Links

Asset Object

Assets are stored at the client level, and in the database, only the single doc_type value of "client_asset" exists. However, a different subset of fields will be returned depend on the API endpoint used, and these subsets and variances are explained below.

Types of Assets

Assets can exist in PlexTrac in multiple ways:
  1. 1.
    As a standalone file added for a client through the Clients module.
  2. 2.
    As an asset associated with a finding, which are referred to as affected assets.
  3. 3.
    As an asset associated with a report via its association with a finding in the report. Assets cannot be added to a report independently and only exist within a report if part of a finding that was added to the report. These assets are not considered report assets, and the report only holds a reference to the asset.

Asset Table

The following table explains the fields and data types stored for an asset. Fields are presented in alphabetical order by object field name.
The only required field when creating an asset is the asset name.
object field name
description
data type
asset
name of asset
string
assetCriticality
value capturing the asset criticality that must be one of five provided values
string from list: "Critical", "High", "Medium", "Low", "Information"
assignedTo
email of user vulnerability is assigned to
string
child_assets
assets identified as belonging to this asset
dict {asset str: UUID of asset, dict {CHILD ASSET Object}
client_id
client that the asset belongs to
integer
closedAt
time vulnerability was closed
integer in epoch milliseconds, such as "1661376746781"
created
when asset was created
string: Zulu date time format, such as "2022-05-20T20:43:59.405Z"
createdAt
when asset was created
integer in epoch milliseconds, such as "1661376746781"
data_owner
name of owner
string (defaults to "Data Owner")
description
description of asset
string
dns_name
name of dns
string (defaults to "DNS Name")
doc_type
field in database to identify object
string
evidence
evidence ID of vulnerability
array string UUID
findings
list of findings that the asset is associated with and is autogenerated to record the relationship between the finding and asset
dict {int: id of finding: dict {VULNERABILITY Object}
host_fqdn
fully qualified domain name of host
string
host_rdns
reverse Domain Name System of host
string, such as "216.58.211.142"
hostname
hostname
string
instances
instances of vulnerability
string: report id value: "report_id": int, "report_severity": str: ["Critical", "High", "Medium", "Low", "Information"], "report_status": str: ["Open", "In Process", "Closed"], "report_flaw_title": str, "createdAt": int: epoch milliseconds, "updatedAt": int: epoch milliseconds
id
asset unique identifier
string: UUID
knownIps
known Intrusion Prevention Systems
string array
locationUrl
url of related vulnerability
string
mac_address
media access control address unique identifier
string
netbios_name
16-byte name for a networking service or function on a machine running Microsoft Windows Server
string
notes
any added notes to asset
string
operating_system
operating system related to asset
string array
parent_asset
asset ID of parent asset
dict {ASSET Object}
pci_status
PCI compliance status
string: "pass" or "fail"
physical_location
physical location of asset
string
ports
known ports
dict { str: value of number: { "number": str, "service": str, "protocol": str, "version": str }
reopenedAt
when vulnerability was reopened
integer (defaults to "null")
report_id
ID of report that vulnerability is associated with
integer
severity
severity of vulnerability that must be one of five provided values
string from list: "Critical", "High", "Medium", "Low", "Information"
status
status of vulnerability
string: "Open", "In Process", "Closed"
subStatus
substatus of vulnerability
string
system_owner
owner of system
string (defaults to "System Owner")
tags
any tags associated with an asset
string array
title
title of vulnerability
string
total_cves
total CVEs score
integer
type
asset type that must be a specific value
string: "Server", "Workstation", "Network Device", "Application", "General"
updatedAt
date and time when asset was updated
integer in epoch milliseconds
vulnerableParameters
parameters of vulnerability
list {"id": str, "text": str}

Client Asset Structure

Client assets are lower-level objects containing information about an asset or application. They contain some finding information in the form of a vulnerability[link].
Client assets contain the set of data related to the specific physical machine or web application represented and contain relational information about which findings they are affected by.
Every client asset object has the findings field. For each finding affecting the client asset, an object in that field's list contains information about the finding in a specific report and additional metadata showing how the client asset relates to the finding.
Objects stored in findings contain additional relational metadata for vulnerability objects.
Asset Object.txt
831B
Text

Child Asset Structure

The child asset contains a subset of the related client asset's information.
Child Asset Object.txt
250B
Text

Affected Asset Structure

Affected assets are not objects with its own database type but a value stored in the affected_assets field of a finding object. It contains information about a client asset being affected and relational metadata about the finding and client asset.
An affected asset object on a finding will have a subset of fields compared to the client asset with the same ID, and some additional fields exist that only make sense when the finding and client asset are viewed together, such as the date the finding started affecting the client asset, the affected ports, location access to vulnerability, vulnerable parameters, and evidence of the affection.
Affected assets are very similar to Vulnerabilities but the rules and validations defining are different.
Affected Asset Object.txt
1KB
Text
© 2022 PlexTrac, Inc. All rights reserved.