hwid

string

Hardware ID of the device

status

int

Reports the health status of the device. This status is based on the defined policy within MetaAccess.

Value could be:

• 0 – the endpoint is in compliance with MetaAccess account’s policies

• 1 – the endpoint is not in compliance with MetaAccess account’s policies

• 3 – the endpoint is still sending information to MetaAccess and not yet completed

critical_issue

int

This critical status is based on the defined policy within MetaAccess. This status apply for the whole device.

Value could be:

• 0 – the endpoint doesn't have critical issues

• 1 – the endpoint has critical issues

total_issue

int

Number of issues were seen on the device

total_critical_issue

int

Number of critical issues were seen on the device

exempt

int

Exempt status of the device.

Value could be:

• 0 – Endpoint device is not exempted

• 1 – Endpoint device is exempted

hostname

string

Hostname of the device. This field will be remove if it's a non-collectible to each fields which related to privacy.

country

string

Region where the device IP geographically represents

machine_type

string

The type of devices

agent_version

string

Local resident MetaAccess agent version

active

int

• 1: device is active

• 0: device is deactive

last_seen

string

The last timestamp when MetaAccess reports data to the Cloud, (GMT format)

user_info

object

User information block

user_info.username

string

username who currently logs in. This field will be remove if it's set as privacy

user_info.domain

string

Currently logged in user domain

remediation_link

string

remediation page URL of the given device

applications

array<object>

Details of each posture category

applications.category

string

category which the current block stands for

applications.critical_status

int

This critical issue status is based on the defined policy within MetaAccess. This critical issue status apply for each category.

Value could be:

• 0 – good (blue) if this category is healthy AND the box in Configuration is checked

• 1 – bad (red) if the category is healthy AND the box in Configuration is checked.

• -1 – If the box in Configuration is not checked

applications.has_issue

int

0 - no issue, 1 - out of compliance

applications.has_critical_issue

int

0 - no critical issue, 1 - has critical issue

applications.apps

array<object>

detailed products in a category

applications.apps.name

string

Name of the product

applications.apps.vendor

string

Name of the product vendor

applications.apps.version

string

Product version

applications.apps.health

object

health informationof a product

applications.apps.health.status

string

product compliance details

applications.apps.health.is_issue

int

1 - is an issue, 0 - not an issue

os_info

object

Operation system information

os_info.family

string

OS family

os_info.name

string

OS name

os_info.vendor

string

OS vendor

os_info.version

string

OS version

os_info.service_pack_version

string

OS Service Pack Version

os_info.architecture

string

OS architecture

os_info.os_language

string

OS language

os_info.user_password_set

int

If user password is set on OS, 1 is set, 0 is not set

network_info

array<object>

Network adapter information block

network_info.mac_addr

string

MAC address for adapter. This field will be remove if it's a non-collectible to each fields which related to privacy.

network_info.ipv4_addr

string

IPV4 address. This field will be remove if it's a non-collectible to each fields which related to privacy.

network_info.ipv6_addr

string

IPV6 address. This field will be remove if it's a non-collectible to each fields which related to privacy.

infections

array

Infections information

infections.category

string

Infections category name

infections.critical_status

int

0 - no critical issue, 1 - has critical issue

infections.total_threats

int

number of detected threats

infections.has_issue

int

0 - no issue, 1 - out of compliance

infections.has_critical_issue

int

0 - no critical issue, 1 - has critical issue

infections.threats

array<object>

detailed threats

infections.threats.ThreatName

string

Name of threat found

infections.threats.File

string

file which the threat found

infections.threats.FoundTime

string

The timestamp in GMT format when the threat found.

infections.threats.hash

string

hash code of the scanning object if the object is a file or process

infections.threats.link

string

a URL to view scan details on Metadefender Cloud

infections.last_scan_time

string

The timestamp in GMT format when the agent did a scan

infections.total_engines

int

number of engines scanned a file

infections.last_report

string

the timestamp in GMT format when agent reported threat log from local anti-malware product