: Get Device Details per Device ID
Focus
Focus

Get Device Details per Device ID

Table of Contents

Get Device Details per Device ID

Use the IoT Security API to get device details for a specific device using its device ID.

Synopsis

URI
/pub/v4.0/device
HTTP Method
GET
FQDN
<customer-name>.iot.paloaltonetworks.com

Description

Get a list of device details for the device with the specified device ID. The device ID is typically a MAC address, but an IP address is used for devices configured as static IP devices.

Request Fields

The URL of this request contains the following parameters:
Field
Description
customerid
(
Required
) The customer ID specifies the API call for a specific tenant.
The following value is a string.
deviceid
(
Required
) The device ID specifies the MAC address of the device for which you want to get details. It’s an IP address when the device is configured as a static IP device.
The following value is a string.
For additional common parameters you can use with this request, check Get Started with the IoT Security API.
Request Example
curl --location -X GET 'https://acmecorp.iot.paloaltonetworks.com/pub/v4.0/device?customerid=acmecorp&deviceid=34:02:86:44:65:36' \ -H 'X-Key-Id: KEY_ID' \ -H 'X-Access-Key: ACCESS_KEY'
The
--location
option is necessary because some API requests elicit a 3xx response code, indicating that redirection to another destination is required to fetch the requested data, and the
--location
option enables curl to redo the request to the new destination.

Success Response

Upon success, the HTTP response code is 200. In addition, this API returns a JSON object containing an array of JSON objects, each of which represents a single device attribute.
Field
Description
deviceid
The device ID, which IoT Security uses to identify and track the device (string)
hostname
The device hostname (string)
category
The category to which the device belongs (string)
profile
The device profile assigned to the device (string)
profile_type
The type of device profile, such as
IoT
or
Non_IoT
(string)
profile_vertical
The industry vertical for the profile such as
Medical
,
IT Devices
, and
Office
(string)
ip_address
The IP address of the device (string)
mac_address
The MAC address of the device (string)
tagIdList
A list of IDs for user- and system-defined tags assigned to the device
risk_score
The risk score of the device (integer)
risk_level
The risk level of the device; there are four:
low
,
medium
,
high
, and
critical
(string)
last_activity
A UTC timestamp for the last detected device activity (object)
confidence_score
The confidence score for device classification (integer)
subnet
The subnet to which the device is attached (string)
number_of_critical_alerts
The number of critical alerts for the device (integer)
number_of_warning_alerts
The number of warning alerts for the device (integer)
number_of_caution_alerts
The number of caution alerts for the device (integer)
number_of_info_alerts
The number of info alerts for the device (integer)
allTags
An array of user-defined tags assigned to the device. Each item in the array consists of three attributes:
tagType
,
tagValue
, and
tagId
.
tagType
The key for a user-defined tag
tagValue
The value of the tag key for a user-defined tag
tagId
The ID of a user-defined tag
Success Response Example
{ "deviceid": "34:02:86:44:65:36", "hostname": "InfusionPump-20", "category": "Infusion System", "profile": "Sigma Spectrum Infusion System", "profile_type": "IoT", "profile_vertical": "Medical", "ip_address": "192.168.10.121", "mac_address": "34:02:86:44:65:36", "tagIdList": [ "6030135777a1d6fb488e26ad", "60301332ff1679e9481b62a6", "602ca12179bc780a2333895d", ], "risk_score": 0, "risk_level": "low", "last_activity": "2018-05-31T18:39:37.404Z", "confidence_score": 90, "subnet": "192.168.10.121/28", "number_of_critical_alerts": 0, "number_of_warning_alerts": 0, "number_of_caution_alerts": 0, "number_of_info_alerts": 0, "allTags": [ { "tagType": "infusion", "tagValue": "pump1", "tagId": "6030135777a1d6fb488e26ad", }, { "tagType": "infusion", "tagValue": "pump2", "tagId": "60301332ff1679e9481b62a6", }, { "tagType": "infusion", "tagValue": "pump3", "tagId": "60f221a219e22f10003a965e", }, ], ... }

Error Response

Upon error, the reply includes an HTTP response code, an error message, and additional information describing the error. The HTTP response code is one of the following:
Field
Description
400
Bad Request. This occurs when an HTTP request contains an invalid query string.
403
Forbidden access. Either the provided API Key is invalid or it does not have the required RBAC permissions to run this API.
429
Too many requests. The number of requests for device details for a single device exceeded the rate limit of 180 queries per minute per tenant.
500
Internal server error. A unified status for API communication type errors.
Error Response Format
{code: STATUS_CODE, msg: GENERAL_MESSAGE}

Recommended For You