sentinelone-app-endpoints
Enumerate endpoints affected by a vulnerable application in the SentinelOne service.
sentinelone-app-endpoints [profile=PROFILE] id=ID
- profile=PROFILE
- Connect profile code of SentinelOne
- id=ID
- Required. Target application ID
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| _time | Date | Detection time | e.g. 2025-12-12 21:24:22+0900 |
| profile | String | Connect profile | e.g. sentinelone |
| endpoint_id | String | Endpoint ID | e.g. 1234567890123456789 |
| endpoint_name | String | Endpoint name | e.g. DESKTOP-EXAMPLE |
| endpoint_type | String | Endpoint type | e.g. laptop |
| endpoint_uuid | String | Endpoint UUID | e.g. 0123456789abcdef0123456789abcdef |
| os_type | String | OS type | e.g. windows |
| os_version | String | OS version | e.g. Windows 10 Pro 19044 |
| account_name | String | Account name | e.g. ACME Corp |
| site_name | String | Site name | e.g. ACME-Site |
| group_name | String | Group name | e.g. Protect Group |
| domain | String | Domain | e.g. WORKGROUP |
| app_version | String | Application version | e.g. 22.001.20085 |
| app_detect_time | Date | Application detection date | e.g. 2025-12-12 21:24:22+0900 |
| app_days_detected | Integer | Days from detection | e.g. 144 |
| last_scan_date | Date | Last scan date | e.g. 2026-04-26 21:23:18+0900 |
| last_scan_result | String | Last scan result | e.g. Succeeded |