Agent Assets data

Agent Assets data contains information about endpoint devices, or assets, that Arctic Wolf Agent actively monitors. Arctic Wolf retains this data for the last 12 months.

The Agent Assets table includes this information:

Note:

The Category field does not populate in this table.

Column

Description

Asset Criticality
A label that helps you prioritize risks based on how critical an asset is to your infrastructure. Possible values are:
  • Unassigned — The default value for all devices.
  • None — Defer risk remediation, for example, because these assets are not interconnected with business systems.
  • Low — Defer risk remediation until higher-priority tasks are completed. These assets are unlikely targets for malicious activity, or have negligible negative impact if compromised.
  • Medium — Monitor for risk escalation. These assets have moderate negative impact if compromised.
  • High — Isolate and limit asset use until remediation. These assets have short-term compensating controls available, or are interconnected with external systems.
  • Critical — Remediate risks immediately. These assets are likely targets for malicious activity.
Tip:

To change this field value, see Edit asset criticality for more information.

Asset Tags
A set of labels that you apply to an asset to assist with risk mitigation planning. An asset can have more than one tag.A tag can be a custom value or one of these preset options:
  • backup_recovery — An asset that directly or indirectly engages in the preservation of data for the purposes of recovery.
  • gdpr — An asset that, if compromised, would make a business or organization in violation of their GDPR legal responsibilities, as the European Union mandates.
  • iam — An Identity and Access Management (IAM) system that provides users access to resources based on defined roles as policies.
  • internet_facing — An asset that can be reached through the public internet.
  • network_infra — An asset that makes communication between endpoints possible, including routers, switches, and firewalls.
  • pci — An asset that engages in the handling of credit card data, as part of the payment card industry (PCI) data security standards compliance.
  • pii — An asset that engages in the storage, retrieval, and/or processing of data that relates to an identified or identifiable natural person.
  • remote_access — An asset that is configured for remote access, including VPN gateways, and sign-in services. For example, RDP and SSH.
Tip:

To change this field value, see Edit asset tags.

City

The name of the city. This field is only populated if the Country field is available.

Client UUID

The unique identifier of the Agent that detected the asset.

Country

The country that the asset is located in.

Country Code

The Alpha-2 code of the country that the asset is located in. See External ISO documentation for more information.

Customer

Your customer ID.

Customer UUID

Your unique identifier.

Deployment ID

The ID of the Arctic Wolf appliance that detected this.

External IP Address

The IP address of the asset.

Latitude

The latitude of the asset. This is derived from the IP address of the asset.

Longitude

The longitude of the asset. This is derived from the IP address of the asset.

Name

The name of the asset.

OS Configuration

The configuration of the OS. Possible values are Additional/Backup Domain Controller, Member Server, Member Workstation, Primary Domain Controller, Standalone Server, or Standalone Workstation.

OS Manufacturer

The manufacturer of the asset OS.

OS Name

The name of the asset OS.

OS Version

The version of the asset OS.

Processor Name

The name of the asset processor.

System Manufacturer

The manufacturer of the asset.

System Model

The model of the asset.

System Type

The type of the asset system. Possible values are x64-based PC, X86-based PC, or ARM64-based PC.

Timestamp

The time that the asset was detected.

User

The user that the asset is registered to.