Get Endpoint - Blink Documentation

Returns details for specific endpoints. You must select the field and value for filtering the endpoints.

External DocumentationTo learn more, visit the Cortex XDR documentation.

Parameters

Parameter Description

Endpoint Filter Value You must select the field via the Filter by parameter before entering its value.

Note: Only in case you’ve chosen the hostname field, you can use the dropdown to insert its value. For all other fields, manually enter the value.

Filter By Select the field to filter by.
Available fields:

endpoint_id_list: List of endpoint IDs.

endpoint_status: The endpoint’s status.

hostname: Host name.

group_name: Group name the agent belongs to.

dist_name: Distribution / Installation Package name.

ip_list: List of IP addresses.

public_ip_list: Public IP addresses that correlate to the last IPv4 address from which the XDR agent connected (know as Last Origin IP).

alias: Alias name.

Parameter	Description
Endpoint Filter Value	You must select the field via the `Filter by` parameter before entering its value. Note: Only in case you’ve chosen the `hostname` field, you can use the dropdown to insert its value. For all other fields, manually enter the value.
Filter By	Select the field to filter by. Available fields: `endpoint_id_list`: List of endpoint IDs. `endpoint_status`: The endpoint’s status. `hostname`: Host name. `group_name`: Group name the agent belongs to. `dist_name`: Distribution / Installation Package name. `ip_list`: List of IP addresses. `public_ip_list`: Public IP addresses that correlate to the last IPv4 address from which the XDR agent connected (know as Last Origin IP). `alias`: Alias name.

Example Output

{
	"reply": {
		"total_count": 0,
		"result_count": 0,
		"endpoints": [
			{
				"endpoint_id": "string",
				"endpoint_name": "string",
				"endpointTags": "string",
				"endpoint_type": "string",
				"endpoint_status": "string",
				"os_type": "string",
				"os_version": "string",
				"ip": [
					"string"
				],
				"ipv6": [
					{}
				],
				"public_ip": "string",
				"users": [
					"string"
				],
				"domain": "string",
				"alias": "string",
				"first_seen": 0,
				"last_seen": 0,
				"content_version": "string",
				"installation_package": "string",
				"active_directory": null,
				"install_date": 0,
				"endpoint_version": "string",
				"is_isolated": "string",
				"isolated_date": null,
				"group_name": [
					{}
				],
				"operational_status": "string",
				"operational_status_description": "string",
				"scan_status": "string",
				"content_release_timestamp": 0,
				"last_content_update_time": 0,
				"content_status": "string",
				"operating_system": "string",
				"mac_address": [
					"string"
				],
				"assigned_prevention_policy": "string",
				"assigned_extensions_policy": "string"
			}
		]
	}
}

Workflow Library Example

Get Endpoint with Cortex Xdr and Send Results Via Email

Preview this Workflow on desktop

Integrations

​Parameters

​Example Output

​Workflow Library Example

Parameters

Example Output

Workflow Library Example