The Asset API allows you to interact with the Argus Asset Management system.
The current Asset API is V1, which is documented on this page.
The V2 API is currently under development, and should NOT be used for production integrations.
Detailed API documentation
The Swagger API documentation is always up-to-date and lets you try out any query with your user session or an API-key.
Fetching a host
To fetch a host asset by host ID:
Searching for hosts
To search for host assets, use the search endpoint. Please see Swagger for details on all possible search parameters.
The example below searches for all hosts belonging to customerID 1, which have an IP address within the 10.0.5.0/24 CIDR range, and which are member of the specified service (by service ID).
Creating a host
To create a new host asset, you need to specify customerID, name (hostname), and description.
For server assets, you should also specify any static IP-addresses assigned to the host.
Please see Swagger for details on all possible fields which may be set on create.
Updating a host
To update an existing hosts, use the host ID.
Please see Swagger for details on all possible fields which may be updated.
Creating a service
To define a new service, you need to specify customerID, name, and description.
Assign a host to a service
To assign a host to a service, use the attachhosts endpoint:
Search for vulnerabilities
Searching for vulnerabilities may be slow. To speed up results, please limit the time period, custom
To search for vulnerabilities, use the vulnerability search API.
Please see Swagger for details on all possible search parameters.
To search for unresolved vulnerabilities attached to a specific host:
To search for unresolved vulnerabilities for a specific CVE (within a specific customer):
Mark a vulnerability as resolved
A resolution may be marked as "resolved", with any resolution code of ACCEPTED, FALSE_POSITIVE, SERVICE_NOT_AVAILABLE or NO_LONGER_VULNERABLE:
Unresolve a vulnerability
If a vulnerability must be reopened to state "unresolved", you can use the "reopen" endpoint:
- No labels