Get the Device Inventory

Use the IoT Security API to get a list of all the devices in your inventory.

Synopsis

URI
/pub/v4.0/device/list
HTTP Method
GET
FQDN
<customer-name>.iot.paloaltonetworks.com

Description

Get a list of all the devices in your IoT Security inventory.

Request Fields

The URL of this request contains the following parameters:
Field
Description
customerid
(
Required
) The customer ID specifies the API call for a specific tenant.
The following value is a string.
Request Example
curl 'https://acmecorp.iot.paloaltonetworks.com/pub/v4.0/device/list?customerid=acmecorp' -H 'X-Key-Id: <key_id>' -H 'X-Access-Key: <access_key>'

Success Response

Upon success, the HTTP response code is 200. In addition, this API returns a JSON object containing an array of JSON objects, representing devices and their attributes.
Field
Description
total
The number of devices matching the request
devices
An array containing device details
deviceid
The device ID, which IoT Security uses to identify and track the device (string)
hostname
The device hostname (string)
category
The category to which the device belongs (string)
profile
The device profile assigned to the device (string)
profile_type
The type of device profile, such as
IoT
or
Non_IoT
(string)
profile_vertical
The industry vertical for the profile such as
Medical
,
IT Devices
, and
Office
(string)
ip_address
The IP address of the device (string)
mac_address
The MAC address of the device (string)
risk_score
The risk score of the device (integer)
risk_level
The risk level of the device; there are four:
low
,
medium
,
high
, and
critical
(string)
last_activity
A UTC timestamp for the last detected device activity (object)
confidence_score
The confidence score for device classification (integer)
To get more attributes for each device, include
detail=true
in the request. See Device-specific parameters in Get Started with the IoT Security API.
Success Response Example
{ "devices": [ { "deviceid": "34:02:86:44:65:36", "hostname": "InfusionPump-20", "last_activity": "2018-05-31T18:39:37.404Z", "category": "Infusion System", "profile": "Sigma Spectrum Infusion System", "profile_type": "IoT", "profile_vertical": "Medical", "ip_address": "192.168.10.121", "mac_address": "34:02:86:44:65:36", "risk_score": 0, "risk_level": "low", "confidence_score": 90}, ... ], "total": 100 }
Data shown for only the first of the ten devices in the full response, and detail mode is off.

Error Response

Upon error, the reply includes an HTTP response code, an error message, and additional information describing the error. The HTTP response code is one of the following:
Field
Description
400
Bad Request. Got an invalid JSON.
401
Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.
402
Unauthorized access. User does not have the required license type to run this API.
403
Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.
500
Internal server error. A unified status for API communication type errors.
Error Response Format
{code: STATUS_CODE, msg: GENERAL_MESSAGE}

Recommended For You