AirWatch
Visualize the VMWare AirWatch admins, users, groups, and devices, map AirWatch users to employees, and monitor changes through queries and alerts.
- Installation guide
- AirWatch data model
- AirWatch types
Installation
To install this integration, you will need to configure settings both within AirWatch and on JupiterOne. Before enabling in JupiterOne, ensure that you have completed the setup within your AirWatch account.
Configuration on AirWatch
Log into VMWare AirWatch (Workspace ONE™️ UEM) and create an Administrator user account for the integration to authenticate with the REST API:
Select Accounts > Administrators > List View.
Press the Add > Add Admin" button and provide required details.
noteWe recommend setting values that represent JupiterOne as a
systemuser account. Ensure that you set Title on the Details tab tosystemso that JupiterOne understands this is a user for automation (so it does not attempt to map to a Person entity).Once the account is created, you will need to create a new AirWatch API key.
Configuration in JupiterOne
To install the AirWatch integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select AirWatch. Click New Instance to begin configuring the integration.
Creating an AirWatch instance requires the following:
The Account Name used to identify the AirWatch account in JupiterOne. Ingested entities will have this value stored in
tag.AccountNamewhen theAccountNametoggle is enabled.Description to assist in identifying the integration instance, if desired.
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLEDand manually execute the integration.The Hostname, Admin Username, and Admin Password of your AirWatch account.
Rest API Key (or Tenant Code) used to authenticate with Airwatch.
Click Create once all values are provided to finalize the integration.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Data Model
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| Account | airwatch_account | Account |
| Admin | airwatch_user | User |
| Device | user_endpoint | Host, Device |
| Device User | device_user | User |
| Organization Group | airwatch_group | Group, UserGroup |
| Profile | airwatch_profile | Configuration |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
airwatch_account | HAS | airwatch_group |
airwatch_account | MANAGES | user_endpoint |
airwatch_group | HAS | airwatch_group |
airwatch_group | HAS | airwatch_user |
user_endpoint | INSTALLED | airwatch_profile |
user_endpoint | OWNS | device_user |
Airwatch Account
airwatch_account inherits from Account
| Property | Type | Description | Specifications |
|---|---|---|---|
name * | string |
Airwatch Group
airwatch_group inherits from Group, UserGroup
| Property | Type | Description | Specifications |
|---|---|---|---|
uuid | string | ||
groupId | string | ||
locationGroupType | string | Type of organization group Examples: Global, Customer, Partner | |
country | string | ||
admins | number | Number of console admin users in the organization group | |
devices | number | Number of enrolled/unenrolled devices present in the organization group | |
users | number | Number of enrollment users in the organization group | |
locale | string |
Airwatch User
airwatch_user inherits from User
| Property | Type | Description | Specifications |
|---|---|---|---|
admin * | boolean | ||
uuid | string | ||
organizationGroupUuid | string | ||
username | string | ||
firstName | string | ||
lastName | string | ||
email | string | ||
initialLandingPage | string | ||
lastLoginTimeStamp | number | ||
locale | string | ||
locationGroup | string | ||
locationGroupId | string | ||
messageTemplateId | string | ||
messageTemplateUuid | string | ||
timeZone | string |
User Endpoint
user_endpoint inherits from Host, Device
| Property | Type | Description | Specifications |
|---|---|---|---|
username | string | ||
email | string | ||
uuid | string | ||
serialNumber | string | ||
imei | string | ||
deviceFriendlyName | string | ||
ownerId | string | ||
assetNumber | string | ||
hostName | string | ||
wifiSsid | string | ||
isSupervised | boolean | ||
userEmailAddress | string | ||
airwatchPlatform | string | ||
operatingSystem | string |
Device User
device_user inherits from User
| Property | Type | Description | Specifications |
|---|---|---|---|
uuid | string |
Airwatch Profile
airwatch_profile inherits from Configuration
| Property | Type | Description | Specifications |
|---|---|---|---|
platform | string | ||
managedBy | string | ||
payloads | array of strings |