Importing assets

Details on identifying, creating, and updating assets

Assets are imported according to the asset data merging rules.

POST /api/v1/assets/import

Bulk creation or update of assets.

If the FQDN of an asset is specified, it acts as the unique ID of the asset within the tenant. If more than one FQDN is specified, the first FQDN from the specified array of FQDNs is used. If no FQDN is specified, the first IP address in the specified array of addresses is used to identify the asset. If the asset name is not specified, either FQDN or the first IP address is used as the name. Assets imported from KSC cannot be updated, therefore, FQDN conflicts may occur during the import process if a KSC asset with a the same FQDN already exists in the tenant. Such conflicts prevent the processing of the conflicting asset, but do not prevent the processing of other assets specified in the request body. Allows you to populate custom fields by uuid from the assetsCustomFields settings.

Access: General administrator, Tenant administrator, Tier 2 analyst, Tier 1 analyst.

Request body

Format: JSON

type Request struct {

TenantID string `json:"tenantID"`

    Assets []Asset `json:"assets"`

}

 

type Asset struct {

Name string `json:"name"`

FQDN string `json:"fqdn"`

IPAddresses []string `json:"ipAddresses"`

MACAddresses []string `json:"macAddresses"`

Owner string `json:"owner"`

OS *OS `json:"os"`

Software []Software `json:"software"`

Vulnerabilities []Vulnerability `json:"vulnerabilities"`

CustomFields []Software `json:"customFields"`

}

 

type OS struct {

Name string `json:"name"`

Version uint64 `json:"version"`

}

 

type Software struct {

Name string `json:"name"`

Version string `json:"version"`

Vendor string `json:"vendor"`

}

 

type Vulnerability struct {

KasperskyID string `json:"kasperskyID"`

ProductName string `json:"productName"`

DescriptionUrl string `json:"descriptionUrl"`

RecommendedMajorPatch string `json:"recommendedMajorPatch"`

RecommendedMinorPatch string `json:"recommendedMinorPatch"`

SeverityStr string `json:"severityStr"`

Severity uint64 `json:"severity"`

CVE []string `json:"cve"`

ExploitExists bool `json:"exploitExists"`

MalwareExists bool `json:"malwareExists"`

}

 

type CustomFields struct {

ID string `json:"id"`

Name string `json:"name"`

Value string `json:"value"`

}

Request mandatory fields

Name

Data type

Mandatory

Description

Value example

TenantID

string

Yes

Tenant ID

00000000-0000-0000-0000-000000000000

assets

[]Asset

Yes

Array of imported assets

 

Asset mandatory fields

Name

Data type

Mandatory

Description

Value example

fqdn

string

If the ipAddresses array is not specified

Asset FQDN. You can specify multiple values separated by commas. It is recommended that you specify the FQDN and not just the host name. Priority indicator for asset identification.

my-asset-1.example.com

my-asset-1

ipAddresses

[]string

If FQDN is not specified

Array of IP addresses for the asset. IPv4 or IPv6. The first element of the array is used as a secondary indicator for asset identification.

["192.168.1.1", "192.168.2.2"]

["2001:0db8:85a3:0000:0000:8a2e:0370:7334"]

Response

HTTP code: 200

Format: JSON

type Response struct {

InsertedIDs map[int64]interface{} `json:"insertedIDs"`

UpdatedCount uint64 `json:"updatedCount"`

Errors []ImportError `json:"errors"`

}

 

type ImportError struct {

Index uint64 `json:"index"`

Message string `json:"message"`

}

Possible errors

HTTP code

Description

message field value

details field value

400

Tenant ID is not specified

tenantID required

 

400

Attempt to import assets into the shared tenant

import into shared tenant not allowed

 

400

Not a single asset was specified in the request body

at least one asset required

 

400

None of the mandatory fields is specified

one of fields required

asset[<index>]: fqdn, ipAddresses

400

Invalid FQDN

invalid value

asset[<index>].fqdn

400

Invalid IP address

invalid value

asset[<index>].ipAddresses[<index>]

400

IP address is repeated

duplicated value

asset[<index>].ipAddresses

400

Invalid MAC address

invalid value

asset[<index>].macAddresses[<index>]

400

MAC address is repeated

duplicated value

asset[<index>].macAddresses

403

The user does not have the required role in the specified tenant

access denied

 

404

The specified tenant was not found

tenant not found

 

406

The specified tenant was disabled

tenant disabled

 

500

Any other internal errors

variable

variable

Page top