quaxar-exposed-services
Get exposed services from S2W Quaxar service.
quaxar-exposed-services [duration=NUM{mon|w|d|h|m|s}] [from=yyyyMMddHHmmss] [to=yyyyMMddHHmmss]
- duration=NUM{mon|w|d|h|m|s}
- Scan only recent data. You should use s(second), m(minute), h(hour), d(day), mon(month) time unit. For example,
10smeans data from 10 seconds earlier. - from=yyyyMMddHHmmss
- Start time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
- to=yyyyMMddHHmmss
- End time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| asm_id | String | ASM ID | e.g. ORG_ID-1234 |
| title | String | Title | e.g. Private services at [IP] have been exposed in a public |
| published | Date | Published | |
| ip | IP address | IP address | |
| num_services | Integer | Number of services | |
| port | Integer | Port | e.g. 443 |
| service | String | Service | e.g. http, dns, ssh, mysql, tftp |
| asset | Bool | Asset | true or false |
| organization | String | Organization | |
| doc_link | String | Doc Link | e.g. /intvault/asm/[ID] |