Device Policy Check
| API version | 2.2 |
|---|---|
| Last Update | 05/28/2015 |
| Authentication | YES |
| Response Format | JSON |
| HTTP Method | GET |
| Rate limited | YES |
| Requests per rate limit | 10/min |
Use to fetch compliance status of a given device
API URL
Request Parameters
| Key | Datatype | Parameter Type | Required | Description | Default |
|---|---|---|---|---|---|
| access_token | string | URL | Yes | access token which archived from OAuth authentication step | |
| verbose | int | URL | Optional | 1 - extra detailed information will return in response 0 - response does not include detailed information | 0 |
| opt | int | URL | Optional | 0 - MAC address 1 - HWID 3 - SSID | 0 |
Response HTTP Code
| HTTP Code | Description |
|---|---|
| 200 | Success |
| 401 | Unauthorized. Your access_token is invalid or expired |
| 404 | Not found |
Response Parameters
| Key | Datatype | Description |
|---|---|---|
| policy_name | string | (Not available, reserved for future) policy name in Policy manager |
| user | string | (Not available, reserved for future) user in Policy manager. |
| location | string | (Not available, reserved for future) location in Policy manager. |
| device_type | string | device type (laptop, desktop, vm, server, phone) of device. |
| os_type | string | operating system type |
| status | int | Device status. This status is based on the defined policy within MetaDefender IT Access. Status values are:
|
| total_issue | int | Number of issues were seen on the device |
| total_critical_issue | int | Number of critical issues were seen on the device |
| critical_status | int | This critical status is based on the defined policy within My OPSWAT Central Management. This status apply for the whole device. Critical status values are:
|
| last_seen | string | timestamp of the last time when the endpoint device sent a health report to the server. |
| issues | array<object> | Lists any/all issues of given endpoint device. If a device is without issue, the issues array will appear blank (as shown in the example below). For those devices with issues, each issue will be listed out within issue_text (as shown in the example below). |
| issues.<category_group> | array<object> | issues found in a category group on the device |
| issues.<category_group>.category | string | category name |
| issues.<category_group>.issues | array<string> | issue descriptions |
| remediation | string | (Not available, reserved for future) remediation, in Policy manager |
| remediation_link | string | URL on remediation page for given device |
| notification | string | (Not available, reserved for future) notification can be no notification with just background log/notification using sms/notification using email, in Policy manager |
| infections | arrays<object> | Infection details |
| infections.category | string | Infections category name |
| infections.critical_status | int | 0 - no critical issue, 1 - has critical issue |
| infections.total_threats | int | number of detected threats |
| infections.has_issue | int | 0 - no issue, 1 - out of compliance |
| infections.has_critical_issue | int | 0 - no critical issue, 1 - has critical issue |
| infections.threats | array<object> | detailed threats |
| infections.threats.ThreatName | string | Name of threat found |
| infections.threats.File | string | file which the threat found |
| infections.threats.FoundTime | string | The timestamp in GMT format when the threat found. |
| infections.threats.hash | string | hash code of the scanning object if the object is a file or process |
| infections.threats.link | string | a URL to view scan details on Metadefender Cloud |
| infections.threats.ip_address | string | IP which a device connecting to |
| infections.threats.status | string | indicates the scanning object is clear, dirty or in-progress |
| infections.threats.details | array<object> | details of IP connections |
| infections.threats.details.source_name | string | Source of the feed, usually the domain where the feed is from (e.g., example.com) |
| infections.threats.details.assessment | string | Type of threat detected |
| infections.threats.details.confident | string | Represents the reliability of the detection based on several factors. The higher the score, the more reliable the result. |
| infections.threats.geo_info | object | An object represents the geolocation of address |
| infections.threats.geo_info.city | string | Country name of the network address (e.g., Brazil) |
| infections.threats.geo_info.country_name | string | Country name of the network address (e.g., BR) |
| infections.threats.geo_info.country_code | string | Region name of the network address (e.g., San Paulo) |
| infections.threats.geo_info.region_name | string | Region code of the network address (e.g., 27) |
| infections.threats.geo_info.region_code | string | City name of the network address (e.g., San Paulo) |
| infections.last_scan_time | string | The timestamp in GMT format when the agent did a scan |
| infections.total_engines | int | number of engines scanned a file |
| infections.total_sources | int | number of source of the feed |
| infections.last_report | string | the timestamp in GMT format when agent reported threat log from local anti-malware products |
Example
Example Request (verbose = 0)
*Example Response *(verbose = 0)
*Example Request *(verbose = 1)
*Example Response for Wins/macOS devices *(verbose = 1)
*Example Response for iOS/Android devices *(verbose = 1)
History
| Version | URL |
|---|---|
| 2.0 | auto$ |
Was this page helpful?
