The task data files for a runZero scan task can be downloaded from the task details page. The files are in JSONL format — that is, a sequence of JSON objects separated by linebreaks. You can make the data more readable by piping it through a program such as jq.
Scan responses from devices appear as objects with the type field set to "result". For example:
{
"type": "result",
"ts": 1692657303102146600,
"host": "10.0.1.171",
"port": "0",
"proto": "icmp",
"probe": "echo",
"info": {
"icmp.addrs": "10.0.1.171",
"icmp.rtts": "3562650",
"icmp.typeCode": "EchoReply",
"icmp.typeCodeN": "0/0",
"ip.tos": "0",
"ip.ttl": "64"
}
}The host field contains the TCP/IP address, and the ts field is the time since 1970-01-01 00:00:00 UTC, in nanoseconds. Note that determining when a device was scanned using this method requires that it responded to at least one scan probe.
To locate the scan task that most recently saw a particular asset, click through to the asset details page and click on the Last seen link.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article