Skip to main content

MobileIronCORE

This Integration is part of the MobileIron-UEM Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

MobileIron CORE Integration#

This integration was created and tested with version 11.0.0 of MobileIronCORE

This is the default integration for this content pack when configured by the Data Onboarder in Cortex XSIAM.

MobileIron Core - Getting Started#

  1. Log in to the MobileIron Core Admin console.
  2. Open the Users top section.
  3. Click on the create local user button. It is recommended to create a new user for the Cortex XSOAR integration specifically and not reuse an existing one.
  4. Make sure you enter all the details and keep note of the User ID (ex. core-api-user) and the password specifically.
  5. Click on the Admins top section.
  6. Add the user you just created as an admin to the instance.
  7. When setting up the Cortex XSOAR integration use User ID as the username and the password you defined as the MobileIron tenant credentials
  8. Click the Test button and ensure the connection can be established.

Refer to the API documentation at the MobileIron community for more details on setting up the API user.

MobileIron Core - Spaces#

If you are dividing the devices into different spaces, it is important to make sure the integration points to the correct Device Admin Space ID.

In most cases, this is set to the value 1 for the global space ID.

Setting up pre-processing rules#

If you are using the fetch incidents option it is advisable to set-up a pre-processing rule in order to filter out any duplicates that might show up as part of the command.

  • Inside the Cortex XSOAR admin go to Settings -> Integrations -> Pre-Processing Rules.
  • In Step 1 add a rule for Type equals MobileIron Core Device Incident.
  • In Step 2 select Drop and Update.
  • In Step 3 select Link to oldest incident created within the last 15 days and check the checkbox next to Search closed incidents.
  • Add an AND statement and enter MobileIron Device ID of existing incident is identical to the one of the incoming incident.
  • Save.

Here is an example image of the rule

Pre-Processing Rules Example

Configure MobileIronCORE on Cortex XSOAR#

  1. Navigate to Settings > Integrations > Servers & Services.

  2. Search for MobileIronCORE.

  3. Click Add instance to create and configure a new integration instance.

    ParameterDescriptionRequired
    urlServer URL (ex. https://core.mobileiron.com )True
    admin_space_idAdmin Space ID (ex. 1 for the global space ID.)True
    credentialsAPI User CredentialsTrue
    max_fetchMaximum number of incidents per fetchFalse
    incidentTypeIncident typeFalse
    insecureTrust any certificate (not secure)False
    proxyUse system proxy settingsFalse
    fetch_intervalFetch Interval (in minutes)True
    isFetchFetch incidentsFalse
  4. Click Test to validate the URLs, token, and connection.

Commands#

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

mobileiron-core-send-message#


Sends a message to the particular device based on the device ID.

Base Command#

mobileiron-core-send-message

Input#

Argument NameDescriptionRequired
device_idThe ID of the device to send a message to.Required
subjectThe subject of the email.Required
messageThe message of the email.Required
message_typeThe type of message to send. Possible values are: "pns", "sms" and "email".Required

mobileiron-core-update-os#


Updates the operating system on the particular device based on the device ID.

Base Command#

mobileiron-core-update-os

Input#

Argument NameDescriptionRequired
device_idThe ID of the device on which to update the operating system.Required

mobileiron-core-unlock-device-only#


Unlocks the particular device based on the device ID.

Base Command#

mobileiron-core-unlock-device-only

Input#

Argument NameDescriptionRequired
device_idThe ID of the device to unlock.Required

mobileiron-core-enable-voice-roaming#


Enables voice roaming on the particular device based on the device ID.

Base Command#

mobileiron-core-enable-voice-roaming

Input#

Argument NameDescriptionRequired
device_idThe ID of the device on which to enable voice roaming.Required

mobileiron-core-disable-voice-roaming#


Disables voice roaming on the particular device based on the device ID.

Base Command#

mobileiron-core-disable-voice-roaming

Input#

Argument NameDescriptionRequired
device_idThe ID of the device on which to disable voice roaming.Required

mobileiron-core-enable-data-roaming#


Enables data roaming on the particular device based on the device ID.

Base Command#

mobileiron-core-enable-data-roaming

Input#

Argument NameDescriptionRequired
device_idThe ID of the device on which to enable data roaming.Required

mobileiron-core-disable-data-roaming#


Disables data roaming on the particular device based on the device ID.

Base Command#

mobileiron-core-disable-data-roaming

Input#

Argument NameDescriptionRequired
device_idThe ID of the device on which to disable data roaming.Required

mobileiron-core-enable-personal-hotspot#


Enables a personal hotspot on the particular device based on the device ID.

Base Command#

mobileiron-core-enable-personal-hotspot

Input#

Argument NameDescriptionRequired
device_idThe ID of the device on which to enable a personal hotspot.Required

mobileiron-core-disable-personal-hotspot#


Disables a personal hotspot on the particular device based on the device ID.

Base Command#

mobileiron-core-disable-personal-hotspot

Input#

Argument NameDescriptionRequired
device_idThe ID of the device on which to disable a personal hotspot.Required

mobileiron-core-unlock-app-connect-container#


Unlocks an app connect container on the particular device based on the device ID.

Base Command#

mobileiron-core-unlock-app-connect-container

Input#

Argument NameDescriptionRequired
device_idThe ID of the device on which to unlock an app connect container.Required

mobileiron-core-retire-device#


Retires a device based on the device ID.

Base Command#

mobileiron-core-retire-device

Input#

Argument NameDescriptionRequired
device_idThe ID of the device to retire.Required

mobileiron-core-wipe-device#


Wipes a device based on the device ID.

Base Command#

mobileiron-core-wipe-device

Input#

Argument NameDescriptionRequired
device_idID of the device to wipe.Required

mobileiron-core-force-checkin#


Forces check in to the device based on the device ID.

Base Command#

mobileiron-core-force-checkin

Input#

Argument NameDescriptionRequired
device_idID of the device on which to force check in.Required

mobileiron-core-get-devices-data#


Gets a list of devices matching the provided query.

Base Command#

mobileiron-core-get-devices-data

Input#

Argument NameDescriptionRequired
queryThe query used to filter the list of devices. Default is common.status = "ACTIVE".Required
additional_fieldsComma-separated list of fields to query from the API.Optional
max_fetchThe maximum number of items to return.Optional

Context Output#

PathTypeDescription
MobileIronCore.Device.common_modelStringModel of the device that was fetched.
MobileIronCore.Device.common_os_versionStringOperating system version of the device that was fetched.
MobileIronCore.Device.common_platformStringPlatform name of the device that was fetched.
MobileIronCore.Device.common_statusStringStatus of the device that was fetched.
MobileIronCore.Device.common_imeiStringInternational Mobile Equipment Identity (IMEI) of the device that was fetched.
MobileIronCore.Device.common_platformStringPlatform of the device that was fetched.
MobileIronCore.Device.common_security_stateStringSecurity state of the device that was fetched.
MobileIronCore.Device.user_display_nameStringDisplay name of the device that was fetched.
MobileIronCore.Device.common_last_connected_atDateDate the device that was fetched was last connected.
MobileIronCore.Device.common_uuidStringDevice UUID of the device that was fetched.
MobileIronCore.Device.common_quarantinedBooleanWhether the device was quarantined.
MobileIronCore.Device.common_idNumberID of the device that was fetched.
MobileIronCore.Device.common_imsiStringInternational mobile subscriber identity (IMSI) of the device that was fetched.
MobileIronCore.Device.common_ownerStringOwner of the device that was fetched.
MobileIronCore.Device.user_email_addressStringUser email address of the device that was fetched.
MobileIronCore.Device.common_manufacturerStringManufacturer of the device that was fetched.
MobileIronCore.Device.common_compliantBooleanWhether the device that was fetched is compliant.
MobileIronCore.Device.user_user_idStringUser ID of the device that was fetched.
MobileIronCore.Device.common_registration_dateDateRegistration date of the device that was fetched.
MobileIronCore.Device.common_wifi_mac_addressStringWiFi MAC address of the device that was fetched.
MobileIronCore.Device.common_noncompliance_reasonsStringNon-compliance reasons for the device that was fetched.
MobileIronCore.Device.ios_iPhone_UDIDStringiPhone UDID of the device that was fetched.
MobileIronCore.Device.ios_iPhone_MAC_ADDRESS_EN0StringIPhone MAC address EN0 of the device that was fetched.
MobileIronCore.Device.ios_Current_MCCStringCurrent MCC of the device that was fetched.
MobileIronCore.Device.common_current_country_codeStringCurrent country code of the device that was fetched.
MobileIronCore.Device.user_sam_account_nameStringSAM account name of the device that was fetched.
MobileIronCore.Device.common_current_country_nameStringCurrent country nameCurrent country name of the device that was fetched.
MobileIronCore.Device.common_home_country_nameStringHome country name of the device that was fetched.
MobileIronCore.Device.common_home_country_codeStringHome country code of the device that was fetched.
MobileIronCore.Device.common_device_is_compromisedBooleanWhether the device that was fetched was compromised.
MobileIronCore.Device.common_SerialNumberStringDevice serial number of the device that was fetched.
MobileIronCore.Device.common_mdm_managedBooleanWhether the device that was fetched is MDM managed.

Command Example#

!mobileiron-core-get-devices-data

Context Example#

{
"MobileIronCore": {
"Device": [
{
"common_wifi_mac_address": "",
"common_noncompliance_reasons": [
"DEVICE_ADMIN_DEACTIVE"
],
"ios_iPhone_UDID": "",
"common_device_is_compromised": false,
"common_SerialNumber": "",
"common_mdm_managed": false,
"common_model": "Pixel",
"common_os_version": "10.0",
"common_status": "ACTIVE",
"common_imei": "",
"common_platform": "Android",
"common_security_state": "Ok",
"user_display_name": "*****",
"common_last_connected_at": "2020-11-09T07:38:22.000Z",
"common_uuid": "",
"common_quarantined": false,
"common_id": 3,
"common_imsi": "*****",
"common_owner": "COMPANY",
"user_email_address": "*****",
"common_manufacturer": "Google",
"common_compliant": false,
"user_user_id": "*****",
"common_registration_date": "2020-10-29T14:11:39.000Z"
}
]
}
}

mobileiron-core-get-device-by-uuid#


Gets a single device based on the device UUID.

Base Command#

mobileiron-core-get-device-by-uuid

Input#

Argument NameDescriptionRequired
device_uuidThe UUID of the device to fetch.Required
additional_fieldsComma-separated list of fields to query from the API.Optional

Context Output#

PathTypeDescription
MobileIronCore.Device.common_modelStringModel of the device that was fetched.
MobileIronCore.Device.common_os_versionStringOperating system version of the device that was fetched.
MobileIronCore.Device.common_platformStringPlatform name of the device that was fetched.
MobileIronCore.Device.common_statusStringStatus of the device that was fetched.
MobileIronCore.Device.common_imeiStringInternational Mobile Equipment Identity (IMEI) of the device that was fetched.
MobileIronCore.Device.common_platformStringPlatform of the device that was fetched.
MobileIronCore.Device.common_security_stateStringSecurity state of the device that was fetched.
MobileIronCore.Device.user_display_nameStringDisplay name of the device that was fetched.
MobileIronCore.Device.common_last_connected_atDateDate the device that was fetched was last connected.
MobileIronCore.Device.common_uuidStringDevice UUID of the device that was fetched.
MobileIronCore.Device.common_quarantinedBooleanWhether the device was quarantined.
MobileIronCore.Device.common_idNumberID of the device that was fetched.
MobileIronCore.Device.common_imsiStringInternational mobile subscriber identity (IMSI) of the device that was fetched.
MobileIronCore.Device.common_ownerStringOwner of the device that was fetched.
MobileIronCore.Device.user_email_addressStringUser email address of the device that was fetched.
MobileIronCore.Device.common_manufacturerStringManufacturer of the device that was fetched.
MobileIronCore.Device.common_compliantBooleanWhether the device that was fetched is compliant.
MobileIronCore.Device.user_user_idStringUser ID of the device that was fetched.
MobileIronCore.Device.common_registration_dateDateRegistration date of the device that was fetched.
MobileIronCore.Device.common_wifi_mac_addressStringWiFi MAC address of the device that was fetched.
MobileIronCore.Device.common_noncompliance_reasonsStringNon-compliance reasons for the device that was fetched.
MobileIronCore.Device.ios_iPhone_UDIDStringiPhone UDID of the device that was fetched.
MobileIronCore.Device.ios_iPhone_MAC_ADDRESS_EN0StringIPhone MAC address EN0 of the device that was fetched.
MobileIronCore.Device.ios_Current_MCCStringCurrent MCC of the device that was fetched.
MobileIronCore.Device.common_current_country_codeStringCurrent country code of the device that was fetched.
MobileIronCore.Device.user_sam_account_nameStringSAM account name of the device that was fetched.
MobileIronCore.Device.common_current_country_nameStringCurrent country nameCurrent country name of the device that was fetched.
MobileIronCore.Device.common_home_country_nameStringHome country name of the device that was fetched.
MobileIronCore.Device.common_home_country_codeStringHome country code of the device that was fetched.
MobileIronCore.Device.common_device_is_compromisedBooleanWhether the device that was fetched was compromised.
MobileIronCore.Device.common_SerialNumberStringDevice serial number of the device that was fetched.
MobileIronCore.Device.common_mdm_managedBooleanWhether the device that was fetched is MDM managed.

Command Example#

!mobileiron-core-get-device-by-uuid device_uuid=9b0da853-9f9b-483c-97ef-f4b5457299cf

Context Example#

{
"MobileIronCore": {
"Device": {
"common_wifi_mac_address": "",
"common_noncompliance_reasons": [
"DEVICE_ADMIN_DEACTIVE"
],
"ios_iPhone_UDID": "",
"common_device_is_compromised": false,
"common_SerialNumber": "",
"common_mdm_managed": false,
"common_model": "Pixel",
"common_os_version": "10.0",
"common_status": "ACTIVE",
"common_imei": "",
"common_platform": "Android",
"common_security_state": "Ok",
"user_display_name": "*****",
"common_last_connected_at": "2020-11-09T07:38:22.000Z",
"common_uuid": "",
"common_quarantined": false,
"common_id": 3,
"common_imsi": "*****",
"common_owner": "COMPANY",
"user_email_address": "*****",
"common_manufacturer": "Google",
"common_compliant": false,
"user_user_id": "*****",
"common_registration_date": "2020-10-29T14:11:39.000Z"
}
}
}

mobileiron-core-get-device-by-serial#


Gets a single device based on the device serial number.

Base Command#

mobileiron-core-get-device-by-serial

Input#

Argument NameDescriptionRequired
device_serialThe serial number of the device to fetch.Required
additional_fieldsComma-separated list of fields to query from the API.Optional

Context Output#

PathTypeDescription
MobileIronCore.Device.common_modelStringModel of the device that was fetched.
MobileIronCore.Device.common_os_versionStringOperating system version of the device that was fetched.
MobileIronCore.Device.common_platformStringPlatform name of the device that was fetched.
MobileIronCore.Device.common_statusStringStatus of the device that was fetched.
MobileIronCore.Device.common_imeiStringInternational Mobile Equipment Identity (IMEI) of the device that was fetched.
MobileIronCore.Device.common_platformStringPlatform of the device that was fetched.
MobileIronCore.Device.common_security_stateStringSecurity state of the device that was fetched.
MobileIronCore.Device.user_display_nameStringDisplay name of the device that was fetched.
MobileIronCore.Device.common_last_connected_atDateDate the device that was fetched was last connected.
MobileIronCore.Device.common_uuidStringDevice UUID of the device that was fetched.
MobileIronCore.Device.common_quarantinedBooleanWhether the device was quarantined.
MobileIronCore.Device.common_idNumberID of the device that was fetched.
MobileIronCore.Device.common_imsiStringInternational mobile subscriber identity (IMSI) of the device that was fetched.
MobileIronCore.Device.common_ownerStringOwner of the device that was fetched.
MobileIronCore.Device.user_email_addressStringUser email address of the device that was fetched.
MobileIronCore.Device.common_manufacturerStringManufacturer of the device that was fetched.
MobileIronCore.Device.common_compliantBooleanWhether the device that was fetched is compliant.
MobileIronCore.Device.user_user_idStringUser ID of the device that was fetched.
MobileIronCore.Device.common_registration_dateDateRegistration date of the device that was fetched.
MobileIronCore.Device.common_wifi_mac_addressStringWiFi MAC address of the device that was fetched.
MobileIronCore.Device.common_noncompliance_reasonsStringNon-compliance reasons for the device that was fetched.
MobileIronCore.Device.ios_iPhone_UDIDStringiPhone UDID of the device that was fetched.
MobileIronCore.Device.ios_iPhone_MAC_ADDRESS_EN0StringIPhone MAC address EN0 of the device that was fetched.
MobileIronCore.Device.ios_Current_MCCStringCurrent MCC of the device that was fetched.
MobileIronCore.Device.common_current_country_codeStringCurrent country code of the device that was fetched.
MobileIronCore.Device.user_sam_account_nameStringSAM account name of the device that was fetched.
MobileIronCore.Device.common_current_country_nameStringCurrent country nameCurrent country name of the device that was fetched.
MobileIronCore.Device.common_home_country_nameStringHome country name of the device that was fetched.
MobileIronCore.Device.common_home_country_codeStringHome country code of the device that was fetched.
MobileIronCore.Device.common_device_is_compromisedBooleanWhether the device that was fetched was compromised.
MobileIronCore.Device.common_SerialNumberStringDevice serial number of the device that was fetched.
MobileIronCore.Device.common_mdm_managedBooleanWhether the device that was fetched is MDM managed.

Command Example#

!mobileiron-core-get-device-by-serial device_serial=EXAMPLE

Context Example#

{
"MobileIronCore": {
"Device": {
"common_wifi_mac_address": "",
"common_noncompliance_reasons": [
"DEVICE_ADMIN_DEACTIVE"
],
"ios_iPhone_UDID": "",
"common_device_is_compromised": false,
"common_SerialNumber": "",
"common_mdm_managed": false,
"common_model": "Pixel",
"common_os_version": "10.0",
"common_status": "ACTIVE",
"common_imei": "",
"common_platform": "Android",
"common_security_state": "Ok",
"user_display_name": "*****",
"common_last_connected_at": "2020-11-09T07:38:22.000Z",
"common_uuid": "",
"common_quarantined": false,
"common_id": 3,
"common_imsi": "*****",
"common_owner": "COMPANY",
"user_email_address": "*****",
"common_manufacturer": "Google",
"common_compliant": false,
"user_user_id": "*****",
"common_registration_date": "2020-10-29T14:11:39.000Z"
}
}
}

mobileiron-core-get-device-by-mac#


Gets a single device based on the device WiFi MAC address.

Base Command#

mobileiron-core-get-device-by-mac

Input#

Argument NameDescriptionRequired
device_macMAC address of the device to fetch.Required
additional_fieldsComma-separated list of fields to query from the API.Optional

Context Output#

PathTypeDescription
MobileIronCore.Device.common_modelStringModel of the device that was fetched.
MobileIronCore.Device.common_os_versionStringOperating system version of the device that was fetched.
MobileIronCore.Device.common_platformStringPlatform name of the device that was fetched.
MobileIronCore.Device.common_statusStringStatus of the device that was fetched.
MobileIronCore.Device.common_imeiStringInternational Mobile Equipment Identity (IMEI) of the device that was fetched.
MobileIronCore.Device.common_platformStringPlatform of the device that was fetched.
MobileIronCore.Device.common_security_stateStringSecurity state of the device that was fetched.
MobileIronCore.Device.user_display_nameStringDisplay name of the device that was fetched.
MobileIronCore.Device.common_last_connected_atDateDate the device that was fetched was last connected.
MobileIronCore.Device.common_uuidStringDevice UUID of the device that was fetched.
MobileIronCore.Device.common_quarantinedBooleanWhether the device was quarantined.
MobileIronCore.Device.common_idNumberID of the device that was fetched.
MobileIronCore.Device.common_imsiStringInternational mobile subscriber identity (IMSI) of the device that was fetched.
MobileIronCore.Device.common_ownerStringOwner of the device that was fetched.
MobileIronCore.Device.user_email_addressStringUser email address of the device that was fetched.
MobileIronCore.Device.common_manufacturerStringManufacturer of the device that was fetched.
MobileIronCore.Device.common_compliantBooleanWhether the device that was fetched is compliant.
MobileIronCore.Device.user_user_idStringUser ID of the device that was fetched.
MobileIronCore.Device.common_registration_dateDateRegistration date of the device that was fetched.
MobileIronCore.Device.common_wifi_mac_addressStringWiFi MAC address of the device that was fetched.
MobileIronCore.Device.common_noncompliance_reasonsStringNon-compliance reasons for the device that was fetched.
MobileIronCore.Device.ios_iPhone_UDIDStringiPhone UDID of the device that was fetched.
MobileIronCore.Device.ios_iPhone_MAC_ADDRESS_EN0StringIPhone MAC address EN0 of the device that was fetched.
MobileIronCore.Device.ios_Current_MCCStringCurrent MCC of the device that was fetched.
MobileIronCore.Device.common_current_country_codeStringCurrent country code of the device that was fetched.
MobileIronCore.Device.user_sam_account_nameStringSAM account name of the device that was fetched.
MobileIronCore.Device.common_current_country_nameStringCurrent country nameCurrent country name of the device that was fetched.
MobileIronCore.Device.common_home_country_nameStringHome country name of the device that was fetched.
MobileIronCore.Device.common_home_country_codeStringHome country code of the device that was fetched.
MobileIronCore.Device.common_device_is_compromisedBooleanWhether the device that was fetched was compromised.
MobileIronCore.Device.common_SerialNumberStringDevice serial number of the device that was fetched.
MobileIronCore.Device.common_mdm_managedBooleanWhether the device that was fetched is MDM managed.

Command Example#

!mobileiron-core-get-device-by-mac device_mac=EXAMPLE

Context Example#

{
"MobileIronCore": {
"Device": {
"common_wifi_mac_address": "",
"common_noncompliance_reasons": [
"DEVICE_ADMIN_DEACTIVE"
],
"ios_iPhone_UDID": "",
"common_device_is_compromised": false,
"common_SerialNumber": "",
"common_mdm_managed": false,
"common_model": "Pixel",
"common_os_version": "10.0",
"common_status": "ACTIVE",
"common_imei": "",
"common_platform": "Android",
"common_security_state": "Ok",
"user_display_name": "*****",
"common_last_connected_at": "2020-11-09T07:38:22.000Z",
"common_uuid": "",
"common_quarantined": false,
"common_id": 3,
"common_imsi": "*****",
"common_owner": "COMPANY",
"user_email_address": "*****",
"common_manufacturer": "Google",
"common_compliant": false,
"user_user_id": "*****",
"common_registration_date": "2020-10-29T14:11:39.000Z"
}
}
}

mobileiron-core-get-device-by-ip#


Gets a single device based on the device IP address.

Base Command#

mobileiron-core-get-device-by-ip

Input#

Argument NameDescriptionRequired
device_ipIP address of the device to fetch.Required
additional_fieldsComma-separated list of fields to query from the API.Optional

Context Output#

PathTypeDescription
MobileIronCore.Device.common_modelStringModel of the device that was fetched.
MobileIronCore.Device.common_os_versionStringOperating system version of the device that was fetched.
MobileIronCore.Device.common_platformStringPlatform name of the device that was fetched.
MobileIronCore.Device.common_statusStringStatus of the device that was fetched.
MobileIronCore.Device.common_imeiStringInternational Mobile Equipment Identity (IMEI) of the device that was fetched.
MobileIronCore.Device.common_platformStringPlatform of the device that was fetched.
MobileIronCore.Device.common_security_stateStringSecurity state of the device that was fetched.
MobileIronCore.Device.user_display_nameStringDisplay name of the device that was fetched.
MobileIronCore.Device.common_last_connected_atDateDate the device that was fetched was last connected.
MobileIronCore.Device.common_uuidStringDevice UUID of the device that was fetched.
MobileIronCore.Device.common_quarantinedBooleanWhether the device was quarantined.
MobileIronCore.Device.common_idNumberID of the device that was fetched.
MobileIronCore.Device.common_imsiStringInternational mobile subscriber identity (IMSI) of the device that was fetched.
MobileIronCore.Device.common_ownerStringOwner of the device that was fetched.
MobileIronCore.Device.user_email_addressStringUser email address of the device that was fetched.
MobileIronCore.Device.common_manufacturerStringManufacturer of the device that was fetched.
MobileIronCore.Device.common_compliantBooleanWhether the device that was fetched is compliant.
MobileIronCore.Device.user_user_idStringUser ID of the device that was fetched.
MobileIronCore.Device.common_registration_dateDateRegistration date of the device that was fetched.
MobileIronCore.Device.common_wifi_mac_addressStringWiFi MAC address of the device that was fetched.
MobileIronCore.Device.common_noncompliance_reasonsStringNon-compliance reasons for the device that was fetched.
MobileIronCore.Device.ios_iPhone_UDIDStringiPhone UDID of the device that was fetched.
MobileIronCore.Device.ios_iPhone_MAC_ADDRESS_EN0StringIPhone MAC address EN0 of the device that was fetched.
MobileIronCore.Device.ios_Current_MCCStringCurrent MCC of the device that was fetched.
MobileIronCore.Device.common_current_country_codeStringCurrent country code of the device that was fetched.
MobileIronCore.Device.user_sam_account_nameStringSAM account name of the device that was fetched.
MobileIronCore.Device.common_current_country_nameStringCurrent country nameCurrent country name of the device that was fetched.
MobileIronCore.Device.common_home_country_nameStringHome country name of the device that was fetched.
MobileIronCore.Device.common_home_country_codeStringHome country code of the device that was fetched.
MobileIronCore.Device.common_device_is_compromisedBooleanWhether the device that was fetched was compromised.
MobileIronCore.Device.common_SerialNumberStringDevice serial number of the device that was fetched.
MobileIronCore.Device.common_mdm_managedBooleanWhether the device that was fetched is MDM managed.

Command Example#

!mobileiron-core-get-device-by-ip device_id=IP

Context Example#

{
"MobileIronCore": {
"Device": {
"common_wifi_mac_address": "",
"common_noncompliance_reasons": [
"DEVICE_ADMIN_DEACTIVE"
],
"ios_iPhone_UDID": "",
"common_device_is_compromised": false,
"common_SerialNumber": "",
"common_mdm_managed": false,
"common_model": "Pixel",
"common_os_version": "10.0",
"common_status": "ACTIVE",
"common_imei": "",
"common_platform": "Android",
"common_security_state": "Ok",
"user_display_name": "*****",
"common_last_connected_at": "2020-11-09T07:38:22.000Z",
"common_uuid": "",
"common_quarantined": false,
"common_id": 3,
"common_imsi": "*****",
"common_owner": "COMPANY",
"user_email_address": "*****",
"common_manufacturer": "Google",
"common_compliant": false,
"user_user_id": "*****",
"common_registration_date": "2020-10-29T14:11:39.000Z"
}
}
}