Get threat devices
Request a list of devices affected by a specific threat. Only one file_path is listed per page_item, therefore the same device could have multiple entries, one entry per file_path.
Service endpoint | /threats/v2/{threat_sha256}/devices?page=m&page_size=n |
Optional query string parameters |
|
Example | return the first page with 100 devices that have the specified threat: https://protectapi.cylance.com/threats/v2/bf17366ee3bb8068a9ad70fc9e68496e7e311a055bf4ffeeff53cc5d29ccce52/devices?page1&page_size=100 |
Method | HTTP/1.1 GET |
Request headers |
|
Request
None
Response
Please see the Response status codes for more information.
Response JSON schema
Field Name | Description |
|---|---|
agent_version | This is the CylancePROTECT Desktop agent version installed on the device. |
date_found | This is the date and time (in UTC) when the threat was found on the device. |
file_path | This is the path where the file was found on the device. Only one file_path is listed per page_item, therefore the same device could have multiple entries, one entry per file_path. |
file_status | This is the current quarantine status of the file on the device.
|
id | This is the endpoint's unique identifier. |
ip_addresses | This is the list of IP addresses for the device. |
mac_addresses | This is the list of MAC addresses for the device. |
name | This is the name of the device. |
page_number | This is the page number requested. |
page_size | This is the page size requested. |
policy_id | This is the unique identifier for the policy assigned to the device, or null if no policy is assigned. |
state | This is the state of the device.
|
total_number_of_items | This is the total number of resources. |
total_pages | This is the total number of pages that can be retrieved, based on the page size specified. |