Asset Investigation - Supported Fields
- 20 Mar 2024
- 4 Minutes to read
- Print
- DarkLight
- PDF
Asset Investigation - Supported Fields
- Updated on 20 Mar 2024
- 4 Minutes to read
- Print
- DarkLight
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
Asset Investigation is supported for a predefined set of fields. You can see the fields available for each asset type in the Field Name filter.
Supported fields per asset include:
Compute
Devices
- Public IPs
- Asset Name
- Host Name
- Network Interfaces: IPs
- Network Interfaces: MAC
- Total Physical Processors
- Total Cores
- Device Disabled
- OS: Distribution
- Open Ports: Port Number
- Agent Versions: Version
- Agent Versions: Status
- Last Used Users
- Power State
- Local Admins: Name of user or group
- Adapter Tags: Tag Value
- Noncompliant CIS AWS Foundations: Rule Section
- Noncompliant CIS Azure Foundations: Rule Section
- Noncompliant CIS Oracle Foundations: Rule Section
- Noncompliant CIS GCP Foundations: Rule Section
- Kenna: Risk Meter Score
- Azure AD User Groups: Group Name(s)
- Azure AD: Compliance State
- Solarwinds: Asset Status
- Airwave: Last AP
- Airwave: SSID
- Cisco ARP: Switch PORT
- Organizational Unit
- AD Is Domain Controller (DC)
- AD DHCP Server
Contact Axonius support to track the following Devices fields:
- Vulnerable Software: CVE ID
- Installed Software: Software Name
- AD memberOf
Compute Services
- Name
- Asset Type
- Description
- Repository URI
- Created At
- Last Access
- Status
- Location
- Kubernetes Version
- EndpointPublic
- EndpointPrivate
- EndpointPublicPrivateMaximum
- PODs Per Node
- POD Address Range
- Service Address Range
- Auto Upgrade
Databases
- Name
- Asset type
- Allocated Storage
- Master Username
- Publicly Accessible
- Storage Type
- Status
- Creation Date
- Storage Encrypted
- Port
- Instance Type
- Replica Names
- Database Engine Version
- IP Addresses
- Firewall Rules: Name
- Firewall Rules: Security group ID
- Firewall Rules: Source
- Firewall Rules: Allow / Deny
- Firewall Rules: Direction
- Firewall Rules: Target
- Firewall Rules: Target Subnet Count
- Firewall Rules: Protocol
- Firewall Rules: From port
- Firewall Rules: To port
- Firewall Rules: Priority
Containers
- Name
- Asset Type
- Cluster ID
- Cluster Name
- Last Status
- Associated DNS
- Is Container
Serverless Functions
- Name
- Asset Type
- Entry Point (Handler)
- Memory Size
- RuntimeTimeout (seconds)
- Version
- Description
Identity
Users
- User Name
- Last Password Change
- Account Disabled
- Password Is Not Required
- Is Locked
- Password Never Expires
- Is Local
- Is Admin
- Domain
- User Status
- Last Logon Date
- Account Expiration Date
- Last Bad Logon Date
- User Manager Username
- User Department
- Azure AD User Groups: Group Name(s)
- Last Seen In Domain
- Activity Status
- Terminated
- Is Managed By Application
- Is Managed By SSO
- Is Orphaned
- Is SaaS Application User
- Is SSO User
- Is User External
- Is User Paid
- Assigned Permissions
- Assigned Roles
- Applications: Activity Status
- Applications: Is Unlinked
- Applications: Is Unmanaged
- Account State
- Activity Status
- User Title
- Hire Date
- Business Title
- Termination Date
- Is Terminated
- Location
- Employee ID
Contact Axonius support to track the following Users field:
- AD memberOf
Groups
- Name
- Display name
- Remote ID
Roles
- Name
- Is Admin
- Display Name
- Description
- Remote ID
- Create Date
- Last Activity Time
Accounts
- Name
- Asset Type
- Owner Email
- Created Date
- Status
- Remote Account ID
- Domains: Name
- Domains: Is default
Applications
Application Extensions
- Active Status But Inactive User Count
- Activity Status - Active Count
- Activity Status - Inactive Count
- Activity Status - Unused Count
- Extension Type
- Is Managed App
- Last Access
- Name
- Permissions - Calendar Count
- Permissions - Drive Count
- Permissions - Is Admin Count
- Permissions - Is identity Count
- Permissions - Mail Count
- Used By
- User Activity Status - Active Count
- User Activity Status - Inactive Count
- User Activity Status - Unused Count
- User Count
Application Settings
- Application
- Application Documentation
- Configuration Values: Entity Level
- Configuration Values: Entity Name
- Configuration Values: Is Valid
- Configuration Values: Link
- Configuration Values: Link Path
- Configuration Values: Setting Recommendation Value
- Configuration Values: Setting Value
- Configuration Values: Setting Value in App (Raw)
- Impact
- Level
- Link
- Link Path
- Product Name
- Setting Name
- Setting Name in Application
- Setting Type
- Settings Score
- Standards
Expenses
- Amount (USD)
- Application
- Description
- Transaction Time
- User Email
Licenses
- Actual Renewal Date
- Application
- End date
- Is active license
- License estimated total monthly cost (USD)
- License estimated total yearly cost (USD)
- License name
- License payment
- License total cost (USD)
- Pricing Unit
- Quantity
- Start date
- Subscription term
- Unit Price (USD)
SaaS Applications
- static data
- Active Users
- Category
- Compliance
- Discovered Users
- Domain
- Inactive Users
- Is Discovered
- Is Managed
- Is Managed by Connected App
- Is Managed by SSO
- Managed Users by App
- Managed Users by SSO
- Name
- Orphaned Users
- Unlinked Users
- Unused Users
User Extensions
- Activity Status
- Associated User: User Name
- Extension Type
- Is Managed App
- Last Accessed
- Name
- Permissions: Is Admin
- Permissions: Is identity
- Permissions: Scope Tag
- Used By
- User Activity Status
Secrets
- Name
- Asset Type
- Last Accessed Time
- Description
- Created Time
Application Resources
- Name
- Application Resource Type
- Last Login
Tickets
Tickets
- Ticket ID
- Key
- Project
- Issue Type
- Status
- Summary
- Description
- Assignee
- Assigned Group
- Labels
- Priority
- Reporter
- Category
- Sub Category
- Created
- Updated
- Closed At
- Due Date
Network
Networks
- Name
- Asset Type
- State
- CIDR Block
Load Balancers
- Name
- Asset type
- DNS
- Host Name
- Subnets
- Public IPs
- Firewall Rules: Name
- Firewall Rules: Security group ID
- Firewall Rules: SourceFirewall Rules: Allow / Deny
- Firewall Rules: DirectionFirewall Rules: Target
- Firewall Rules: Target Subnet Count
- Firewall Rules: ProtocolFirewall Rules: From port
- Firewall Rules: To portFirewall Rules: Priority
Network Services
- Name
- Asset Type
- Status
Network Devices
Same as Devices
In addition:
- Device Model
- Decide Manufacturar serial
- Device Type
- Device Status
- Network Name
- Organization name
Firewall Rules
- Name
- Asset Type
- Inbound Rules: Allowed / Denied
- Inbound Rules: From Port
- Inbound Rules: To Port
- Inbound Rules: IP Protocol
- Inbound Rules: CIDR
- Outbound Rules
- Outbound Rules: Allowed / Denied
- Outbound Rules: From Port
- Outbound Rules: To Port
- Outbound Rules: IP Protocol
- Outbound Rules: CIDR
Storage
Object Storage
- Name
- Asset Type
- URLs
- Creation Date
- Location
- Public access
- Logging Target
Disks
- Name
- Asset Type
- Size (GB)
- Creation Time
- State
- Iops
- Encrypted
File Systems
- Name
- Asset Type
- Host Name
- File System Type
- Creation Time
- Owner Id
- Storage Capacity
- Storage Type
Alerts and Incidents
Alerts/Incidents
- Name
- Associated Assets
- Created Time
- Start Time
- End Time
- Status
- Description
- Tactics
- Techniques
- Owner
Was this article helpful?