OutputPath | Type | Description |
---|---|---|
Infinipoint.Compliance.Device.response.compliance | Number | compliance statius - 0 - error, 1 - compliance, 2 - non-compliance |
Infinipoint.Compliance.Device.success | Number | success |
#
Command Example !infinipoint-get-compliance-status device_id=40151026-c5a6-4a3a-92a4-39a0bbee5902