Get Endpoint

Returns details for specific endpoints. You must select the field and value for filtering the endpoints.

External Documentation

To learn more, visit the Cortex XDR documentation.

Parameters

Parameter Description

Endpoint Filter Value You must select the field via the Filter by parameter before entering its value.

Note: Only in case you’ve chosen the hostname field, you can use the dropdown to insert its value. For all other fields, manually enter the value.

Filter By Select the field to filter by.
Available fields:

endpoint_id_list: List of endpoint IDs.

endpoint_status: The endpoint’s status.

hostname: Host name.

group_name: Group name the agent belongs to.

dist_name: Distribution / Installation Package name.

ip_list: List of IP addresses.

public_ip_list: Public IP addresses that correlate to the last IPv4 address from which the XDR agent connected (know as Last Origin IP).

alias: Alias name.

Parameter	Description
Endpoint Filter Value	You must select the field via the `Filter by` parameter before entering its value. Note: Only in case you’ve chosen the `hostname` field, you can use the dropdown to insert its value. For all other fields, manually enter the value.
Filter By	Select the field to filter by. Available fields: `endpoint_id_list`: List of endpoint IDs. `endpoint_status`: The endpoint’s status. `hostname`: Host name. `group_name`: Group name the agent belongs to. `dist_name`: Distribution / Installation Package name. `ip_list`: List of IP addresses. `public_ip_list`: Public IP addresses that correlate to the last IPv4 address from which the XDR agent connected (know as Last Origin IP). `alias`: Alias name.

Example Output

{
	"reply": {
		"total_count": 0,
		"result_count": 0,
		"endpoints": [
			{
				"endpoint_id": "string",
				"endpoint_name": "string",
				"endpointTags": "string",
				"endpoint_type": "string",
				"endpoint_status": "string",
				"os_type": "string",
				"os_version": "string",
				"ip": [
					"string"
				],
				"ipv6": [
					{}
				],
				"public_ip": "string",
				"users": [
					"string"
				],
				"domain": "string",
				"alias": "string",
				"first_seen": 0,
				"last_seen": 0,
				"content_version": "string",
				"installation_package": "string",
				"active_directory": null,
				"install_date": 0,
				"endpoint_version": "string",
				"is_isolated": "string",
				"isolated_date": null,
				"group_name": [
					{}
				],
				"operational_status": "string",
				"operational_status_description": "string",
				"scan_status": "string",
				"content_release_timestamp": 0,
				"last_content_update_time": 0,
				"content_status": "string",
				"operating_system": "string",
				"mac_address": [
					"string"
				],
				"assigned_prevention_policy": "string",
				"assigned_extensions_policy": "string"
			}
		]
	}
}

Workflow Library Example

Get Endpoint with Cortex Xdr and Send Results Via Email

Preview this Workflow on desktop

On this page

Parameters
Example Output
Workflow Library Example

Returns details for specific endpoints. You must select the field and value for filtering the endpoints.

External Documentation

To learn more, visit the Cortex XDR documentation.

Parameters

Parameter Description

Parameter	Description
Endpoint Filter Value	You must select the field via the `Filter by` parameter before entering its value. Note: Only in case you’ve chosen the `hostname` field, you can use the dropdown to insert its value. For all other fields, manually enter the value.
Filter By	Select the field to filter by. Available fields: `endpoint_id_list`: List of endpoint IDs. `endpoint_status`: The endpoint’s status. `hostname`: Host name. `group_name`: Group name the agent belongs to. `dist_name`: Distribution / Installation Package name. `ip_list`: List of IP addresses. `public_ip_list`: Public IP addresses that correlate to the last IPv4 address from which the XDR agent connected (know as Last Origin IP). `alias`: Alias name.

Example Output

{
	"reply": {
		"total_count": 0,
		"result_count": 0,
		"endpoints": [
			{
				"endpoint_id": "string",
				"endpoint_name": "string",
				"endpointTags": "string",
				"endpoint_type": "string",
				"endpoint_status": "string",
				"os_type": "string",
				"os_version": "string",
				"ip": [
					"string"
				],
				"ipv6": [
					{}
				],
				"public_ip": "string",
				"users": [
					"string"
				],
				"domain": "string",
				"alias": "string",
				"first_seen": 0,
				"last_seen": 0,
				"content_version": "string",
				"installation_package": "string",
				"active_directory": null,
				"install_date": 0,
				"endpoint_version": "string",
				"is_isolated": "string",
				"isolated_date": null,
				"group_name": [
					{}
				],
				"operational_status": "string",
				"operational_status_description": "string",
				"scan_status": "string",
				"content_release_timestamp": 0,
				"last_content_update_time": 0,
				"content_status": "string",
				"operating_system": "string",
				"mac_address": [
					"string"
				],
				"assigned_prevention_policy": "string",
				"assigned_extensions_policy": "string"
			}
		]
	}
}

Workflow Library Example

Get Endpoint with Cortex Xdr and Send Results Via Email

Preview this Workflow on desktop

On this page

Parameters
Example Output
Workflow Library Example

Parameters

Example Output

Workflow Library Example

Case Management

Automated Case Management

Case Management Dashboard

Case Management Interface

Triggers & Actions

Case Management Settings

Get Endpoint

Parameters

Example Output

Workflow Library Example

​Parameters

​Example Output

​Workflow Library Example

Case Management

Automated Case Management

Case Management Dashboard

Case Management Interface

Triggers & Actions

Case Management Settings

​Parameters

​Example Output

​Workflow Library Example

Parameters

Example Output

Workflow Library Example

Parameters

Example Output

Workflow Library Example