Asset V1 Integration Guide#

Overview#

The Asset API allows you to interact with the Argus Asset Management system.

Detailed API documentation#

The Swagger API documentation is always up-to-date and lets you try out any query with your user session or an API-key.

Host Assets#

Fetching a host#

To fetch a host asset by host ID:

curl -X GET -H "Argus-API-Key: my/api/key" -H "Content-Type: application/json" https://api.mnemonic.no/assets/v1/host/3fa85f64-5717-4562-b3fc-2c963f66afa6

Searching for hosts#

To search for host assets, use the search endpoint. Please see Swagger for details on all possible search parameters.

The example below searches for all hosts belonging to customerID 1, which have an IP address within the 10.0.5.0/24 CIDR range, and which are member of the specified service (by service ID).

curl -X POST -H "Argus-API-Key: my/api/key" -H "Content-Type: application/json" https://api.mnemonic.no/assets/v1/host/search -d '{ 
  "serviceID": [
    "3fa85f64-5717-4562-b3fc-2c963f66afa6"
  ],
  "ipRange": "10.0.5.0/24",
  "customerID": [ 1 ]
}'

Creating a host#

To create a new host asset, you need to specify customerID, name(hostname), and description.

For server assets, you should also specify any static IP-addresses assigned to the host.

Please see Swagger for details on all possible fields which may be set on create.

curl -X POST -H "Argus-API-Key: my/api/key" -H "Content-Type: application/json" https://api.mnemonic.no/assets/v1/host -d '{
  "customerID": 1,
  "name": "MyHostName",
  "description": "This is my host",
  "type": "SERVER",
  "ipAddresses": [
    "94.127.56.1"
  ],
  "aliases": [
    "external.host.name"
  ]
}'

Updating a host#

To update an existing hosts, use the host ID.

Please see Swagger for details on all possible fields which may be updated.

curl -X PUT -H "Argus-API-Key: my/api/key" -H "Content-Type: application/json" https://api.mnemonic.no/assets/v1/host/3fa85f64-5717-4562-b3fc-2c963f66afa6 -d '{
  "operatingSystemCPE": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
  "addIpAddresses": [
    "94.127.56.2"
  ],
  "deleteIpAddresses": [
    "94.127.56.1"
  ]
}'

Services#

Creating a service#

To define a new service, you need to specify customerID, name, and description.

curl -X POST -H "Argus-API-Key: my/api/key" -H "Content-Type: application/json" https://api.mnemonic.no/assets/v1/service -d '{
  "customerID": 1,
  "name": "My Service",
  "description": "This is my important service"
}'

Assign a host to a service#

To assign a host to a service, use the attachhosts endpoint:

curl -X PUT -H "Argus-API-Key: my/api/key" -H "Content-Type: application/json" "https://api.mnemonic.no/assets/v1/service/<serviceid>/attachhosts" -d '{
  "hostAssetIDs": [
    "3fa85f64-5717-4562-b3fc-2c963f66afa6"
  ]
}'

Vulnerabilities#

Search for vulnerabilities#

Warning

Searching for vulnerabilities may be slow. To speed up results, please limit the time period

To search for vulnerabilities, use the vulnerability search API.

Please see Swagger for details on all possible search parameters.

To search for unresolved vulnerabilities attached to a specific host:

curl -X POST -H "Argus-API-Key: my/api/key" -H "Content-Type: application/json" https://api.mnemonic.no/assets/v1/vulnerability/search -d '{
 "hostID": [ "3fa85f64-5717-4562-b3fc-2c963f66afa6" ],
 "resolutionCode":[ "UNRESOLVED" ],
 "limit":100
}'

To search for unresolved vulnerabilities for a specific CVE (within a specific customer):

curl -X POST -H "Argus-API-Key: my/api/key" -H "Content-Type: application/json" https://api.mnemonic.no/assets/v1/vulnerability/search -d '{
 "customerID": [ 1 ],
 "vulnerabilityReference": [ "CVE-2020-11898" ],
 "resolutionCode":[ "UNRESOLVED" ],
 "limit":100
}'

Mark a vulnerability as resolved#

A vulnerability may be marked as “resolved”, with any resolution code of ACCEPTED, FALSE_POSITIVE, SERVICE_NOT_AVAILABLE or NO_LONGER_VULNERABLE:

curl -X PUT -H "Argus-API-Key: my/api/key" -H "Content-Type: application/json" https://api.mnemonic.no/assets/v1/vulnerability/3fa85f64-5717-4562-b3fc-2c963f66afa6/resolve -d '{
  "resolution": "ACCEPTED",
  "comment": "Nothing to see here"
}'

Unresolve a vulnerability#

If a vulnerability must be reopened to state “unresolved”, you can use the “reopen” endpoint:

curl -X PUT -H "Argus-API-Key: my/api/key" -H "Content-Type: application/json" https://api.mnemonic.no/assets/v1/vulnerability/3fa85f64-5717-4562-b3fc-2c963f66afa6/reopen