列出端点
编辑列出端点
编辑检索运行 Elastic Defend 的主机列表。
请求 URL
编辑GET <kibana 主机>:<端口>/api/endpoint/metadata
URL 查询参数
编辑所有参数都是可选的
名称 | 类型 | 描述 | 默认值 |
---|---|---|---|
|
数字 |
要检索的结果的基于零的页面。 |
0 |
|
数字 |
每页结果的大小。1 到 10000。 |
10 |
|
字符串 |
一个 KQL 字符串。 |
|
|
字符串[] |
要按其过滤的一组代理运行状况状态。 可接受的主机状态值是
|
|
|
字符串 |
确定用于对结果排序的字段。 可接受的字段值是
|
|
|
字符串 |
确定排序顺序,可以是 |
|
示例请求
编辑列出端点
GET /api/endpoint/metadata
列出端点,按 Windows 操作系统过滤
GET /api/endpoint/metadata?kuery="united.endpoint.host.os.name : 'Windows'"
列出端点,按主机状态过滤
GET /api/endpoint/metadata?hostStatuses=["healthy", "updating"]
响应代码
编辑-
200
- 表示调用成功。
示例响应
编辑{ "data": [ { "host_status": "healthy", "last_checkin": "2023-07-04T15:47:57.432Z", "metadata": { "@timestamp": "2023-07-04T15:47:57.432173535Z", "Endpoint": { "capabilities": [ "isolation" ], "configuration": { "isolation": false }, "policy": { "applied": { "endpoint_policy_version": "2", "id": "d5371dcd-93b7-4627-af88-4084f7d6aa3e", "name": "test", "status": "success", "version": "3" } }, "state": { "isolation": false }, "status": "enrolled" }, "agent": { "build": { "original": "version: 7.16.0, compiled: Tue Nov 16 16:00:00 2021, branch: 7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab" }, "id": "285297c6-3bff-4b83-9a07-f3e749801123", "type": "endpoint", "version": "7.16.0" }, "data_stream": { "dataset": "endpoint.metadata", "namespace": "default", "type": "metrics" }, "ecs": { "version": "1.11.0" }, "elastic": { "agent": { "id": "285297c6-3bff-4b83-9a07-f3e749801123" } }, "event": { "action": "endpoint_metadata", "agent_id_status": "verified", "category": [ "host" ], "created": "2023-07-04T15:47:57.432173535Z", "dataset": "endpoint.metadata", "id": "MNtSXK/SkhEBnmgt++++++7S", "ingested": "2023-07-04T15:47:58Z", "kind": "metric", "module": "endpoint", "sequence": 400, "type": [ "info" ] }, "host": { "architecture": "x86_64", "hostname": "david-Xubuntu", "id": "0cfead88e2024bd8a27476352b5ab264", "ip": [ "127.0.0.1", "::1", "10.0.2.15", "fe80::2ac7:8e15:b957:2fa1" ], "mac": [ "08:00:27:e6:78:8b" ], "name": "david-Xubuntu", "os": { "Ext": { "variant": "Ubuntu" }, "family": "ubuntu", "full": "Ubuntu 20.04.2", "kernel": "5.8.0-59-generic #66~20.04.1-Ubuntu SMP Thu Jun 17 11:14:10 UTC 2021", "name": "Linux", "platform": "ubuntu", "type": "linux", "version": "20.04.2" } }, "message": "Endpoint metadata" }, "policy_info": { "agent": { "applied": { "id": "ed7e3720-4bad-11ec-a2a8-fb22e62a5753", "revision": 0 }, "configured": { "id": "ed7e3720-4bad-11ec-a2a8-fb22e62a5753", "revision": 3 } }, "endpoint": { "id": "d5371dcd-93b7-4627-af88-4084f7d6aa3e", "revision": 2 } } }, { "host_status": "healthy", "last_checkin": "2023-07-04T15:44:31.491Z", "metadata": { "@timestamp": "2023-07-04T15:44:31.4917849Z", "Endpoint": { "capabilities": [ "isolation" ], "configuration": { "isolation": false }, "policy": { "applied": { "endpoint_policy_version": "2", "id": "d5371dcd-93b7-4627-af88-4084f7d6aa3e", "name": "test", "status": "success", "version": "3" } }, "state": { "isolation": false }, "status": "enrolled" }, "agent": { "build": { "original": "version: 7.16.0, compiled: Tue Nov 16 17:00:00 2021, branch: 7.16, commit: 73a51033db85e0fb3be1c934697ef6a2b08979ab" }, "id": "abb8a826-6812-448c-a571-6d8269b51449", "type": "endpoint", "version": "7.16.0" }, "data_stream": { "dataset": "endpoint.metadata", "namespace": "default", "type": "metrics" }, "ecs": { "version": "1.11.0" }, "elastic": { "agent": { "id": "abb8a826-6812-448c-a571-6d8269b51449" } }, "event": { "action": "endpoint_metadata", "agent_id_status": "verified", "category": [ "host" ], "created": "2023-07-04T15:44:31.4917849Z", "dataset": "endpoint.metadata", "id": "MNtRc++KoKHXXwlj+++++/N9", "ingested": "2023-07-04T15:44:33Z", "kind": "metric", "module": "endpoint", "sequence": 5159, "type": [ "info" ] }, "host": { "architecture": "x86_64", "hostname": "WinDev2104Eval", "id": "17d9cabc-7edd-43bc-bacb-8da5f5e6c0e5", "ip": [ "10.0.2.15", "fe80::21a6:63d3:d70e:e3ad", "127.0.0.1", "::1" ], "mac": [ "08:00:27:b1:1d:5a" ], "name": "WinDev2104Eval", "os": { "Ext": { "variant": "Windows 10 Enterprise Evaluation" }, "family": "windows", "full": "Windows 10 Enterprise Evaluation 20H2 (10.0.19042.906)", "kernel": "20H2 (10.0.19042.906)", "name": "Windows", "platform": "windows", "type": "windows", "version": "20H2 (10.0.19042.906)" } }, "message": "Endpoint metadata" }, "policy_info": { "agent": { "applied": { "id": "ed7e3720-4bad-11ec-a2a8-fb22e62a5753", "revision": 0 }, "configured": { "id": "ed7e3720-4bad-11ec-a2a8-fb22e62a5753", "revision": 3 } }, "endpoint": { "id": "d5371dcd-93b7-4627-af88-4084f7d6aa3e", "revision": 2 } } } ], "total": 2, "page": 0, "pageSize": 10, "sortField": "enrolled_at", "sortDirection": "desc" }