Endpoint

The Endpoint object describes a physical or virtual device that connects to and exchanges information with a computer network. Some examples of endpoints are mobile devices, desktop computers, virtual machines, embedded devices, and servers. Internet-of-Things devices—like cameras, lighting, refrigerators, security systems, smart speakers, and thermostats—are also endpoints.

• Extends: _entity

Attributes

container

• Type: container
• Requirement: recommended

The information describing an instance of a container. A container is a prepackaged, portable system image that runs isolated on an existing system using a container runtime like containerd.

hostname

• Type: hostname_t
• Requirement: recommended

The fully qualified name of the endpoint.

instance_uid

• Type: string_t
• Requirement: recommended

The unique identifier of a VM instance.

interface_name

• Type: string_t
• Requirement: recommended

The name of the network interface (e.g. eth2).

interface_uid

• Type: string_t
• Requirement: recommended

The unique identifier of the network interface.

ip

• Type: ip_t
• Requirement: recommended

The IP address of the endpoint, in either IPv4 or IPv6 format.

name

• Type: string_t
• Requirement: recommended

The short name of the endpoint.

namespace_pid

• Type: integer_t
• Requirement: recommended

If running under a process namespace (such as in a container), the process identifier within that process namespace.

owner

• Type: user
• Requirement: recommended

The identity of the service or user account that owns the endpoint or was last logged into it.

type_id

• Type: integer_t
• Requirement: recommended
• Values:
  • 0 - Unknown: The type is unknown.
  • 1 - Server: A server.
  • 2 - Desktop: A desktop computer.
  • 3 - Laptop: A laptop computer.
  • 4 - Tablet: A tablet computer.
  • 5 - Mobile: A mobile phone.
  • 6 - Virtual: A virtual machine.
  • 7 - IOT: A IOT (Internet of Things) device.
  • 8 - Browser: A web browser.
  • 9 - Firewall: A networking firewall.
  • 10 - Switch: A networking switch.
  • 11 - Hub: A networking hub.
  • 99 - Other: The type is not mapped. See the type attribute, which contains a data source specific value.

The endpoint type ID.

uid

• Type: string_t
• Requirement: recommended

The unique identifier of the endpoint.

agent_list

• Type: agent
• Requirement: optional

A list of agent objects associated with a device, endpoint, or resource.

domain

• Type: string_t
• Requirement: optional

The name of the domain.

hw_info

• Type: device_hw_info
• Requirement: optional

The endpoint hardware information.

location

• Type: location
• Requirement: optional

The geographical location of the endpoint.

mac

• Type: mac_t
• Requirement: optional

The Media Access Control (MAC) address of the endpoint.

os

• Type: os
• Requirement: optional

The endpoint operating system.

subnet_uid

• Type: string_t
• Requirement: optional

The unique identifier of a virtual subnet.

type

• Type: string_t
• Requirement: optional

The endpoint type. For example: unknown, server, desktop, laptop, tablet, mobile, virtual, browser, or other.

vlan_uid

• Type: string_t
• Requirement: optional

The Virtual LAN identifier.

vpc_uid

• Type: string_t
• Requirement: optional

The unique identifier of the Virtual Private Cloud (VPC).

zone

• Type: string_t
• Requirement: optional

The network zone or LAN segment.

Constraints

At least one of: ip, uid, name, hostname, instance_uid, interface_uid, interface_name