
Lansweeper
IT Asset Management- Overview
- Setup
- Data & mappings
- Operations & API
- Changelog
The Lansweeper connector integrates with the Lansweeper IT Asset Management platform via its GraphQL API. It synchronizes IT asset inventory, vulnerability data, and software package information into the Brinqa platform.
Data retrieved from Lansweeper
| Connector Object | Required | Maps to Data Model |
|---|---|---|
| Host | Yes | Host |
| Vulnerability | Yes | Vulnerability |
| Vulnerability Definition | Yes | Vulnerability Definition |
| Installed Package | Yes | Installed Package |
| Package | Yes | Package |
| User | Yes | Person |
Model relationships
For detailed steps on how to view the data retrieved from Lansweeper in the Brinqa Platform, see How to view your data.
Connection settings
When setting up a data integration, select Lansweeper from the Connector dropdown and provide the following:
| Setting | Required | Default | Description |
|---|---|---|---|
| API Token | Yes | — | Personal Access Token (PAT) for Lansweeper API authentication. |
| URL | Yes | https://api.lansweeper.com | Base URL of the Lansweeper API (default: https://api.lansweeper.com). |
| Page Size | No | 500 | Number of records per page for paginated API queries (default: 500). |
| Parallelism Level | No | min(4, availableProcessors) | Number of parallel threads for API requests (default: number of available processors, max 4). |
| Max Retries | No | 5 | Maximum number of retry attempts for failed API requests (default: 3). |
Authentication
Method
Token authentication using a Lansweeper Personal Access Token (PAT).
Endpoint
| Method | URL |
|---|---|
POST | https://api.lansweeper.com/api/v2/graphql |
Request Headers
| Header | Value |
|---|---|
Authorization | Token <api-token> |
Content-Type | application/json |
Accept | application/json |
Request Body
All operations POST a GraphQL document to the single /api/v2/graphql endpoint. The connectivity test uses the authorized-sites probe below to validate the token:
{
"query": "{ authorizedSites { sites { id name companyName } } }",
"variables": null
}
Sample Response
{
"data": {
"authorizedSites": {
"sites": [
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"name": "Primary Site",
"companyName": "Example Corp"
}
]
}
}
}
Response Fields
| Field | Description |
|---|---|
data.authorizedSites.sites[].id | Site identifier; supplied as the siteId GraphQL variable for every subsequent asset, vulnerability, software, and user query |
data.authorizedSites.sites[].name | Human-readable site name |
data.authorizedSites.sites[].companyName | Company associated with the site |
errors | Present when the token is invalid or lacks permission; the connection test fails if errors are returned and no data is present |
Usage
The Personal Access Token is long-lived (it does not expire mid-sync) and is sent on every request via the Authorization header with the required Token prefix:
Authorization: Token <api-token>
Each sync first calls authorizedSites to enumerate the sites the token can access, then iterates those sites — passing each id as the siteId variable — to retrieve assets, vulnerabilities, software, and users.
To generate a PAT, navigate to Lansweeper > Developer Tools > Personal Access Tokens.
How to obtain Lansweeper credentials
Generate Lansweeper API keys
To generate a Personal Access Token (PAT) for the Lansweeper API:
- Log in to your Lansweeper account.
- Navigate to Developer Tools in the main navigation or settings.
- Select Personal Access Tokens.
- Generate a new token and save it securely, as it will be used as the API Token in the integration settings.
Attribute mappings
Expand the sections below to view the mappings between the source and the Brinqa data model attributes:
Host
| Source Field Name | SDM Attribute |
|---|---|
AssetBasicInfoResource.cloudCategory | CLOUD_CATEGORY |
AssetBasicInfoResource.cloudProvider | CLOUD_PROVIDER |
AssetBasicInfoResource.cloudRegion | CLOUD_REGION |
AssetBasicInfoResource.description | DESCRIPTION |
AssetBasicInfoResource.domain | DOMAIN |
AssetBasicInfoResource.firstSeen | FIRST_SEEN |
AssetBasicInfoResource.fqdn | FQDN |
AssetBasicInfoResource.ipAddress + NetworkResource.ipAddressV4/ipAddressV6 | IP_ADDRESSES |
AssetBasicInfoResource.lastSeen | LAST_SEEN |
AssetBasicInfoResource.mac + NetworkResource.macAddress | MAC_ADDRESSES |
AssetBasicInfoResource.name | NAME |
AssetBasicInfoResource.name | HOSTNAMES |
AssetBasicInfoResource.type | TYPE |
AssetBasicInfoResource.upTime | UP_TIME |
AssetBasicInfoResource.userDomain | USER_DOMAIN |
AssetBasicInfoResource.userName | USER_NAME |
AssetCustomResource.barCode | BAR_CODE |
AssetCustomResource.branchOffice | BRANCH_OFFICE |
AssetCustomResource.building | BUILDING |
AssetCustomResource.comment | COMMENT |
AssetCustomResource.contact | CONTACT |
AssetCustomResource.department | DEPARTMENT |
AssetCustomResource.dnsName | DNS_NAME |
AssetCustomResource.firmwareVersion | FIRMWARE_VERSION |
AssetCustomResource.hardwareVersion | HARDWARE_VERSION |
AssetCustomResource.lastPatched | LAST_PATCHED |
AssetCustomResource.location | LOCATION |
AssetCustomResource.manufacturer | MANUFACTURER |
AssetCustomResource.model | MODEL |
AssetCustomResource.modelNumber | MODEL_NUMBER |
AssetCustomResource.orderNumber | ORDER_NUMBER |
AssetCustomResource.purchaseDate | PURCHASE_DATE |
AssetCustomResource.serialNumber (fallback: OperatingSystemResource.serialNumber) | SERIAL_NUMBER |
AssetCustomResource.sku | SKU |
AssetCustomResource.softwareVersion | SOFTWARE_VERSION |
AssetCustomResource.stateName | ASSET_STATE |
AssetCustomResource.warrantyDate | WARRANTY_DATE |
classified from IP_ADDRESSES via AssetUtils.isPublicIP() | PUBLIC_IP_ADDRESSES |
classified from IP_ADDRESSES via AssetUtils.isPublicIP() | PRIVATE_IP_ADDRESSES |
constant | STATUS |
derived from AssetBasicInfoResource.type | CATEGORIES |
ExportAssetResource.key | UID |
ExportAssetResource.url | URL |
IpLocationResource.ipLocation | IP_LOCATION |
OperatingSystemResource.buildNumber | OS_BUILD |
OperatingSystemResource.caption | OPERATING_SYSTEM |
OperatingSystemResource.installDate | OS_INSTALL_DATE |
OperatingSystemResource.osType | OS_TYPE |
OperatingSystemResource.status | OS_STATUS |
OperatingSystemResource.supportEndDate | OS_SUPPORT_END_DATE |
OperatingSystemResource.version | OS_VERSION |
ProcessorResource.name (first) | CPU_NAME |
| site context | SITE_ID |
sum of HardDiskResource.size | TOTAL_DISK_GB |
sum of LogicalDiskResource.freeSpace | DISK_FREE_SPACE_GB |
sum of MemoryModuleResource.size | TOTAL_MEMORY_GB |
sum of ProcessorResource.numberOfCores | CPU_CORES |
| sync timestamp | LAST_CAPTURED |
WarrantyResource.shipDate (first) | WARRANTY_SHIP_DATE |
Vulnerability
| Source Field Name | SDM Attribute |
|---|---|
| derived from normalized severity | SEVERITY_SCORE |
| normalized from provider status | SOURCE_STATUS |
normalized from VulnerabilityResource.severity | SEVERITY |
| sync timestamp | LAST_CAPTURED |
VulnerabilityResource.assetKeys | TARGETS |
VulnerabilityResource.cve | UID |
VulnerabilityResource.cve | NAME |
VulnerabilityResource.cve | TYPE |
VulnerabilityResource.cve | CVE_IDS |
VulnerabilityResource.isActive | PROVIDER_STATUS |
VulnerabilityResource.publishedOn | FIRST_FOUND |
VulnerabilityResource.riskScore | RISK_SCORE |
VulnerabilityResource.severity | SOURCE_SEVERITY |
VulnerabilityResource.source | SOURCE |
VulnerabilityResource.updatedOn | LAST_FOUND |
Vulnerability Definition
| Source Field Name | SDM Attribute |
|---|---|
CisaResource.dueDate | CISA_DUE_DATE |
CisaResource.exploited | CISA_EXPLOITED |
CisaResource.knownRansomwareCampaignUse | CISA_RANSOMWARE |
| derived from normalized severity | SEVERITY_SCORE |
EpssResource.percentile | EPSS_PERCENTILE |
EpssResource.score | EPSS_SCORE |
MsrcResource.exploitability | MSRC_EXPLOITABILITY |
normalized from VulnerabilityResource.severity | SEVERITY |
NvdResource.exploitability | NVD_EXPLOITABILITY |
NvdResource.impact | NVD_IMPACT |
| sync timestamp | LAST_CAPTURED |
VulncheckResource.maxExploitMaturity | VULNCHECK_MATURITY |
VulncheckResource.publicExploitFound | VULNCHECK_PUBLIC_EXPLOIT |
VulncheckResource.reportedExploitedByBotnets | VULNCHECK_BOTNETS |
VulncheckResource.reportedExploitedByRansomware | VULNCHECK_RANSOMWARE |
VulncheckResource.reportedExploitedByThreatActors | VULNCHECK_THREAT_ACTORS |
VulnerabilityCauseResource.vendor + affectedProduct | DESCRIPTION |
VulnerabilityCauseResource.vendor + affectedProduct + category | TAGS |
VulnerabilityExploitabilityResource.exploitable | EXPLOITABLE |
VulnerabilityExploitabilityResource.exploitedInTheWild | EXPLOITED_IN_THE_WILD |
VulnerabilityExploitabilityResource.exploitTypes | EXPLOIT_TYPES |
VulnerabilityReferenceResource.url | REFERENCES |
VulnerabilityResource.attackComplexity | ATTACK_COMPLEXITY |
VulnerabilityResource.attackVector | ATTACK_VECTOR |
VulnerabilityResource.availabilityImpact | AVAILABILITY_IMPACT |
VulnerabilityResource.baseScore | BASE_SCORE |
VulnerabilityResource.confidentiality | CONFIDENTIALITY_IMPACT |
VulnerabilityResource.cve | UID |
VulnerabilityResource.cve | NAME |
VulnerabilityResource.cve | CVE_IDS |
VulnerabilityResource.cve | CVE_RECORDS |
VulnerabilityResource.integrity | INTEGRITY_IMPACT |
VulnerabilityResource.patchable | PATCHABLE |
VulnerabilityResource.privilegeRequired | PRIVILEGE_REQUIRED |
VulnerabilityResource.publishedOn | PUBLISHED_DATE |
VulnerabilityResource.scope | SCOPE |
VulnerabilityResource.severity | SOURCE_SEVERITY |
VulnerabilityResource.source | CATEGORIES |
VulnerabilityResource.userInteraction | USER_INTERACTION |
VulnerabilityResource.weaknessEnumeration | CWE_IDS |
Installed Package
| Source Field Name | SDM Attribute |
|---|---|
constant | CATEGORIES |
constant | STATUS |
| resolved via assetsWithSoftware N+1 query | TARGETS |
| software + "-" + version | UID |
| software + "-" + version | TYPE |
SoftwareResource.architectures | ARCHITECTURES |
SoftwareResource.category | SOFTWARE_CATEGORY |
SoftwareResource.installDate | INSTALL_DATE |
SoftwareResource.installType | INSTALL_TYPE |
SoftwareResource.operatingSystems | OPERATING_SYSTEMS |
SoftwareResource.publisher | PUBLISHER |
SoftwareResource.software | NAME |
SoftwareResource.type | SOFTWARE_TYPE |
| sync timestamp | LAST_CAPTURED |
Package
| Source Field Name | SDM Attribute |
|---|---|
constant | CATEGORIES |
| software + "-" + version | UID |
SoftwareResource.architectures | ARCHITECTURES |
SoftwareResource.assets | INSTALL_COUNT |
SoftwareResource.category | SOFTWARE_CATEGORY |
SoftwareResource.installDate | INSTALL_DATE |
SoftwareResource.installType | INSTALL_TYPE |
SoftwareResource.languages | LANGUAGES |
SoftwareResource.operatingSystems | OPERATING_SYSTEMS |
SoftwareResource.publisher | PUBLISHER |
SoftwareResource.relatedSoftwareNames | RELATED_SOFTWARE |
SoftwareResource.software | NAME |
SoftwareResource.type | SOFTWARE_TYPE |
SoftwareResource.unspsc | UNSPSC |
SoftwareResource.versions[0] | CURRENT_VERSION |
| sync timestamp | LAST_CAPTURED |
User
| Source Field Name | SDM Attribute |
|---|---|
ActiveDirectoryResource.department (fallback: UserResource.department) | DEPARTMENT |
ActiveDirectoryResource.email (fallback: UserResource.email) | |
ActiveDirectoryResource.firstName (fallback: UserResource.firstName) | FIRST_NAME |
ActiveDirectoryResource.lastLogon (fallback: UserResource.lastLogon) | LAST_LOGIN |
ActiveDirectoryResource.lastName (fallback: UserResource.lastName) | LAST_NAME |
ActiveDirectoryResource.title (fallback: UserResource.title) | JOB_TITLE |
ActiveDirectoryResource.userName (fallback: UserResource.userName) | USERNAME |
| derived from enabled | STATUS |
| site context | SITE_ID |
| sync timestamp | LAST_CAPTURED |
UserResource.company | COMPANY |
UserResource.countryCode | COUNTRY_CODE |
UserResource.description | DESCRIPTION |
UserResource.displayName (fallback: name) | NAME |
UserResource.employeeId | EMPLOYEE_ID |
UserResource.employeeNumber | EMPLOYEE_NUMBER |
UserResource.employeeType | EMPLOYEE_TYPE |
UserResource.key | UID |
UserResource.office | LOCATION |
UserResource.ou | OU |
UserResource.passwordExpirationDate | PASSWORD_EXPIRATION_DATE |
UserResource.passwordLastSet | PASSWORD_LAST_SET |
UserResource.passwordNeverExpires | PASSWORD_NEVER_EXPIRES |
UserResource.upn | UPN |
UserResource.userDomain | USER_DOMAIN |
Operations & API
Expand each connector object to see its operation options, delta-sync behavior, and the API it uses. See connector operation options for how to apply operation options (keys and values are case-sensitive).
Host
Operation options
| Option | Type | Default | Description |
|---|---|---|---|
assetType | String | assetBasicInfo.type | EQUAL |
domain | String | assetBasicInfo.domain | EQUAL |
ipAddress | String | assetBasicInfo.ipAddress | LIKE |
Delta sync
The connector README does not document sync behavior for this object.
API
- Type: See connector README
query AssetResources($siteId: ID!, $filters: AssetsFilterGroupedInput) {
site(id: $siteId) {
assetResources(
assetPagination: { limit: 500, cursor: "<cursor>", page: NEXT },
fields: [
"key",
"assetBasicInfo.name", "assetBasicInfo.type",
"assetBasicInfo.firstSeen", "assetBasicInfo.lastSeen",
"assetBasicInfo.domain", "assetBasicInfo.mac", "assetBasicInfo.ipAddress",
"assetCustom.manufacturer", "assetCustom.model",
"assetCustom.warrantyDate", "assetCustom.purchaseDate",
"assetCustom.location", "assetCustom.building", "assetCustom.department",
"assetCustom.serialNumber", "assetCustom.barCode", "assetCustom.contact",
"assetCustom.comment", "assetCustom.sku", "assetCustom.firmwareVersion",
"assetCustom.modelNumber", "assetCustom.stateName",
"operatingSystem.caption", "operatingSystem.version",
"operatingSystem.buildNumber", "operatingSystem.serialNumber",
"operatingSystem.supportEndDate",
"ipLocation.ipLocation",
"url"
],
filters: $filters
) {
total
pagination { limit current next page }
items
}
}
}
Vulnerability
Operation options
| Option | Type | Default | Description |
|---|---|---|---|
severity | String | severity | EQUAL |
source | String | source | EQUAL |
activeOnly | Boolean | isActive | EQUAL |
Delta sync
The connector README does not document sync behavior for this object.
API
- Type: GraphQL query
query Vulnerabilities($siteId: ID!, $filters: AssetsFilterGroupedInput) {
site(id: $siteId) {
vulnerabilities(
pagination: { limit: 500, cursor: "<cursor>", page: NEXT },
filters: $filters
) {
pagination { limit current next page }
items {
cve severity baseScore riskScore
publishedOn updatedOn isActive source
assetKeys
attackComplexity attackVector availabilityImpact
confidentiality integrity scope
privilegeRequired userInteraction
patchable weaknessEnumeration
cause { category affectedProduct vendor }
references { url tags }
exploitability {
exploitable exploitedInTheWild exploitTypes
epss { score percentile lastModified }
CISA { exploited dueDate knownRansomwareCampaignUse }
NVD { impact exploitability }
MSRC { exploitability }
Vulncheck {
maxExploitMaturity publicExploitFound
commercialExploitFound
reportedExploitedByThreatActors
reportedExploitedByRansomware
reportedExploitedByBotnets
}
}
}
}
}
}
Vulnerability Definition
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
- Type: GraphQL query (same query as Vulnerability)
Installed Package
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
- Type: GraphQL query
query Software($siteId: ID!) {
site(id: $siteId) {
softwareListWithCursor(softwarePagination: { limit: 500, cursor: [...] }) {
total limit
items {
software publisher versions
operatingSystems assets installDate
type installType category unspsc
relatedSoftwareNames architectures
shortVersions marketVersions
editions languages
}
current { fieldName fieldValue }
next { fieldName fieldValue }
}
}
}
Package
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
- Type: GraphQL query (same query as Installed Package)
User
Operation options
This object does not support any operation options.
Delta sync
The connector README does not document sync behavior for this object.
API
- Type: GraphQL query
query Users($siteId: ID!) {
site(id: $siteId) {
usersListWithCursor(pagination: { limit: 500 }) {
total
pagination { limit current next page }
items {
key company countryCode department description
displayName email employeeId employeeNumber employeeType
enabled firstName lastLogon lastName name office ou
passwordChangeableDate passwordExpirationDate
passwordLastSet passwordNeverExpires passwordRequired
title upn userCannotChangePassword userDomain userName
activeDirectory {
displayName userName userDomain enabled department
title email company countryCode description
employeeId employeeNumber employeeType firstName
lastLogon lastName name office ou upn
passwordChangeableDate passwordExpirationDate
passwordLastSet passwordNeverExpires passwordRequired
userCannotChangePassword
}
}
}
}
}
Changelog
The Lansweeper connector has undergone the following changes:
| Version | Description | Migration Steps |
|---|---|---|
| 3.0.1 | Improvements - Updated the connector icon to current Lansweeper branding. | N/A |
| 3.0.0 | Overview The Lansweeper connector integrates with Lansweeper to synchronize IT asset inventory, installed software, user inventory, and vulnerability findings into Brinqa. Category: IT Asset Management Models | N/A |