Endpoint Details

The Endpoint Details page is where you will find all of the information on a specific node in your organization. It is used display the endpoint's specific parameters as well as the actions that have been performed on it.

To access this page, click the name of the desired endpoint on the Orbital Endpoints page. This will display the Endpoint Details page for that specific endpoint.

The Endpoint Details page is composed of an endpoint specifications area and an area that lists all of the queries and scripts that have been run against the endpoint. These two areas are composed of:

Endpoint Description	This component displays the specified endpoint's basic information, using the eight fields discussed below. The title of the page contains a link to the Endpoints page. Clicking Endpoints will return you to the Orbital Endpoints page. Beside the Endpoints link is the name of the endpoint.
	Endpoint Overview	The Endpoint Overview box displays the endpoint's general information, such as the name of the endpoint. This pane lists these fields:
		Endpoint Name	This field lists the name of the endpoint. This field also contains three commands in the access arrow (). These commands are the ability to investigate the endpoint through XDR (), to be able to copy the endpoint's name to the computer clipboard (), and the XDR action menu ().
		Active IP	This field displays the IP address and the port of the endpoint that the Orbital node is accessed through. Clicking on the Copy icon () will copy the IP/Port value to the computer's clipboard.
		Node ID	This field displays the node ID of the Orbital node running on the endpoint. This value can be copied to the computer's clipboard by clicking the Copy icon ().
		Last Seen	This field displays the last time that Orbital has accessed, or seen, the endpoint with a query or script. Clicking the value of this field will display the Date /Time Link, as discussed in the Users Page topic.
	OS	This field displays which operating system is running on the endpoint. This value can be copied to the computer's clipboard by clicking the Copy icon ().
	Last Updated	This field displays the last time that Orbital has accessed the endpoint with a query or script. Click the value of this field to display the Date /Time Link, as discussed in the Users Page topic.
	Errors	This field displays the number of errors that the Orbital node reports back to Orbital.
	Connector GUID	This field displays the ID number of the globally unique identifier for the Secure Endpoint Connector assigned to the endpoint. Clicking the GUID number will open the ID number in Secure Endpoint. This field also contains three commands in the access arrow (). These commands are the ability to investigate the endpoint through XDR (), to be able to copy the endpoint's name to the computer clipboard (), and the XDR action menu ().
	AnyConnect UDID	This field displays the ID number of the unique device identifier for the AnyConnect connection to the endpoint. This value can be copied to the computer's clipboard by clicking the Copy icon (). This value will only be displayed if the endpoint is running AnyConnect.
	Machine ID	This field displays the ID number of the physical hardware that constitutes the endpoint. This value can be copied to the computer's clipboard by clicking the Copy icon ().
	Domains	This field displays the domain or domains that the endpoint is assigned to. This value will only be displayed if the endpoint has been assigned to one or more domains.
Host Interface	This table displays the network interface information for the endpoint:
	Name	This column displays the operating system name for the ethernet interface on the endpoint.
	MAC	This column displays the MAC address for the endpoint's hardware. This column also contains three commands in the access arrow (). These commands are the ability to investigate the endpoint through XDR (), to be able to copy the endpoint's name to the computer clipboard (), and the XDR action menu ().
	IPV4	This column displays the IPv4 address assigned to the network interface. This column also contains three commands in the access arrow (). These commands are the ability to investigate the endpoint through XDR (), to be able to copy the endpoint's name to the computer clipboard (), and the XDR action menu ().
	IPV6	This column displays the IPv6 address assigned to the network interface. This column also contains three commands in the access arrow (). These commands are the ability to investigate the endpoint through XDR (), to be able to copy the endpoint's name to the computer clipboard (), and the XDR action menu ().
Node Information	This table displays information regarding the Orbital node that is installed on the endpoint:
	Node ID	This field displays the node ID of the Orbital node running on the endpoint. The values listed here is the same as the Node ID value listed in the Endpoint Overview box, discussed above. This value can be copied to the computer's clipboard by clicking the Copy icon ().
	Node Enabled	This column lists whether or not the Orbital node is enabled and running on the endpoint. The values of this column are yes or no.
	Node Version	This column lists the version of the node installed on the endpoint. It also lists whether the node version is supported or not, using the icons discussed in the Orbital Node Version Releases section of the What Are Orbital Nodes? topic.
	Node OS	This column lists the name of the operating system that is running on the endpoint. The valid values are Windows, Mac, or Linux.
	Node Architecture	This column lists the endpoint's hardware architecture that the node is running on.
Results	This component displays and behaves the same as the Orbital Results page. For more information on the Results page, refer to the Orbital Results topic.

Endpoint Details

More Info