Device
A physical device or media, such as a server, laptop, workstation, smartphone, tablet, router, firewall, switch, wifi-access-point, usb-drive, etc. The exact data type is described in the _type property of the Entity.
Device properties
Property | Type | Description | Specifications |
---|---|---|---|
category * | string | null | The device category Examples: server, endpoint, storage-media, mobile, network, other | |
deviceId * | array of string snull | The unique device identifier, traditionally known as a UDID | |
displayName * | string | The display name of the device | |
fqdn * | array of string snull | The fully qualified domain name of the Device | |
hostname * | string | null | The primary/local hostname | |
ipv4Addresses * | array of string snull | The IPv4 Addresses associated with the Device | |
ipv6Addresses * | array of string snull | The IPv6 Addresses associated with the Device | |
lastSeenOn * | integer | null | The timestamp (in milliseconds since epoch) when the device was either last checked in or was scanned. | |
macAddresses * | array of string snull | The MAC Addresses associated with the Device, lowercase colon delimited | |
make * | string | null | Same as hardwareVendor: The manufacturer or vendor of the device, e.g. Apple Inc., Generic | |
model * | string | null | Same as hardwareModel: The device hardware model, e.g. MacBookPro13,3 | |
osDetails * | string | null | Operating System Full Details (e.g. macOS High Sierra version 10.13.6) | |
osName * | string | null | Operating System Name (e.g. macOS, Windows 10) | |
osType * | string | null | Operating System Platform | |
osVersion * | string | null | Operating System Version (e.g. 10.13.6) | |
privateIpAddresses * | array of string snull | The private IP addresses associated with the Device | |
publicIpAddresses * | array of string snull | The public IP addresses associated with the Device | |
serial * | string | null | Same as hardwareSerial: The device serial number | |
assetTag | array of string s | The asset tag number/label that matches the identifier in asset tracking system, for company owned physical devices | uniqueItems: true, |
autoSecurityPatchEnabled | boolean | Indicates if security updates are auto-installed | default: false |
autoSystemPatchEnabled | boolean | Indicates if operating system updates are auto-installed | default: false |
BYOD | boolean | Indicates if this is a BYOD device -- an employee-provided device that has access to company systems/resources. | default: false |
cost | number | The purchase cost of the device. | |
encrypted | boolean | Indicates if the primary device storage is encrypted | default: false |
firewallEnabled | boolean | Indicates if local/host firewall is enabled | default: false |
hardwareModel | string | The device hardware model, e.g. MacBookPro13,3 | |
hardwareSerial | string | The device serial number | |
hardwareVendor | string | The manufacturer or vendor of the device, e.g. Apple Inc., Generic | |
hardwareVersion | string | The device hardware version | |
location | string | Site where this device is located. | |
malwareProtected | boolean | Indicates if malware protection is enabled | default: false |
remoteAccessEnabled | boolean | Indicates if remote access/login to the device is enabled | default: false |
screenLockEnabled | boolean | Indicates if screen lock protection is enabled | default: false |
screenLockTimeout | number | Screen lock timeout in seconds | |
status | string | null | Status label of this device | enum: assigned, archived, decommissioned, defective, deployed, disposed, locked, lost/stolen, pending, ready, unknown, other |
userEmails | array of string s | The email addresses of the users this device is assigned to. Used if the device is shared by more than one user. Otherwise the 'owner' is the sole user. Leave empty/undefined if the device is unassigned. | uniqueItems: true, Format: email |
value | number | The estimated business value of the device. The value is typically calculated as the monetary cost of the device + the value of data on the device. | |
version | string | Same as hardwareVersion: The device hardware version |
Inherited properties
Property | Type | Description | Specifications |
---|---|---|---|
_class * | string | array of string s | One or more classes conforming to a standard, abstract security data model. For example, an EC2 instance will have '_class':'Host'. | |
_key * | string | An identifier unique within the scope containing the object. For example, for a Bitbucket repo, this will be the GUID of the repo as assigned by Bitbucket. For an IAM Role, this will be the ARN of the role. | minLength: 10 |
_type * | string | The type of object, typically reflecting the vendor and resource type. For example, 'aws_iam_user'. In some cases, a system knows about a type of entity that other systems know about, such as 'user_endpoint' or 'cve'. | minLength: 3 |
name * | string | Name of this entity | |
active | boolean | Indicates if this entity is currently active. | |
classification | string | null | The sensitivity of the data; should match company data classification scheme Examples: critical, confidential, internal, public | |
complianceStatus | number | The compliance status of the entity, as a percentage of compliancy. | minimum: 0, maximum: 1 |
createdBy | string | The source/principal/user that created the entity | |
createdOn | number | The timestamp (in milliseconds since epoch) when the entity was created at the source. This is different than _createdOn which is the timestamp the entity was first ingested into JupiterOne. | Format: date-time |
criticality | integer | A number that represents the value or criticality of this entity, on a scale between 1-10. | minimum: 1, maximum: 10 |
deletedBy | string | The source/principal/user that deleted the entity | |
deletedOn | number | The timestamp (in milliseconds since epoch) when the entity was deleted at the source. | Format: date-time |
description | string | An extended description of this entity. | |
discoveredBy | string | The source/principal/user that discovered the entity | |
discoveredOn | number | The timestamp (in milliseconds since epoch) when the entity was discovered. | Format: date-time |
expiresOn | number | If the entity is a temporary resource, optionally set the expiration date. For example, the expiration date of an SSL cert. | Format: date-time |
id | string | array | Identifiers of this entity assigned by the providers. Values are expected to be unique within the provider scope. | |
notes | array of string s | User provided notes about this entity | |
owner | string | The owner of this entity. This could reference the name of the owner, or as reference ID/key to another entity in the graph as the owner. | |
public | boolean | Indicates if this is a public-facing resource (e.g. a public IP or public DNS record) or if the entity is publicly accessible. Default is false. | |
risk | integer | The risk level of this entity, on a scale between 1-10. | minimum: 1, maximum: 10 |
summary | string | A summary / short description of this entity. | |
tags | array of string s | An array of unnamed tags | |
temporary | boolean | Indicates if this node is a temporary resource, such as a lambda instance or an EC2 instance started by ECS. | |
trust | integer | The trust level of this entity, on a scale between 1-10. | minimum: 1, maximum: 10 |
trusted | boolean | Indicates if this is a trusted resource. For example, a trusted Network, Host, Device, Application, Person, User, or Vendor. | |
updatedBy | string | The source/principal/user that updated the entity | |
updatedOn | number | The timestamp (in milliseconds since epoch) when the entity was last updated at the source. | Format: date-time |
validated | boolean | Indicates if this node has been validated as a known/valid Entity. | |
webLink | string | Web link to the source. For example: https://console.aws.amazon.com/iam/home#/roles/Administrator. This property is used by the UI to add a hyperlink to the entity. | Format: uri |
Required properties
_key
_class
_type
name
displayName
category
ipv4Addresses
ipv6Addresses
macAddresses
publicIpAddresses
privateIpAddresses
hostname
fqdn
serial
deviceId
lastSeenOn
make
model
osName
osType
osDetails
osVersion