Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

GET /asset_model/configuration

Retrieve the current configuration settings pertaining to assets. //@param frameworkServices An instance of the FrameworkServices class automatically provided by the REST API framework or generated by FrameworkServicesUtil.

Gets the current values of all asset configuration settings.

Table 1: GET /asset_model/configuration Resource Details

MIME Type

application/json

Table 2: GET /asset_model/configuration Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 3: GET /asset_model/configuration Response Codes

HTTP Response Code

Unique Code

Description

200

 

The asset configuration was retrieved.

Response Description

An AssetConfigDTO. The AssetConfigDTO object contains the following fields:

  • realtime_dns_enabled - Boolean - Enables/disables Real-Time DNS Lookups for Asset Profiles.

  • profiler_audit_event_maximum - Long - Specifies the number of audit events per minute that are allowed to be generated by the asset profiler. Increasing the threshold increases audit throughput, but negatively impacts the system events per minute limit.

  • maximum_ip_address_per_asset - Long - Specifies the number of IPs allowed in a single asset profile before the asset profiler treats the asset as a 'vortex asset'.

  • maximum_mac_address_per_asset - Long - Specifies the number of MACs and empty interfaces allowed in a single asset profile before the asset profiler treats an asset as a 'vortex asset'.

  • unified_name_preference - Enum - When determining the unified name, whether the NetBIOS Name or DNS Name is preferred. There are 2 possible values for this configuration variable: If NetBIOS is selected, NetBIOS is preferred over DNS . The order is [ Given Name, NetBIOS Name, DNS Name, IP Address ]. If DNS is selected, DNS is preferred over NetBIOS . The order is [ Given Name, DNS Name, NetBIOS Name, IP Address ].

  • ip_reconciliation_blacklist_enabled - Boolean - Specifies whether the asset profiler should leverage the 'reconciliation blacklists'. When true, this setting compares incoming updates to the blacklists and excludes those that match. A 'blacklist' is a Reference Set that is populated by a suite of CRE rules which track asset data over time for identity information found to be associated with 3 or more other pieces of specific asset properties in a 2 hour (or less) time window.

  • maximum_grey_list_port_per_asset - Long - Specifies the maximum number of 'grey list' ports that a single asset can have. When an asset has hit the limit, no more new grey list ports are created for that asset, although new white list ports will still be created. Generally, a grey list port is a port that appears to be an open port but does not fall within the range of well-known service ports, also known as the 'white list'.

  • dns_lookups_for_host_identity_enabled - Boolean - Enables/disables DNS Lookups for host identity.

  • netbios_lookups_for_host_identity_enabled - Boolean - Enables/disables NetBIOS lookups for host identity.

  • identity_profiling_enabled - Boolean - Enables/disables identity profiling in the host profiler. Identity profiling is the act of gleaning identity from flows, where said flows are suspected of containing DNS or DHCP identity information.

  • client_application_profiling_enabled - Boolean - Enables/disables client application profiling in the host profiler. This setting should be turned off, in the case the client applications in the asset model are becoming too heavy.

  • open_port_profiling_enabled - Boolean - Enables/disables profiling open ports for a particular asset IP in the host profiler. This variable specifies whether the host profiler should perform the traditional job of profiling open ports for a particular IP.

  • asset_identity_coalescing - Long - Specifies the duration, in milliseconds, of an asset update coalescing window. This setting duplicate updates to asset identity received within the selected time interval will be merged.

  • coalesce_ownership_changes - Boolean - Enables/disables asset update coalescing when asset ownership is modified. Disable if there are custom rules that utilize asset data to ensure that duplicate updates reporting identity data transitioning from one asset to another are processed.

  • cleanup_policy - Enum - This setting retains all expired asset data until everything belonging to that asset has exceeded its threshold. To clean up asset data only when all of that asset's components have expired, set to "ENTIRE_ASSET". To clean up asset data individually as each component expires, set to "COMPONENT".

  • retain_assets_with_vulnerabilties - Boolean - Allows/disallows the cleanup agent to permanently delete expired assets that still have vulnerabilities.

  • system_retention - Object - Specifies the retention period, in milliseconds, for an asset discovered by identity (events), the host profiler (flows) or a scanner.

    • interfaces - Long - Specifies the retention period, in milliseconds,for asset interfaces (MAC Addresses). This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

    • hostname - Long - Specifies the retention period, in milliseconds, for asset DNS and NetBIOS hostnames . This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

    • ip - Long - Specifies the retention period, in milliseconds, for asset IP Addresses (IPv4 and IPv6). This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

    • property - Long - Specifies the retention period, in milliseconds, for: Unified Name, Detection Confidence (legacy), Wireless AP, Wireless SSID, Switch ID, Switch Port ID, Extended, Old Cvss Risk (legacy), VLAN, Asset Type. This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

    • product - Long - Represents the retention period, in milliseconds, for scanned asset products, including operating systems, windows applications and 3rd party products bound to open ports. This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

    • port - Long - Specifies the retention period, in milliseconds, for asset ports. This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

    • netbios - Long - Specifies the retention period, in milliseconds, for NetBIOS groups associated with the asset. This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

    • client_application - Long - Specifies the retention period, in milliseconds, of asset client applications. This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

    • users - Long - Specifies the retention period, in milliseconds, for asset users. This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

  • user_retention - Object - Specifies the retention period, in milliseconds, for an asset added manually by users.

    • interfaces - Long - Specifies the retention period, in milliseconds,for asset interfaces (MAC Addresses). This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

    • hostname - Long - Specifies the retention period, in milliseconds, for asset DNS and NetBIOS hostnames . This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

    • ip - Long - Specifies the retention period, in milliseconds, for asset IP Addresses (IPv4 and IPv6). This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

    • property - Long - Specifies the retention period, in milliseconds, for: Unified Name, Detection Confidence (legacy), Wireless AP, Wireless SSID, Switch ID, Switch Port ID, Extended, Old Cvss Risk (legacy), VLAN, Asset Type. This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

    • product - Long - Represents the retention period, in milliseconds, for scanned asset products, including operating systems, windows applications and 3rd party products bound to open ports. This will be truncated from milliseconds into the number of days. To retain data forever, set to null.

Response Sample