Common Playbooks Pack.#This Playbook is part of the
Supported Cortex XSOAR versions: 5.5.0 and later.
This playbook uses the generic command !endpoint to retrieve details on a specific endpoint. This command currently supports the following integrations:
- Palo Alto Networks Cortex XDR - Investigation and Response.
- CrowdStrike Falcon.
This playbook uses the following sub-playbooks, integrations, and scripts.
This playbook does not use any sub-playbooks.
This playbook does not use any integrations.
|Endpoint_id||The ID of the endpoint that you want to get details about.||Optional|
|Endpoint_ip||The IP of the endpoint that you want to get details about.||Optional|
|Endpoint_hostname||The hostname of the endpoint that you want to get details about.||Optional|
|Endpoint.Hostname||The endpoint's hostname.||string|
|Endpoint.OS||The endpoint's operation system.||string|
|Endpoint.IPAddress||The endpoint's IP address.||string|
|Endpoint.ID||The endpoint's ID.||string|
|Endpoint.Status||The endpoint's status.||string|
|Endpoint.IsIsolated||Endpoint isolation status.||string|
|Endpoint.MACAddress||Endpoint MAC Address.||string|
|Endpoint.Vendor||The integration name of the endpoint vendor.||string|