SaaS Data Payloads for Discovered Application usage
Utilize the following SaaS Data payload in order to load discovered application usage data into a managed application.
- Discovered Application Usage - Use this task to load an discovered application usage data into a managed application.
Supported Task - Discovered Application usage
The discovered application usage lists the applications usage data for an instance of an application.
Task Name
| Task Name | Version |
|---|---|
| DiscoveredAppUsage | 1 |
Load Types Supported
full - only full load is supported.
JSON Description
| JSON Field Name | Display Name | Required | Description | Type | Example |
|---|---|---|---|---|---|
| name | Name | Y | Name of the discovered application. | String | "Microsoft Teams" |
| category | Category | N | The vendor specified category of the application. | String | "onlineMeetings" |
| uploadBytes | Upload Bytes | N | Number of bytes uploaded within the usage period. | Integer | 2095692 |
| downloadBytes | Download Bytes | N | Number of bytes downloaded within the usage period. | Integer | 189334044 |
| transactionCount | Transaction Count | N | Total transactional count within the usage period. | Integer | 1020 |
| appId | AppId | N | The vendor app id. | String | "28375" |
| firstUsed | First Used | N | The first time the application was used. | ISO-8601 / UTC | 2020-01-20T18:25:43.511Z |
| lastUsed | Last Used | N | The last time the application was used. | ISO-8601 / UTC | 2024-02-20T18:25:43.511Z |
| userCount | User Count | N | Total user count within the usage period. | Integer | 1500 |
| ipAddressCount | IPAddress Count | N | Total ipaddress count within the usage period. | Integer | 1000 |
| deviceCount | Device Count | N | Total device count within the usage period. | Integer | 1000 |
| applicationStatus | Application Status | N | The status of the application. | String | "Sanctioned" |
| applicationRiskIndex | Application Risk Index | N | The risk index of the application. | Float | 7.00 |
| supportedCertifications | Supported Certifications | N | List of security certifications associated with the application. | Array of String | ["ENT-456", "ISO_27018"] |
| vulnerability | Vulnerability | N | Determines whether the application has published Common Vulnerabilities and Exposures (CVE). | String | Allowed Values are "Yes" or "No" or "Unknown" |
| integrationRisks | Integration Risks | N | The total number of risky attributes associated with the application and its third-party integrations specified by the integration provider. | Float | 25.00 |
| sessions | Sessions | N | This field represents the total number of sessions or interactions established with the discovered application. | Integer | 335876 |
| averageDuration | Average Duration | N | This field represents the average session duration of the discovered application. The value will be converted to seconds. | String | "1h 2m 5s" or "2m 5s" or "2s" or "5" |
| platforms | Platforms | N | This field represents the total number of platforms or devices accessed by the discovered application. | Integer | 8 |
| destinations | Destinations | N | This field represents the total number of destinations or endpoints accessed by the discovered application. | Integer | 48 |
| allowedUrls | Allowed URLs | N | This list of URLs or IP addresses that is permitted or authorized for accessing the discovered application. | Array of String | ["activecampaign.sleeknote.com", "analytics.sleeknote.com"] |
| embeddedUrls | Embedded URLs | N | This list of embedded URLs associated with the discovered application. | Array of String | ["analytics.sleeknote.com", "mailchimp.sleeknote.com"] |
| domains | Domains | N | This list of domains associated with the discovered application. | Array of String | ["analytics.google.com", "region1.analytics.google.com"] |
| defaultTags | Default Tags | N | The list of default tags associated with the discovered application. | Array of String | ["Production", "Development"] |
| ignoreTags | Ignore Tags | N | The list of ignore tags associated with the discovered application. | Array of String | ["Template", "Sandbox"] |
| customTags | Custom Tags | N | The list of custom tags associated with the discovered application. | Array of String | ["Business Unit", "Cost Center"] |
Task Example
Note: Newlines were added for readability. Each entry should reside on its own line and below example does not use all of the fields available. See above.
{
"data": [
{
"name" : "Microsoft Teams",
"category": "onlineMeetings",
"uploadBytes": 2095692,
"downloadBytes": 189334044,
"transactionCount": 1020,
"appId": "28375",
"firstUsed" : "2020-01-20T18:25:43.511Z",
"lastUsed": "2024-02-20T18:25:43.511Z",
"userCount" : 1500,
"ipAddressCount" : 1000,
"deviceCount" : 1000,
"applicationStatus" : "Sanctioned",
"applicationRiskIndex" : 7.00,
"supportedCertifications" : ["ENT-456", "ISO_27018"],
"vulnerability" : "No",
"integrationRisks" : 25.00,
"sessions" : 335876,
"averageDuration" : "1h 2m 5s",
"platforms" : 8,
"destinations" : 48,
"allowedUrls" : ["activecampaign.sleeknote.com", "analytics.sleeknote.com"],
"embeddedUrls" : ["analytics.sleeknote.com", "mailchimp.sleeknote.com"],
"domains" : ["analytics.google.com", "region1.analytics.google.com"],
"defaultTags" : ["Production", "Development"],
"ignoreTags" : ["Template", "Sandbox"],
"customTags" : ["Business Unit", "Cost Center"]
}
]
}