# Asset Object Assets are stored at the client level, and only the single doc\_type value of "client\_asset" exists in the database. An asset can exist as a standalone file added for a client through the Clients module or associated with a report finding referred to as an affected asset. An affected asset refers to a client\_asset object with extra properties stored on the finding object. Although it doesn't have its own type or location in the database, it can still be considered a real object since it is technically distinct and exists within the finding object. ## Asset Table The following table explains the fields and data types stored for an asset. Fields are presented in alphabetical order by object field name. {% hint style="info" %} The only required field when creating an asset is the asset name. {% endhint %}

object field name	description	data type
asset	name of asset	string
assetCriticality	value capturing the asset criticality that must be one of five provided values	string: "Critical", "High", "Medium", "Low", "Information"
assignedTo	email of user vulnerability is assigned to	string
child_assets	assets identified as belonging to this asset	dict {asset str: UUID or CUID of asset, dict {ASSET Object} `"child_assets": { "[ASSET id]": {ASSET Object} }`
client_id	client that the asset belongs to	integer
closedAt	time vulnerability was closed	integer of epoch milliseconds `1662588579026`
created	when asset was created	null \| ISO 8601 format `2024-08-16T15:24:19.000Z`
createdAt	when asset was created	integer of epoch milliseconds `1662588579026`
data_owner	name of owner	string
description	description of asset	string
dns_name	name of dns	string
doc_type	field in database to identify object	string
evidence	evidence ID of vulnerability	string array of Evidence UUIDs
findings	list of findings that the asset is associated with and is autogenerated to record the relationship between the finding and asset	dict {int: id of finding: dict {VULNERABILITY Object}
host_fqdn	fully qualified domain name of host	string
host_rdns	reverse Domain Name System of host	string
hostname	hostname	string
instances	instances of `findings`. since report findings with the same title on different reports have the same `flaw_id`, this sub dict on a finding is the instances where that finding is found on different reports. autogenerated to record the relationship between the finding and asset	string: report id value: "report_id": int, "report_severity": str: ["Critical", "High", "Medium", "Low", "Information"], "report_status": str: ["Open", "In Process", "Closed"], "report_flaw_title": str, "createdAt": int: epoch milliseconds, "updatedAt": int: epoch milliseconds
id	legacy asset unique identifier. if this value is a CUID it will match the `cuid` field	string: UUID or CUID
knownIps	list of associated IPs	string array (has IP format validation)
locationUrl	url of related vulnerability	string
mac_address	media access control address unique identifier	string
netbios_name	16-byte name for a networking service or function on a machine running Microsoft Windows Server	string
notes	any added notes to asset	string array
operating_system	operating system related to asset	string array
parent_asset	reference data of parent asset	`"parent_asset" : { "id" : str ASSET id, "asset" : str ASSET asset }`
pci_status	PCI compliance status	string: "pass" or "fail"
physical_location	physical location of asset	string
ports	known ports	`"ports": { "[number]_[service]_[protocol]_[version]": { "number": str, "service": str, "protocol": str, "version": str } }`
reopenedAt	when vulnerability was reopened	integer \| null
report_id	ID of report that vulnerability is associated with	integer
severity	severity of vulnerability that must be one of five provided values	string: "Critical", "High", "Medium", "Low", "Information"
status	status of vulnerability	string: "Open", "In Process", "Closed"
subStatus	substatus of vulnerability	string
system_owner	owner of system	string
tags	any tags associated with an asset	string array
title	title of vulnerability	string
total_cves	total CVEs score	integer
type	asset type that must be a specific value	string: "Server", "Workstation", "Network Device", "Application", "General"
updatedAt	date and time when asset was updated	integer in epoch milliseconds
vulnerableParameters	parameters of vulnerability	list {"id": str, "text": str}

## Client Asset Structure Client assets are lower-level objects containing information about an asset or application. They contain some information about associated report findings in the `findings` field. Client assets contain the data related to the specific physical machine or web application represented and relational information about which findings they are affected by. Every client asset object has the `findings` field. For each finding affecting the client asset, an object in that field's list contains information about the finding in a specific report and additional metadata showing how the client asset relates to the finding. Objects stored in `findings` contain additional relational metadata for vulnerability objects. ``` { "asset": str, "assetCriticality": str, "child_assets": Dict{str, {ASSET Object}}, "client_id": int, "created": str, "createdAt": int, "data_owner": str, "dns_name": str, "doc_type": "client_asset", "fields" : { "[key field value]" : { "cuid" : str, "key" : str, "label" : str, "value" : str, "sortOrder" : int } }, "findings": Dict{int, {VULNERABILITY Object}}, "host_fqdn": str, "host_rdns": str, "hostname": str, "id": str, "knownIps": Array[str], "mac_address": str, "operating_system": Array[str], "parent_asset": { "id" : str, "asset" : str }, "pci_status": str, "physical_location": str, "ports": { "[number]_[service]_[protocol]_[version]": { "number": str, "service": str, "protocol": str, "version": str } }, "system_owner": str, "tags": Array[str], "total_cves": int, "type": str, "updatedAt": int || null } ``` ## Child Asset Structure The child asset is the same as another separate client asset. ``` "child_assets": { "[id field value]": { "asset": str, "client_id" : int, "id": str, "cuid": str, ... rest of client asset fields } ``` ## Affected Asset Structure Affected assets are not objects with their own database type but a value stored in the `affected_assets` field of a finding object. It contains information about a client asset being affected and relational metadata about the finding and client asset. An affected asset object on a finding will have an additional subset of fields compared to the client asset with the same ID. Some additional fields exist that only make sense when the finding and client asset are viewed together, such as the date the finding started affecting the client asset, the affected ports, location access to vulnerability, vulnerable parameters, and evidence of the affection.

object field name	description	data type
status	status of affected asset	str
subStatus	substatus of affected asset	str
substatusCuid	CUID of substatus	str: CUID
evidence
locationUrl	location URL of affectde asset	str
vulnerableParameters	URL query parameters from `locationUrl`	str array
notes	notes of affected asset. not the same as the Array[str] on the `notes` field on a client asset	str
ports	affected ports on the affected asset. a subset of port associated with the affected asset, not necessarily the entire list of port on the client asset	`"ports": { "[number]_[service]_[protocol]_[version]": { "number": str, "service": str, "protocol": str, "version": str } }`

``` { "asset": str, "client_id": int, "id": str, "cuid": str, ... rest of client asset fields ... // affected fields "status": str, "subStatus": str, "substatusCuid": str CUID, "closedAt": null | str datestamp, "reopenedAt": null | str datestamp, "evidence": Array[str CUID of EVIDENCE Objects], "locationUrl": str, "vulnerableParameters": Array[ { "id": str CUID, "text": str } ], "notes": str, "ports": { "[number]_[service]_[protocol]_[version]": { "number": str, "service": str, "protocol": str, "version": str } }, } ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.plextrac.com/plextrac-documentation/api-documentation/object-structures/asset-object.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.