Skip to main content Link Menu Expand (external link) Document Search Copy Copied

Examples - Basic Information

Table of contents
  1. Basic Information
  2. Basic Information: wrote in function

Basic Information 

load resource sentinelOneAgent
let {agentID,asset,username} = f("@sentinelOneAgent.translation")
let {computerName,modelName,mitigationMode,infected,appsVulnerabilityStatus} = f("@sentinelOneAgent")

In this case, all the information are listed in the result table.

How to know what variables does a resource contain is introduced in Appendix-Resource.

Related FPL command: load;f;

Basic Information: wrote in function

Based on the last case, sometimes there’s more than one task we want to do at one time after getting an overview of the database. To do this, we can wrap a module of contexts into a function and use stream to call them.

function s1_infected()
  load resource sentinelOneAgent
  let {agentID} = f("@sentinelOneAgent.translation")
  let {computerName,modelName,mitigationMode,infected,appsVulnerabilityStatus} = f("@sentinelOneAgent")
  aggregate total=count(),infected=count(infected),patchNeeded=count(appsVulnerabilityStatus=="patch_required")
end

function s1_issues()
  load resource sentinelOneAgent
  let {agentID,asset,username} = f("@sentinelOneAgent.translation")
  let {computerName,modelName,mitigationMode,infected,appsVulnerabilityStatus} = f("@sentinelOneAgent")
  where infected==true or appsVulnerabilityStatus=="patch_required"
end
 
stream infected_systems=s1_infected()
stream issues=s1_issues()

In this case, there are two functions. The first is to extract the total number of records, the total number of records identified as infected, and the total number of records which need patch. The second one is to display the records identified as infected or requiring patch.

Related FPL command: load;f;where;aggregate;stream