Skip to main content Link Search Menu Expand Document (external link)

Appendix-Resource

Table of contents
  1. How to access
    1. Step 1: Choose the correct site
    2. Step 2: Access to the records
    3. Step 3: Access to the scripts
  2. An example of the structure

How to access

Here we take the resource “@sentinelOneAgent” as an example, to introduce how to access to the resource before writing FPL codes to deal with the data.

Step 1: Choose the correct site

Go to the site that contains the resource you want. Make sure the resource is listed below the “Resource” of a site.

Step 2: Access to the records

Click the name of the resource, then the records are displayed.

Step 3: Access to the scripts

Click the “< >” button, then the scripts is shown. Check the list and pick the variables you are interested in.

An example of the structure

The structure of “@sentinelOneAgent”:

"@sentinelOneAgent": {
    "accountName": "Fluency Security - Reseller Account",
    "activeDirectory": {
      "computerDistinguishedName": null,
      "computerMemberOf": [],
      "lastUserDistinguishedName": null,
      "lastUserMemberOf": []
    },
    "activeThreats": 0,
    "agentVersion": "21.7.4.1043",
    "appsVulnerabilityStatus": "up_to_date",
    "computerName": "FLUENCY-WINSRV",
    "customer": "Hermes",
    "domain": "WORKGROUP",
    "externalId": "",
    "externalIp": "108.51.201.10",
    "groupName": "Office Assets",
    "id": "869546095801102059",
    "infected": false,
    "isActive": true,
    "isDecommissioned": false,
    "isPendingUninstall": false,
    "isUninstalled": false,
    "isUpToDate": true,
    "lastActiveDate": "2022-07-14T16:32:44.604522Z",
    "lastIpToMgmt": "192.168.1.30",
    "lastLoggedInUserName": "",
    "machineType": "server",
    "mitigationMode": "protect",
    "mitigationModeSuspicious": "protect",
    "modelName": "Dell Inc. - PowerEdge R320",
    "networkStatus": "connected",
    "offSecond": 85,
    "osName": "Windows Server 2012 R2 Standard",
    "osRevision": "9600",
    "osType": "windows",
    "osUsername": "",
    "pluginName": "",
    "scanFinishedAt": "",
    "scanStartedAt": "",
    "scanStatus": "none",
    "siteId": "869536966411901556",
    "siteName": "Corporate Office",
    "threatRebootRequired": false,
    "translation": {
      "agentID": "834d196e36744fc4a5477a35b8afda98",
      "asset": "FLUENCY-WINSRV",
      "ip": "192.168.1.30",
      "source": "Hermes",
      "username": ""
    },
    "updatedAt": "2022-07-14T13:55:35.434423Z",
    "uuid": "834d196e36744fc4a5477a35b8afda98"
  },
  "@source": "sentinelOne",
  "@timestamp": 1657816450591,
  "@type": "resource"