Cisco pxGrid API
- Cisco Platform Exchange Grid (pxGrid) Overview
- Cisco Platform Exchange Grid (pxGrid) 2.0
- Introduction to pxGrid 2.0
- Technical Overview
- Using Pre-Shared Keys
- Parity Chart between pGrid 1.0 and pxGrid 2.0
- Download Sample Java Code
- Download Java Code Examples
- Subscribe to Session Directory Topic
- Query for all Sessions
- Query for Session based on IP Address
- Retreiving All ANC Polices
- Retreiving an ANC Policy By Name
- Creating an ANC Policy
- Deleting an ANC Policy
- Retreiving All Endpoints from ANC Policies By Mac
- Retreiving All Endpoints from ANC Policies
- Assigning an IP Address to an ANC Policy
- Subscribing to an ANC Topic
- Obtaining the ANC GetOperationID
- Creating an ANC Policy
- Endpoint
- Subscribing to Posture Topic
- Query Posture Data by Mac List
- Querying Postured Macs
- Retrieving RADIUS Failure Messages
- Subscribing to RADIUS Failure Topic
- Identification of Endpoints by NAS IP Address and MAC Address
- Loss Detection
- pxGrid Context-In
- pxGrid Context-In Threat Example
- pxGrid Context-In Code
- Dynamic Topics
- Cisco Platform Exchange Grid (pxGrid) 1.0
- Learning pxGrid 1.0
- SDK Reference Guide
- Videos
- Pre-Shared Keys
- SDK Tutorial
- Configuration and Testing Guide
- About this Document
- pxGrid Operation
- Testing Environment
- Initial ISE Setup
- Configuring ISE for pxGrid
- Installing the pxGrid SDK
- Using Sample Certificates from SDK for pxGrid Testing
- RADIUS Simulator
- Creating ISE Internal Users
- Authentication
- pxGrid 2.0 Sample Scripts
- Testing Scripts Using RADIUS Simulator
- Session Subscribe
- Session Download
- Session Query by IP
- EndpointProfile Subscribe
- Identity Group Download
- Security Group Query
- Security Group Subscribe
- Endpoint Profile Query
- Capability
- Identity Group Query
- Identity Group Subscribe
- EPS Quarantine and EPS UnQuarantine
- Testing Sample Scripts Using 802.1X
- Session Subscribe
- Session Download
- Session Query by IP
- Endpoint Profile Subscribe
- Identity Group Download
- Security Group Query
- Security Group Subscribe
- Endpoint Profile Query
- Capability
- Identity Group Query
- Identity Group Subscribe
- Adaptive Network Control (ANC) Policies
- ANC Authorization Policy
- ANC_Policy: Quarantine
- ANC_Quarantine_Script
- List of Endpoints According to ANC Policy
- Dynamic Topics
- Core Subscribe
- Propose New Capability
- Summary
- SXP Publishing
- TrustSec AAA Devices
- Configure Network Devices for TrustSec
- ASA 5505
- Configure TrustSec Settings
- Configure Security Groups
- Configure Network Device Authorization Policy
- Define SGACLs
- Assign SAGLs the Matrix
- Configure SXP to Allow Distribution of IP to SGT Mappings to Non-TrustSec Devices
- Assign Static Mappings
- Publish SXP Bindings on pxGrid
- TrustSec Dashboard
- SXP Binding Reports
- sxp_download and sxp_subscribe Scripts
- Troubleshooting
- References
- Device Configuration for 3750x
- Dynamic Topics Lab Exercise
- Common Resources
Query Posture Data by Mac List
The pxGrid client queries the posture topic for application and hardware visibility information about the given list of endpoints. To view the available posture attributes, please visit: Session Directory Topic
Code Step-Through
The references that are applicable to pxGrid 2.0 are highlighted
The public class PostureQueryAll calls timestamp
The private static void downloadUsingAccessSecret calls the SampleConfigurationObject. Ths SampleConfig object is parsed for pxGrid hostnames, pxGrid client certificates, identity keystore filename and password, truststore filename and password, and password if pre-shared keys are used for the initial connection.
We get the pxGrid client configuration account which contains the approved pxGrid client account and registered and connected to the ISE pxGrid node via access secret.
For // pxGrid ServiceLookup for posture service, we lookup the posture service, com.cisco.ise.posture, since we are interested in obtaining the posture information. The posture service can be found:Github. This returns a list of the ISE nodes that are publishing the restBaseURL that will be used for WebSockets REST API calls.
For // Use first service. Note that ServiceLookup randomize ordering of services. The pubsub service provides a list of ISE pxGrid nodes, if you have Active/Active.
For example if you have (3) ISE pxGrid nodes, the value is randomized so you will only connect to one pxGrid node. However the service will be shared across all three ISE pxGrid nodes, this distributes the load.
For //Account Activate, we wait 60 seconds for the account to be enabled. The ISE admin need to approve the pxGrid client account. We retrieve the pxGrid controller version.
For //pxGrid AccessSecret for the node we retrieve the accesssecret from the ISE pxGrid node and make a PostureQueryRequest and include the startTimestamp
Main parses the SampleConfiguration config file. The sample config object contains the pxGrid client connection parameters such as the pxGrid hostname, identity filename (.jks file) and trusted keystore filesname (.jks file) or pre-share keys if implemented.
For //Account Activate, we wait 60 seconds for the account to be enabled. The ISE admin need to approve the pxGrid client account. We retrieve the pxGrid controller version.
For //pxGrid get AccessSecret, we receive all authenticated sessions
Complete Java SampleCode
Code Snippet
Copy package com.cisco.pxgrid.samples.ise;
import com.cisco.pxgrid.samples.ise.model.AccountState;
import com.cisco.pxgrid.samples.ise.model.Service;
import com.google.gson.Gson;
import org.apache.commons.cli.ParseException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.util.ArrayList;
import java.util.List;
/**
* Demonstrates how to retrieve all Postured endpoint macAddresses
*/
public class GetPostureDataByMacList {
public static final String SERVICE_NAME = "com.cisco.ise.posture";
private static Logger logger = LoggerFactory.getLogger(GetPostureDataByMacList.class);
private static class QueryRequest {
List<String> macAddresses;
String category;
public QueryRequest(List<String> macAddresses, String category) {
this.macAddresses = macAddresses;
this.category = category;
}
public List<String> getMacAddresses() {
return macAddresses;
}
public void setMacAddresses(List<String> macAddresses) {
this.macAddresses = macAddresses;
}
public String getCategory() {
return category;
}
public void setCategory(String category) {
this.category = category;
}
}
private static void downloadUsingAccessSecret(SampleConfiguration config) throws Exception {
PxgridControl https = new PxgridControl(config);
// pxGrid ServiceLookup for posture service
Service[] services = https.serviceLookup(SERVICE_NAME);
if (services == null || services.length == 0) {
logger.warn("Service unavailable");
return;
}
// Use first service
Service service = services[0];
String url = service.getProperties().get("restBaseUrl") + "/getPostureDataByMacList";
logger.info("url={}", url);
// pxGrid AccesssSecret for the node
String secret = https.getAccessSecret(service.getNodeName());
List<String> macList = new ArrayList<>();
macList.add("00:11:22:33:44:55");
QueryRequest request = new QueryRequest(macList, "");
String payload = (new Gson()).toJson(request);
SampleHelper.postPayloadAndPrint(url, config.getNodeName(), secret, config.getSSLContext().getSocketFactory(), payload);
}
public static void main(String [] args) throws Exception {
// Parse arguments
SampleConfiguration config = new SampleConfiguration();
try {
config.parse(args);
} catch (ParseException e) {
config.printHelp("GetPostureDataByMacList");
System.exit(1);
}
// AccountActivate
PxgridControl control = new PxgridControl(config);
while (control.accountActivate() != AccountState.ENABLED)
Thread.sleep(60000);
logger.info("pxGrid controller version={}", control.getControllerVersion());
downloadUsingAccessSecret(config);
}
}
Sample Output
Code Snippet
Copy/Library/Java/JavaVirtualMachines/jdk-11.0.14.jdk/Contents/Home/bin/java -javaagent:/Applications/IntelliJ IDEA CE.app/Contents/lib/idea_rt.jar=51384:/Applications/IntelliJ IDEA CE.app/Contents/bin -Dfile.encoding=UTF-8 -classpath /Users/userhome/IdeaProjects/Sep2022/pxgrid-rest-ws/java/target/classes:/Users/userhome/.m2/repository/javax/xml/bind/jaxb-api/2.2.11/jaxb-api-2.2.11.jar:/Users/userhome/.m2/repository/javax/websocket/javax.websocket-api/1.1/javax.websocket-api-1.1.jar:/Users/userhome/.m2/repository/org/glassfish/tyrus/tyrus-client/1.17/tyrus-client-1.17.jar:/Users/userhome/.m2/repository/org/glassfish/tyrus/tyrus-core/1.17/tyrus-core-1.17.jar:/Users/userhome/.m2/repository/org/glassfish/tyrus/tyrus-spi/1.17/tyrus-spi-1.17.jar:/Users/userhome/.m2/repository/jakarta/xml/bind/jakarta.xml.bind-api/2.3.2/jakarta.xml.bind-api-2.3.2.jar:/Users/userhome/.m2/repository/jakarta/activation/jakarta.activation-api/1.2.1/jakarta.activation-api-1.2.1.jar:/Users/userhome/.m2/repository/org/glassfish/tyrus/tyrus-container-grizzly-client/1.17/tyrus-container-grizzly-client-1.17.jar:/Users/userhome/.m2/repository/org/glassfish/grizzly/grizzly-framework/2.3.22/grizzly-framework-2.3.22.jar:/Users/userhome/.m2/repository/org/glassfish/grizzly/grizzly-http-server/2.3.22/grizzly-http-server-2.3.22.jar:/Users/userhome/.m2/repository/org/glassfish/grizzly/grizzly-http/2.3.22/grizzly-http-2.3.22.jar:/Users/userhome/.m2/repository/com/google/code/gson/gson/2.1/gson-2.1.jar:/Users/userhome/.m2/repository/commons-io/commons-io/2.7/commons-io-2.7.jar:/Users/userhome/.m2/repository/commons-cli/commons-cli/1.4/commons-cli-1.4.jar:/Users/userhome/.m2/repository/org/slf4j/slf4j-api/1.7.25/slf4j-api-1.7.25.jar:/Users/userhome/.m2/repository/ch/qos/logback/logback-core/1.2.0/logback-core-1.2.0.jar:/Users/userhome/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar:/Users/userhome/.m2/repository/org/apache/commons/commons-lang3/3.8.1/commons-lang3-3.8.1.jar com.cisco.pxgrid.samples.ise.GetPostureDataByMacList -a 10.76.231.99 -u pxtest002 -k /Users/userhome/ise99/self1.jks -p cisco123 -t /Users/userhome/ise99/root1.jks -q cisco123
------ config ------
hostname = 10.76.231.99
nodename = pxtest002
password = (not specified)
description = (not specified)
keystorefilename = /Users/userhome/ise99/self1.jks
keystorepassword = cisco123
truststorefilename = /Users/userhome/ise99/root1.jks
truststorepassword = cisco123
--------------------
11:36:06.721 [main] INFO com.cisco.pxgrid.samples.ise.PxgridControl - AccountActivate request={}
11:36:07.286 [main] INFO com.cisco.pxgrid.samples.ise.PxgridControl - AccountActivate response={"accountState":"ENABLED","version":"2.0"}
11:36:07.286 [main] INFO com.cisco.pxgrid.samples.ise.GetPostureDataByMacList - pxGrid controller version=2.0
11:36:07.292 [main] INFO com.cisco.pxgrid.samples.ise.PxgridControl - ServiceLookup request={"name":"com.cisco.ise.posture"}
11:36:07.351 [main] INFO com.cisco.pxgrid.samples.ise.PxgridControl - ServiceLookup response={"services":[{"name":"com.cisco.ise.posture","nodeName":"~ise-admin-iselab99","properties":{"postureVisibilityTopic":"/topic/com.cisco.ise.posture.visibility","wsPubsubService":"com.cisco.ise.pubsub","restBaseUrl":"https://iselab99.cisco.com:8910/pxgrid/ise/posture"}}]}
11:36:07.351 [main] INFO com.cisco.pxgrid.samples.ise.GetPostureDataByMacList - url=https://iselab99.cisco.com:8910/pxgrid/ise/posture/getPostureDataByMacList
11:36:07.353 [main] INFO com.cisco.pxgrid.samples.ise.PxgridControl - AccessSecret request={"peerNodeName":"~ise-admin-iselab99"}
11:36:07.389 [main] INFO com.cisco.pxgrid.samples.ise.PxgridControl - AccessSecret response={"secret":"Rz7zhMNvC1zJYNnC"}
11:36:07.408 [main] INFO com.cisco.pxgrid.samples.ise.SampleHelper - postData= "{\"macAddresses\" : [\"00:50:56:83:2B:D3\",\"84:EB:EF:BC:7D:DE\",\"D4:EB:68:5B:FD:89\",\"D4:EB:68:5B:FD:88\"],\n\"category\": \"\"}"
11:36:07.608 [main] INFO com.cisco.pxgrid.samples.ise.SampleHelper - Response status=200
Content: [{"appInfo":[{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-0","productName":"Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040.0","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-1","productName":"DirectX","vendorName":"Microsoft Corporation","version":"12","category":"Unclassified","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-2","productName":"Paint","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"Unclassified","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-3","productName":"Update for Windows 10 for x64-based Systems (KB4023057)","vendorName":"Microsoft Corporation","version":"2.67.0.0","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-4","productName":"Windows Update Agent","vendorName":"Microsoft Corporation","version":"10.0.19041.1288","category":"PatchManagement","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-5","productName":"Wireshark 3.4.8 64-bit","vendorName":"The Wireshark developer community, https://www.wireshark.org","version":"3.4.8","category":"Unclassified","installDirectory":"C:\\Program Files\\Wireshark\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-6","productName":"BitLocker Drive Encryption","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"DiskEncryption","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[{"processID":"1468","filePath":"C:\\Program Files\\Mozilla Firefox\\firefox.exe","processHash":"737EAC974D2FEACBF138F9F4F832A9C061489427803583BAE09BE1899D738D18"},{"processID":"3008","filePath":"C:\\Program Files\\Mozilla Firefox\\firefox.exe","processHash":"737EAC974D2FEACBF138F9F4F832A9C061489427803583BAE09BE1899D738D18"},{"processID":"4472","filePath":"C:\\Program Files\\Mozilla Firefox\\firefox.exe","processHash":"737EAC974D2FEACBF138F9F4F832A9C061489427803583BAE09BE1899D738D18"},{"processID":"4504","filePath":"C:\\Program Files\\Mozilla Firefox\\firefox.exe","processHash":"737EAC974D2FEACBF138F9F4F832A9C061489427803583BAE09BE1899D738D18"},{"processID":"5004","filePath":"C:\\Program Files\\Mozilla Firefox\\firefox.exe","processHash":"737EAC974D2FEACBF138F9F4F832A9C061489427803583BAE09BE1899D738D18"},{"processID":"7196","filePath":"C:\\Program Files\\Mozilla Firefox\\firefox.exe","processHash":"737EAC974D2FEACBF138F9F4F832A9C061489427803583BAE09BE1899D738D18"},{"processID":"7660","filePath":"C:\\Program Files\\Mozilla Firefox\\firefox.exe","processHash":"737EAC974D2FEACBF138F9F4F832A9C061489427803583BAE09BE1899D738D18"},{"processID":"7980","filePath":"C:\\Program Files\\Mozilla Firefox\\firefox.exe","processHash":"737EAC974D2FEACBF138F9F4F832A9C061489427803583BAE09BE1899D738D18"}],"id":"00:50:56:83:2B:D3-app-7","productName":"Mozilla Firefox (x64 en-US)","vendorName":"Mozilla","version":"96.0.1","category":"Unclassified","installDirectory":"C:\\Program Files\\Mozilla Firefox\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-8","productName":"WordPad","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"Unclassified","installDirectory":"C:\\WINDOWS\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-9","productName":"Nmap 7.92","vendorName":"Nmap Project","version":"7.92","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-10","productName":"Remote Desktop Connection","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"Unclassified","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-11","productName":"Notepad","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"Unclassified","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-12","productName":"Update for Windows 10 for x64-based Systems (KB4480730)","vendorName":"Microsoft Corporation","version":"2.55.0.0","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-13","productName":"Internet Explorer","vendorName":"Microsoft Corporation","version":"11.789.19041.0","category":"AntiPhishing,Browser","installDirectory":"C:\\Program Files\\Internet Explorer\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-14","productName":"Microsoft XML Parser","vendorName":"Microsoft Corporation","version":"8.110.19041.844","category":"Unclassified","installDirectory":"C:\\WINDOWS\\SysWOW64\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-15","productName":"Wireshark","vendorName":"The Wireshark developer community","version":"3.4.8","category":"Unclassified","installDirectory":"C:\\Program Files\\Wireshark\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-16","productName":"Microsoft Edge Update","vendorName":"","version":"1.3.155.77","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-17","productName":"Windows Backup and Restore","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"BackupClient","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-18","productName":"Microsoft Visual C++ Redistributable","vendorName":"Microsoft Corporation","version":"14.29.30040.0","category":"Unclassified","installDirectory":"C:\\ProgramData\\Package Cache\\{a8968509-65be-4c09-a460-fd1584b1cdbf}\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-19","productName":"WinSCP","vendorName":"Martin Prikryl","version":"5.19.5.0","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\WinSCP\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-20","productName":"Windows Media Player","vendorName":"Microsoft Corporation","version":"12.0.19041.1","category":"Unclassified","installDirectory":"C:\\Program Files\\Windows Media Player\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-21","productName":"Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040.0","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-22","productName":"PuTTY release 0.76 (64-bit)","vendorName":"Simon Tatham","version":"0.76.0.0","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-23","productName":"Npcap","vendorName":"Nmap Project","version":"1.50","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-24","productName":"PuTTY","vendorName":"PuTTY","version":"0.76","category":"Unclassified","installDirectory":"C:\\Program Files\\PuTTY\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-25","productName":"Windows File History","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"BackupClient","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-26","productName":"Zenmap","vendorName":"Insecure.Com LLC","version":"7.92","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\Nmap\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-27","productName":"Microsoft .NET Framework 4","vendorName":"Microsoft Corporation","version":"4.8.4084.0","category":"Unclassified","installDirectory":"C:\\WINDOWS\\Microsoft.NET\\Framework64\\v4.0.30319\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-28","productName":"Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-29","productName":"Mozilla Maintenance Service","vendorName":"Mozilla","version":"91.0","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-30","productName":"Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-31","productName":"Microsoft Edge","vendorName":"Microsoft Corporation","version":"97.0.1072.76","category":"AntiPhishing,Browser","installDirectory":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-32","productName":"Windows Security Health Agent","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"HealthAgent"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-33","productName":"Microsoft Update Health Tools","vendorName":"Microsoft Corporation","version":"2.84.0.0","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-34","productName":"Windows Defender","vendorName":"Microsoft Corporation","version":"4.18.2111.5","category":"AntiMalware","installDirectory":"C:\\Program Files\\Windows Defender\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-35","productName":"Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-36","productName":"WinSCP 5.19.5","vendorName":"Martin Prikryl","version":"5.19.5","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\WinSCP\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-37","productName":"Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040","category":"Unclassified"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-38","productName":"Windows VPN Client","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"VPNClient","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[{"processID":"2920","filePath":"C:\\Program Files\\MG-SOFT\\MIB Browser\\Bin\\MgWTrap3.exe","processHash":"A058AB1E59B3228AB42A9B0CDA3AE734A9F9D16019C968742C01FACC9825B11C"}],"id":"00:50:56:83:2B:D3-app-39","productName":"MG-SOFT MIB Browser 2021b (x64)","vendorName":"MG-SOFT d.o.o.","version":"19.01.9009","category":"Unclassified","installDirectory":"C:\\Program Files\\MG-SOFT\\MIB Browser\\"},{"runningProcesses":[],"id":"00:50:56:83:2B:D3-app-40","productName":"Windows Firewall","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"FireWall","installDirectory":"C:\\WINDOWS\\System32\\"}],"hwInfo":[{"id":"00:50:56:83:2B:D3-hw-0","category":"Memory","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"Memory_Type":"DRAM","Memory_SizeInGB":"4.000000","Memory_PercentageOfUsage":"69.750615"}},{"id":"00:50:56:83:2B:D3-hw-1","category":"Disk","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"Disk_Type":"Compact Disc"}},{"id":"00:50:56:83:2B:D3-hw-2","category":"BIOS","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"BIOS_Model":"VMware Virtual Platform","BIOS_SerialNumer":"VMware-42 03 07 ab 57 b4 0d e1-7d 4e 20 15 9c 6f 60 0b","BIOS_Manufacturer":"Phoenix Technologies LTD"}},{"id":"00:50:56:83:2B:D3-hw-3","category":"USB","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"USB_Manufacturer":"Microsoft","USB_VendorID":"0x0E0F","USB_ProductID":"0x0003","USB_Type":"Mouse"}},{"id":"00:50:56:83:2B:D3-hw-4","category":"CPU","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"CPU_NumOfCores":"1","CPU_NumOfProcessors":"1","CPU_SpeedInGHZ":"2.400000","CPU_PercentageOfUsage":"74.771528"}},{"id":"00:50:56:83:2B:D3-hw-5","category":"USB","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"USB_Manufacturer":"Microsoft","USB_VendorID":"0x0E0F","USB_ProductID":"0x0003","USB_Type":"Mouse"}},{"id":"00:50:56:83:2B:D3-hw-6","category":"USB","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"USB_Manufacturer":"(Standard system devices)","USB_VendorID":"0x0E0F","USB_ProductID":"0x0003","USB_Type":"Human Interface Device"}},{"id":"00:50:56:83:2B:D3-hw-7","category":"Disk","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"Disk_InternalDiskNum":"1","Disk_Type":"Internal","Disk_FreeSizeinGB":"25.257027","Disk_InternalTotalSizeInGB":"49.011272","Disk_TotalSizeInGB":"49.011272","Disk_InternalTotalUsage":"48.466904","Disk_InternalTotalFreeSizeInGB":"25.257027"}},{"id":"00:50:56:83:2B:D3-hw-8","category":"USB","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"USB_Manufacturer":"(Standard system devices)","USB_VendorID":"0x0E0F","USB_ProductID":"0x0003","USB_Type":"Human Interface Device"}}],"dataType":"complete","macAddress":"00:50:56:83:2B:D3"},{"appInfo":[{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-0","productName":"Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040.0","category":"Unclassified"},{"runningProcesses":[{"processID":"9060","filePath":"c:\\program files\\7-zip\\7zfm.exe","processHash":"F0A19F71BA6FD30E45EBE90129DE57D45AA4E0B6CFC985B6E9F52E9DDED07B28"}],"id":"D4:EB:68:5B:FD:89-app-1","productName":"7-Zip","vendorName":"Igor Pavlov","version":"21.07","category":"Unclassified","installDirectory":"C:\\Program Files\\7-Zip\\"},{"runningProcesses":[{"processID":"4260","filePath":"c:\\users\\praveen\\appdata\\local\\microsoft\\onedrive\\onedrive.exe","processHash":"1322CB5392490CA7067F470DDF2874A8001BB5F33E7B7BBC3129B7A4ED15143F"}],"id":"D4:EB:68:5B:FD:89-app-2","productName":"Microsoft OneDrive","vendorName":"Microsoft Corporation","version":"22.002.0103.0004","category":"BackupClient,CloudStorage","installDirectory":"C:\\Users\\praveen\\AppData\\Local\\Microsoft\\OneDrive\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-3","productName":"Paint","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"Unclassified","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-4","productName":"Update for Windows 10 for x64-based Systems (KB4023057)","vendorName":"Microsoft Corporation","version":"2.67.0.0","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-5","productName":"Windows Update Agent","vendorName":"Microsoft Corporation","version":"10.0.19041.1288","category":"PatchManagement","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-6","productName":"Cisco AnyConnect ISE Compliance Module","vendorName":"Cisco Systems, Inc","version":"4.3.1340.6145","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\opswat\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-7","productName":"Wireshark 3.4.8 64-bit","vendorName":"The Wireshark developer community, https://www.wireshark.org","version":"3.4.8","category":"Unclassified","installDirectory":"C:\\Program Files\\Wireshark\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-8","productName":"BitLocker Drive Encryption","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"DiskEncryption","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[{"processID":"6324","filePath":"c:\\program files (x86)\\cisco\\cisco anyconnect secure mobility client\\aciseposture.exe","processHash":"70158E2A95CB55BAEDD884953C92EDDF694D1D5535C69704E9680CC94A030FB5"}],"id":"D4:EB:68:5B:FD:89-app-9","productName":"Cisco AnyConnect Secure Mobility Client","vendorName":"Cisco Systems, Inc.","version":"4.9.00086","category":"VPNClient,HealthAgent","installDirectory":"C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-10","productName":"Mozilla Firefox (x64 en-US)","vendorName":"Mozilla","version":"96.0.1","category":"Unclassified","installDirectory":"C:\\Program Files\\Mozilla Firefox\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-11","productName":"WordPad","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"Unclassified","installDirectory":"C:\\WINDOWS\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-12","productName":"Nmap 7.92","vendorName":"Nmap Project","version":"7.92","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-13","productName":"Remote Desktop Connection","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"Unclassified","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-14","productName":"Notepad","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"Unclassified","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-15","productName":"Google Chrome","vendorName":"Google Inc.","version":"97.0.4692.99","category":"AntiPhishing,Browser"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-16","productName":"Update for Windows 10 for x64-based Systems (KB4480730)","vendorName":"Microsoft Corporation","version":"2.55.0.0","category":"Unclassified"},{"runningProcesses":[{"processID":"9060","filePath":"c:\\program files\\7-zip\\7zfm.exe","processHash":"F0A19F71BA6FD30E45EBE90129DE57D45AA4E0B6CFC985B6E9F52E9DDED07B28"}],"id":"D4:EB:68:5B:FD:89-app-17","productName":"7-Zip 21.07 (x64)","vendorName":"Igor Pavlov","version":"21.07","category":"Unclassified","installDirectory":"C:\\Program Files\\7-Zip\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-18","productName":"Internet Explorer","vendorName":"Microsoft Corporation","version":"11.789.19041.0","category":"AntiPhishing,Browser","installDirectory":"C:\\Program Files\\Internet Explorer\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-19","productName":"Microsoft XML Parser","vendorName":"Microsoft Corporation","version":"8.110.19041.844","category":"Unclassified","installDirectory":"C:\\WINDOWS\\SysWOW64\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-20","productName":"Wireshark","vendorName":"The Wireshark developer community","version":"3.4.8","category":"Unclassified","installDirectory":"C:\\Program Files\\Wireshark\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-21","productName":"Microsoft Edge Update","vendorName":"","version":"1.3.155.77","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-22","productName":"Windows Backup and Restore","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"BackupClient","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-23","productName":"Microsoft Visual C++ Redistributable","vendorName":"Microsoft Corporation","version":"14.29.30040.0","category":"Unclassified","installDirectory":"C:\\ProgramData\\Package Cache\\{5c6cccca-61ec-4667-a8d9-e133a59a5a73}\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-24","productName":"WinSCP","vendorName":"Martin Prikryl","version":"5.19.5.0","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\WinSCP\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-25","productName":"Windows Media Player","vendorName":"Microsoft Corporation","version":"12.0.19041.1","category":"Unclassified","installDirectory":"C:\\Program Files\\Windows Media Player\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-26","productName":"Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040.0","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-27","productName":"PuTTY release 0.76 (64-bit)","vendorName":"Simon Tatham","version":"0.76.0.0","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-28","productName":"Npcap","vendorName":"Nmap Project","version":"1.50","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-29","productName":"PuTTY","vendorName":"PuTTY","version":"0.76","category":"Unclassified","installDirectory":"C:\\Program Files\\PuTTY\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-30","productName":"Windows File History","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"BackupClient","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-31","productName":"Zenmap","vendorName":"Insecure.Com LLC","version":"7.92","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\Nmap\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-32","productName":"Microsoft .NET Framework 4","vendorName":"Microsoft Corporation","version":"4.8.4084.0","category":"Unclassified","installDirectory":"C:\\WINDOWS\\Microsoft.NET\\Framework64\\v4.0.30319\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-33","productName":"Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-34","productName":"Mozilla Maintenance Service","vendorName":"Mozilla","version":"91.0","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-35","productName":"Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-36","productName":"Microsoft Edge","vendorName":"Microsoft Corporation","version":"97.0.1072.76","category":"AntiPhishing,Browser","installDirectory":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-37","productName":"Windows Security Health Agent","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"HealthAgent"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-38","productName":"Microsoft Update Health Tools","vendorName":"Microsoft Corporation","version":"2.84.0.0","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-39","productName":"Windows Defender","vendorName":"Microsoft Corporation","version":"4.18.2111.5","category":"AntiMalware","installDirectory":"C:\\Program Files\\Windows Defender\\"},{"runningProcesses":[{"processID":"6324","filePath":"c:\\program files (x86)\\cisco\\cisco anyconnect secure mobility client\\aciseposture.exe","processHash":"70158E2A95CB55BAEDD884953C92EDDF694D1D5535C69704E9680CC94A030FB5"}],"id":"D4:EB:68:5B:FD:89-app-40","productName":"Cisco AnyConnect ISE Posture Module","vendorName":"Cisco Systems, Inc.","version":"4.9.00086","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-41","productName":"Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-42","productName":"WinSCP 5.19.5","vendorName":"Martin Prikryl","version":"5.19.5","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\WinSCP\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-43","productName":"Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-44","productName":"Windows VPN Client","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"VPNClient","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-45","productName":"MG-SOFT MIB Browser 2021b (x64)","vendorName":"MG-SOFT d.o.o.","version":"19.01.9009","category":"Unclassified","installDirectory":"C:\\Program Files\\MG-SOFT\\MIB Browser\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:89-app-46","productName":"Windows Firewall","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"FireWall","installDirectory":"C:\\WINDOWS\\System32\\"}],"hwInfo":[{"id":"D4:EB:68:5B:FD:89-hw-0","category":"Memory","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"Memory_Type":"DRAM","Memory_SizeInGB":"4.000000","Memory_PercentageOfUsage":"46.945666"}},{"id":"D4:EB:68:5B:FD:89-hw-1","category":"Disk","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"Disk_Type":"Compact Disc"}},{"id":"D4:EB:68:5B:FD:89-hw-2","category":"BIOS","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"BIOS_Model":"VMware Virtual Platform","BIOS_SerialNumer":"VMware-42 03 22 43 e3 27 6c aa-5d 4f 88 e2 80 d6 24 b1","BIOS_Manufacturer":"Phoenix Technologies LTD"}},{"id":"D4:EB:68:5B:FD:89-hw-3","category":"USB","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"USB_Manufacturer":"Microsoft","USB_VendorID":"0x0E0F","USB_ProductID":"0x0003","USB_Type":"Mouse"}},{"id":"D4:EB:68:5B:FD:89-hw-4","category":"CPU","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"CPU_NumOfCores":"1","CPU_NumOfProcessors":"1","CPU_SpeedInGHZ":"2.400000","CPU_PercentageOfUsage":"48.831427"}},{"id":"D4:EB:68:5B:FD:89-hw-5","category":"USB","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"USB_Manufacturer":"Microsoft","USB_VendorID":"0x0E0F","USB_ProductID":"0x0003","USB_Type":"Mouse"}},{"id":"D4:EB:68:5B:FD:89-hw-6","category":"USB","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"USB_Manufacturer":"(Standard system devices)","USB_VendorID":"0x0E0F","USB_ProductID":"0x0003","USB_Type":"Human Interface Device"}},{"id":"D4:EB:68:5B:FD:89-hw-7","category":"Disk","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"Disk_InternalDiskNum":"1","Disk_Type":"Internal","Disk_FreeSizeinGB":"25.646835","Disk_InternalTotalSizeInGB":"49.011272","Disk_TotalSizeInGB":"49.011272","Disk_InternalTotalUsage":"47.671555","Disk_InternalTotalFreeSizeInGB":"25.646835"}},{"id":"D4:EB:68:5B:FD:89-hw-8","category":"USB","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"USB_Manufacturer":"(Standard system devices)","USB_VendorID":"0x0E0F","USB_ProductID":"0x0003","USB_Type":"Human Interface Device"}}],"dataType":"complete","macAddress":"D4:EB:68:5B:FD:89"},{"appInfo":[{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-0","productName":"Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040.0","category":"Unclassified"},{"runningProcesses":[{"processID":"8468","filePath":"c:\\users\\praveen\\appdata\\local\\microsoft\\onedrive\\onedrive.exe","processHash":"1322CB5392490CA7067F470DDF2874A8001BB5F33E7B7BBC3129B7A4ED15143F"}],"id":"D4:EB:68:5B:FD:88-app-1","productName":"Microsoft OneDrive","vendorName":"Microsoft Corporation","version":"22.002.0103.0004","category":"BackupClient,CloudStorage","installDirectory":"C:\\Users\\praveen\\AppData\\Local\\Microsoft\\OneDrive\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-2","productName":"Paint","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"Unclassified","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-3","productName":"Update for Windows 10 for x64-based Systems (KB4023057)","vendorName":"Microsoft Corporation","version":"2.67.0.0","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-4","productName":"Windows Update Agent","vendorName":"Microsoft Corporation","version":"10.0.19041.1288","category":"PatchManagement","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-5","productName":"Cisco AnyConnect ISE Compliance Module","vendorName":"Cisco Systems, Inc","version":"4.3.1340.6145","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\opswat\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-6","productName":"Wireshark 3.4.8 64-bit","vendorName":"The Wireshark developer community, https://www.wireshark.org","version":"3.4.8","category":"Unclassified","installDirectory":"C:\\Program Files\\Wireshark\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-7","productName":"BitLocker Drive Encryption","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"DiskEncryption","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[{"processID":"9592","filePath":"c:\\program files (x86)\\cisco\\cisco anyconnect secure mobility client\\aciseposture.exe","processHash":"70158E2A95CB55BAEDD884953C92EDDF694D1D5535C69704E9680CC94A030FB5"}],"id":"D4:EB:68:5B:FD:88-app-8","productName":"Cisco AnyConnect Secure Mobility Client","vendorName":"Cisco Systems, Inc.","version":"4.9.00086","category":"VPNClient,HealthAgent","installDirectory":"C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-9","productName":"Mozilla Firefox (x64 en-US)","vendorName":"Mozilla","version":"96.0.3","category":"Unclassified","installDirectory":"C:\\Program Files\\Mozilla Firefox\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-10","productName":"WordPad","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"Unclassified","installDirectory":"C:\\WINDOWS\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-11","productName":"Nmap 7.92","vendorName":"Nmap Project","version":"7.92","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-12","productName":"Remote Desktop Connection","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"Unclassified","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-13","productName":"Notepad","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"Unclassified","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-14","productName":"Google Chrome","vendorName":"Google Inc.","version":"97.0.4692.99","category":"AntiPhishing,Browser"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-15","productName":"Update for Windows 10 for x64-based Systems (KB4480730)","vendorName":"Microsoft Corporation","version":"2.55.0.0","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-16","productName":"Internet Explorer","vendorName":"Microsoft Corporation","version":"11.789.19041.0","category":"AntiPhishing,Browser","installDirectory":"C:\\Program Files\\Internet Explorer\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-17","productName":"Microsoft XML Parser","vendorName":"Microsoft Corporation","version":"8.110.19041.844","category":"Unclassified","installDirectory":"C:\\WINDOWS\\SysWOW64\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-18","productName":"Wireshark","vendorName":"The Wireshark developer community","version":"3.4.8","category":"Unclassified","installDirectory":"C:\\Program Files\\Wireshark\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-19","productName":"Microsoft Edge Update","vendorName":"","version":"1.3.155.77","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-20","productName":"Windows Backup and Restore","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"BackupClient","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-21","productName":"Microsoft Visual C++ Redistributable","vendorName":"Microsoft Corporation","version":"14.29.30040.0","category":"Unclassified","installDirectory":"C:\\ProgramData\\Package Cache\\{5c6cccca-61ec-4667-a8d9-e133a59a5a73}\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-22","productName":"WinSCP","vendorName":"Martin Prikryl","version":"5.19.5.0","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\WinSCP\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-23","productName":"Windows Media Player","vendorName":"Microsoft Corporation","version":"12.0.19041.1","category":"Unclassified","installDirectory":"C:\\Program Files\\Windows Media Player\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-24","productName":"Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040.0","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-25","productName":"PuTTY release 0.76 (64-bit)","vendorName":"Simon Tatham","version":"0.76.0.0","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-26","productName":"Npcap","vendorName":"Nmap Project","version":"1.50","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-27","productName":"PuTTY","vendorName":"PuTTY","version":"0.76","category":"Unclassified","installDirectory":"C:\\Program Files\\PuTTY\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-28","productName":"Windows File History","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"BackupClient","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-29","productName":"Zenmap","vendorName":"Insecure.Com LLC","version":"7.92","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\Nmap\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-30","productName":"Microsoft .NET Framework 4","vendorName":"Microsoft Corporation","version":"4.8.4084.0","category":"Unclassified","installDirectory":"C:\\WINDOWS\\Microsoft.NET\\Framework64\\v4.0.30319\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-31","productName":"Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-32","productName":"Mozilla Maintenance Service","vendorName":"Mozilla","version":"91.0","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-33","productName":"Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-34","productName":"Microsoft Edge","vendorName":"Microsoft Corporation","version":"97.0.1072.76","category":"AntiPhishing,Browser","installDirectory":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-35","productName":"Windows Security Health Agent","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"HealthAgent"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-36","productName":"Microsoft Update Health Tools","vendorName":"Microsoft Corporation","version":"2.84.0.0","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-37","productName":"Windows Defender","vendorName":"Microsoft Corporation","version":"4.18.2111.5","category":"AntiMalware","installDirectory":"C:\\Program Files\\Windows Defender\\"},{"runningProcesses":[{"processID":"9592","filePath":"c:\\program files (x86)\\cisco\\cisco anyconnect secure mobility client\\aciseposture.exe","processHash":"70158E2A95CB55BAEDD884953C92EDDF694D1D5535C69704E9680CC94A030FB5"}],"id":"D4:EB:68:5B:FD:88-app-38","productName":"Cisco AnyConnect ISE Posture Module","vendorName":"Cisco Systems, Inc.","version":"4.9.00086","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-39","productName":"Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-40","productName":"WinSCP 5.19.5","vendorName":"Martin Prikryl","version":"5.19.5","category":"Unclassified","installDirectory":"C:\\Program Files (x86)\\WinSCP\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-41","productName":"Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30040","vendorName":"Microsoft Corporation","version":"14.29.30040","category":"Unclassified"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-42","productName":"Windows VPN Client","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"VPNClient","installDirectory":"C:\\WINDOWS\\System32\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-43","productName":"MG-SOFT MIB Browser 2021b (x64)","vendorName":"MG-SOFT d.o.o.","version":"19.01.9009","category":"Unclassified","installDirectory":"C:\\Program Files\\MG-SOFT\\MIB Browser\\"},{"runningProcesses":[],"id":"D4:EB:68:5B:FD:88-app-44","productName":"Windows Firewall","vendorName":"Microsoft Corporation","version":"10.0.19041.1","category":"FireWall","installDirectory":"C:\\WINDOWS\\System32\\"}],"hwInfo":[{"id":"D4:EB:68:5B:FD:88-hw-0","category":"Memory","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"Memory_Type":"DRAM","Memory_SizeInGB":"4.000000","Memory_PercentageOfUsage":"50.858830"}},{"id":"D4:EB:68:5B:FD:88-hw-1","category":"Disk","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"Disk_Type":"Compact Disc"}},{"id":"D4:EB:68:5B:FD:88-hw-2","category":"BIOS","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"BIOS_Model":"VMware Virtual Platform","BIOS_SerialNumer":"VMware-42 03 25 7d 92 33 fe 16-98 b3 dc 1f b5 8f e3 e4","BIOS_Manufacturer":"Phoenix Technologies LTD"}},{"id":"D4:EB:68:5B:FD:88-hw-3","category":"CPU","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"CPU_NumOfCores":"1","CPU_NumOfProcessors":"1","CPU_SpeedInGHZ":"2.400000","CPU_PercentageOfUsage":"36.485674"}},{"id":"D4:EB:68:5B:FD:88-hw-4","category":"Disk","os":"WINDOWS_10_ENTERPRISE_ALL","attributes":{"Disk_InternalDiskNum":"1","Disk_Type":"Internal","Disk_FreeSizeinGB":"25.669323","Disk_InternalTotalSizeInGB":"49.011272","Disk_TotalSizeInGB":"49.011272","Disk_InternalTotalUsage":"47.62567","Disk_InternalTotalFreeSizeInGB":"25.669323"}}],"macAddress":"D4:EB:68:5B:FD:88"}]
Process finished with exit code 0