Processes API - GET all processes
Fetches the list of all processes in your DESK environment, along with their parameters and relationships.
The full list can be lengthy, so you can narrow it down by specifying filter parameters, like tags. See the Parameters section for more details.
You can additionally limit the output by using the pagination:
- Specify the number of results per page in the pageSize query parameter.
- Then use the cursor from the Next-Page-Key response header in the nextPageKey query parameter to obtain subsequent pages.
The request produces an application/json payload.
| GET |
|
Parameters
The timeframe is restricted to a maximum period of 3 days.
| Parameter | Type | Description | In | Required |
|---|---|---|---|---|
| startTimestamp | integer |
The start timestamp of the requested timeframe, in milliseconds (UTC). If not set, then 72 hours behind from now is used. |
query | optional |
| endTimestamp | integer |
The end timestamp of the requested timeframe, in milliseconds (UTC). If not set, then the current timestamp is used. The timeframe must not exceed 3 days. |
query | optional |
| relativeTime | string |
The relative timeframe, back from now. The relativeTime element can hold these values. |
query | optional |
| tag | array |
Filters the resulting set of processes by the specified tag. You can specify several tags in the following format: In case of key-value tags, such as imported AWS or CloudFoundry tags use following format: |
query | optional |
| entity | array |
Filters result to the specified processes only. To specify several processes use the following format: |
query | optional |
| hostTag | array |
Filters processes by the host they're running at. Specify tags of the host you're interested in. |
query | optional |
| host | array |
Filters processes by the host they're running at. Specify DESK IDs of the host you're interested in. To specify several hosts use the following format: The OR logic applies. |
query | optional |
| actualMonitoringState | string |
Filters processes by the actual monitoring state of the process. The actualMonitoringState element can hold these values. |
query | optional |
| expectedMonitoringState | string |
Filters processes by the expected monitoring state of the process. The expectedMonitoringState element can hold these values. |
query | optional |
| managementZone | integer |
Only return processes that are part of the specified management zone. |
query | optional |
| includeDetails | boolean |
Includes ( Excluding details may make queries faster. If not set, then |
query | optional |
| pageSize | integer |
The number of processes per result page. If not set, pagination is not used and the result contains all processes fitting the specified filtering criteria. |
query | optional |
| nextPageKey | string |
The cursor for the next page of results. You can find it in the Next-Page-Key header of the previous response. If you're using pagination, the first page is always returned without this cursor. You must keep all other query parameters as they were in the first request to obtain subsequent pages. |
query | optional |
Possible values
Possible values for the expectedMonitoringState element:
- OFF
- ON
Possible values for the actualMonitoringState element:
- OFF
- ON
Possible values for the relativeTime element:
- min
- 5mins
- 10mins
- 15mins
- 30mins
- hour
- 2hours
- 6hours
- day
- 3days
Response format
The ProcessGroupInstance object
Parameters of a process.
| Element | Type | Description |
|---|---|---|
| entityId | string | The DESK entity ID of the required entity. |
| displayName | string | The name of the DESK entity as displayed in the UI. |
| customizedName | string | The customized name of the entity |
| discoveredName | string | The discovered name of the entity |
| firstSeenTimestamp | integer | The timestamp of when the entity was first detected, in UTC milliseconds |
| lastSeenTimestamp | integer | The timestamp of when the entity was last detected, in UTC milliseconds |
| tags | TagInfo[] | The list of entity tags. |
| fromRelationships | object | |
| toRelationships | object | |
| softwareTechnologies | TechnologyInfo[] | |
| azureHostName | string | |
| listenPorts | integer[] | |
| managementZones | EntityShortRepresentation[] | The management zones that the entity is part of. |
| metadata | object | |
| bitness | string | |
| modules | string[] | |
| agentVersions | AgentVersion[] | Versions of OneAgents currently running on the entity. |
| azureSiteName | string | |
| monitoringState | MonitoringState | The current monitoring state of an entity. |
| versionedModules | ProcessGroupInstanceModule[] |
The ProcessGroupInstanceModule object
| Element | Type | Description |
|---|---|---|
| name | string | |
| version | string |
The MonitoringState object
Defines the current monitoring state of an entity.
| Element | Type | Description |
|---|---|---|
| actualMonitoringState | string | The current actual monitoring state on the entity. |
| expectedMonitoringState | string | The monitoring state that is expected from the configuration |
| restartRequired | boolean | Defines whether or not the process has to restarted to enable monitoring |
The AgentVersion object
Defines the version of the agent currently running on the entity.
| Element | Type | Description |
|---|---|---|
| major | integer | The major version number. |
| minor | integer | The minor version number. |
| revision | integer | The revision number. |
| sourceRevision | string | A string representation of the SVN revision number. |
| timestamp | string | A timestamp string: format "yyyymmdd-hhmmss |
The EntityShortRepresentation object
The short representation of a DESK entity.
| Element | Type | Description |
|---|---|---|
| id | string | The ID of the DESK entity. |
| name | string | The name of the DESK entity. |
| description | string | A short description of the DESK entity. |
The TechnologyInfo object
| Element | Type | Description |
|---|---|---|
| type | string | |
| edition | string | |
| version | string |
The TagInfo object
Tag of a DESK entity.
| Element | Type | Description |
|---|---|---|
| context | string | The origin of the tag, such as AWS or Cloud Foundry. Custom tags use the |
| key | string | The key of the tag. Custom tags have the tag value here. |
| value | string | The value of the tag. Not applicable to custom tags. |
[
{
"entityId": "string",
"displayName": "string",
"customizedName": "string",
"discoveredName": "string",
"firstSeenTimestamp": 0,
"lastSeenTimestamp": 0,
"tags": [
{
"context": "AWS",
"key": "string",
"value": "string"
}
],
"fromRelationships": "object",
"toRelationships": "object",
"softwareTechnologies": [
{
"type": "string",
"edition": "string",
"version": "string"
}
],
"azureHostName": "string",
"listenPorts": [
"integer"
],
"managementZones": [
{
"id": "6a98d7bc-abb9-44f8-ae6a-73e68e71812a",
"name": "DESK entity",
"description": "DESK entity for the REST API example\n"
}
],
"metadata": "object",
"bitness": "32bit",
"modules": [
"string"
],
"agentVersions": [
{
"major": 0,
"minor": 0,
"revision": 0,
"sourceRevision": "string",
"timestamp": "string"
}
],
"azureSiteName": "string",
"monitoringState": {
"actualMonitoringState": "OFF",
"expectedMonitoringState": "OFF",
"restartRequired": true
},
"versionedModules": [
{
"name": "string",
"version": "string"
}
]
}
]
Response headers
| Header | Type | Description |
|---|---|---|
| Total-Count | integer | The estimated number of results. |
| Next-Page-Key | string | The cursor for the next page of results. Without it you'll get the first page again. |
| Page-Size | string | The maximum number of results per page. |
Example
In this example, the request lists all processes in your DESK environment detected within the last 5 minutes.
The API token is passed in the Authorization header.
The result is truncated to two entries.
Curl
curl -X GET \
'https://mySampleEnv.live.dexp.ae/api/v1/entity/infrastructure/processes?relativeTime=5mins' \
-H 'Authorization: Api-Token abcdefjhij1234567890' \
Request URL
https://mySampleEnv.live.dexp.ae/api/v1/entity/infrastructure/processes?relativeTime=5mins
Response body
[
{
"entityId": "PROCESS_GROUP_INSTANCE-EC9688429EB24B6B",
"displayName": "Apache Web Server apache2",
"discoveredName": "Apache Web Server apache2",
"firstSeenTimestamp": 1464951001104,
"lastSeenTimestamp": 1544024894801,
"tags": [],
"fromRelationships": {
"isProcessOf": [
"HOST-5FD609AD6757BE7D"
],
"isInstanceOf": [
"PROCESS_GROUP-B34081EFF9E5F516"
]
},
"toRelationships": {
"runsOnProcessGroupInstance": [
"SERVICE-C3173FEB08025322",
"SERVICE-B8C88BAA442098CF"
]
},
"metadata": {
"commandLineArgs": [
"/usr/sbin/apache2 -k start"
],
"executables": [
"apache2"
],
"executablePaths": [
"/usr/sbin/apache2"
],
"apacheConfigPaths": [
"/etc/apache2/apache2.conf"
]
},
"softwareTechnologies": [
{
"type": "PHP",
"edition": "Apache",
"version": "5.5.9"
},
{
"type": "APACHE_HTTPD",
"edition": null,
"version": "2.4.7"
},
{
"type": "SQLITE",
"edition": null,
"version": null
}
],
"listenPorts": [
443,
80
],
"bitness": "64bit",
"monitoringState": {
"actualMonitoringState": "ON",
"expectedMonitoringState": "ON",
"restartRequired": false
},
"agentVersions": [
{
"major": 1,
"minor": 157,
"revision": 167,
"timestamp": "20181127-152923",
"sourceRevision": ""
}
]
},
{
"entityId": "PROCESS_GROUP_INSTANCE-C43E52A77ED8F809",
"displayName": "OneAgent network monitoring",
"discoveredName": "OneAgent network monitoring",
"firstSeenTimestamp": 1543571247077,
"lastSeenTimestamp": 1544024847791,
"tags": [
{
"context": "CONTEXTLESS",
"key": "sample tag"
}
],
"fromRelationships": {
"isProcessOf": [
"HOST-CCEA78FDE257A4B9"
],
"isInstanceOf": [
"PROCESS_GROUP-E2B399E9E7FF43C0"
],
"isNetworkClientOf": [
"PROCESS_GROUP_INSTANCE-9E7865921C2C984E"
]
},
"toRelationships": {},
"metadata": {
"hostGroups": [
"wazuh"
]
},
"softwareTechnologies": [
{
"type": "APMNG",
"edition": null,
"version": null
}
],
"bitness": "64bit",
"monitoringState": {
"actualMonitoringState": "ON",
"expectedMonitoringState": "ON",
"restartRequired": false
}
}
]
Response code
200