home

Mobile Endpoint Security

Mobile Endpoint SecuritySecurity Service Edge
Mobile Endpoint SecuritySecurity Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Show Contents

Mobile Endpoint Security

Appendix: API Responses and Schemas

Threat Event Types

The following eventsResponse example shows one event for each of the threat event types: APPLICATION, FILE, NETWORK, OS, and WEB_CONTENT. For example purposes, all threat events impact the same device at the same time, so they share an identical target block and eventTime.

{
    "count": 5,
    "streamPosition": "20843",
    "moreEvents": false,
    "requestId": "2a3401bf-5d63-4ba6-a8b5-aa5cbaa09212",
    "links": [
        {
            "rel": "events",
            "href": "/events"
        },
        {
            "rel": "next",
            "href": "/events?streamPosition=20843"
        }
    ],
    "events": [
        {
            "type": "THREAT",
            "id": "20839",
            "eventTime": "2017-02-08T14:51:04.000Z",
            "details": {
                "type": "APPLICATION",
                "id": "487e5ed1-5fcb-4700-bb44-5cc33a089e81",
                "action": "IGNORED",
                "severity": "HIGH",
                "classifications": [
                    "WORM"
                ],
                "description": "!description!",
                "assessments": [
                  classification: "WORM",
                  id: "487e5ed1-5fcb-4700-bb44-5cc33a089e81",
                  severity: "HIGH",
                ],
                "applicationName": "FooBarApplication",
                "packageName": "com.FooBarApplication",
                "packageSha": "!application SHA!",
                "path": "/usr/local/FooBarApplication",
                "fileName": "FooBarFileName.ipa"
            },
            "target": {
                "type": "DEVICE",
                "id": "cc153420-0c9b-4787-a64c-d6833a609999",
                "externalId": "ecf4c5ea-1b78-4c62-a3e1-13d854f9a2ff",
                "emailAddress": "test@example.com",
                "platform": "IOS"
                "mdmConnectorId" : "123456"
                "customerDeviceId" : "arbitrary_customer_id_value",
                "parentDeviceId" : "abcb3611-ffda-ab21-1234-8593be740dd3",
            }
        },
        {
            "type": "THREAT",
            "id": "20840",
            "eventTime": "2017-02-08T14:51:04.000Z",
            "details": {
                "type": "FILE",
                "id": "f87295ee-f7bf-4715-b475-d97f7d80cd62",
                "action": "IGNORED",
                "severity": "HIGH",
                "classifications": [
                    "DATA_LEAK"
                ],
                "description": "!description!",
                "assessments": [
                  classification: "DATA_LEAK",
                  id: "f87295ee-f7bf-4715-b475-d97f7d80cd62",
                  severity: "HIGH",
                ],
                "applicationName": "HangryBirds",
                "packageName": "com.hangrybirds",
                "packageSha": "!application SHA!",
                "path": "/usr/local/hangrybirds",
                "fileName": "hangryBirds.bin"
            },
            "target": {
                "type": "DEVICE",
                "id": "26a2e9be-8df1-4a44-84e9-a0fa68392a86",
                "externalId": "ecf4c5ea-1b78-4c62-a3e1-13d854f9a2ff",
                "emailAddress": "test@example.com",
                "platform": "IOS"
                "mdmConnectorId" : "123456"
                "customerDeviceId" : "arbitrary_customer_id_value",
                "parentDeviceId" : "abcb3611-ffda-ab21-1234-8593be740dd3",
            }
        }
        {
            "type": "THREAT",
            "id": "20841",
            "eventTime": "2017-02-08T14:51:04.000Z",
            "details": {
                "type": "NETWORK",
                "id": "50b42273-408b-4742-8722-929d464bdfeb",
                "action": "IGNORED",
                "severity": "HIGH",
                "classifications": [
                    "ACTIVE_MITM"
                ],
                "description": "!description!",
                "assessments": [
                  classification: "ACTIVE_MITM",
                  id: "50b42273-408b-4742-8722-929d464bdfeb",
                  severity: "HIGH",
                ],
                "ssid": "foo_bar_ssid",
                "dnsIpAddresses": [
                    "127.0.0.1",
                    "10.10.10.122"
                ],
                "macAddress": "00:00:00:00:00:00",
                "vpnPresent": true,
                "vpnLocalAddress": "192.168.0.1",
                "proxyAddress": "localhost",
                "proxyPort": 8888,
                "proxyProtocol": "https"
            },
            "target": {
                "type": "DEVICE",
                "id": "aadc0d1d-30ab-4de7-9efa-3c145f0ba908",
                "externalId": "ecf4c5ea-1b78-4c62-a3e1-13d854f9a2ff",
                "emailAddress": "test@example.com",
                "platform": "IOS"
                "mdmConnectorId" : "123456"
                "customerDeviceId" : "arbitrary_customer_id_value",
                "parentDeviceId" : "abcb3611-ffda-ab21-1234-8593be740dd3",
            }
        },
        {
            "type": "THREAT",
            "id": "20842",
            "eventTime": "2017-02-08T14:51:04.000Z",
            "details": {
                "type": "OS",
                "id": "fee0110b-cb5b-41d6-b6f8-1adb66a24ca7",
                "action": "IGNORED",
                "severity": "HIGH",
                "classifications": [
                    "ACCESS_CONTROL_VIOLATION"
                ],
                "description": "!description!",
                "assessments": [
                  classification: "ACCESS_CONTROL_VIOLATION",
                  id: "fee0110b-cb5b-41d6-b6f8-1adb66a24ca7",
                  severity: "HIGH",
                ],
                "osVersion": "9.0.1"
            },
            "target": {
                "type": "DEVICE",
                "id": "5ac7ba12-e5e9-443e-ac14-361365529f7d",
                "externalId": "ecf4c5ea-1b78-4c62-a3e1-13d854f9a2ff",
                "emailAddress": "test@example.com",
                "platform": "IOS"
            }
        },
        {
            "type": "THREAT",
            "id": "20843",
            "action":"",
            "description":"",
  
            "eventTime": "2017-02-08T14:51:04.000Z",
            "details": {
                "type": "WEB_CONTENT",
                (WIP)
            },

type    string
WEB_CONTENT

Enum:
Array [ 6 ]
id    string($uuid)
action    string
Enum:
Array [ 3 ]
description    string
severity    string
Enum:
Array [ 4 ]
classifications    [string
Enum:
Array [ 43 ]
]
assessments    [Assessment{
description:    
Threat attributes

classification    string
Enum:
Array [ 43 ]
id    integer($int64)
AppIntel threat id

severity    string
Enum:
Array [ 4 ]
}]
pcpReportingReason    string
Enum:
Array [ 5 ]
pcpDeviceResponse    string
Enum:
Array [ 3 ]
pcpUserAction    string
Enum:
Array [ 3 ]
pcpCategories    string
Enum:
Array [ 31 ]
url    string
}

            "target": {
                "type": "DEVICE",
                "id": "cc153420-0c9b-4787-a64c-d6833a609999",
                "externalId": "ecf4c5ea-1b78-4c62-a3e1-13d854f9a2ff",
                "emailAddress": "test@example.com",
                "platform": "IOS"
                "mdmConnectorId" : "123456"
                "customerDeviceId" : "arbitrary_customer_id_value",
                "parentDeviceId" : "abcb3611-ffda-ab21-1234-8593be740dd3",
            }
        }
    ]
}

Last updated: November 20, 2024

lookout-footer

Legal Privacy Policy Cookie Policy Transparency Report Compliance Info Compliance Info (Gov)

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.