Steampipe unbundled →
Steampipe Hub 
Hub
Plugins
turbot/vanta
Overview
8Tables
Versions
GitHub
steampipe plugin install vanta

Table: vanta_computer - Query Vanta Computer Assets using SQL

Vanta is a security and compliance automation platform. It simplifies the complex process of achieving and maintaining compliance with standards like SOC 2, HIPAA, and GDPR. Vanta's Computer Assets are individual computing devices that are part of your organization's network.

Table Usage Guide

The vanta_computer table provides insights into computer assets within Vanta's security and compliance automation platform. As a security analyst or compliance officer, explore details about each computer, including its operating system, installed software, and other related information through this table. Utilize it to monitor the security status of each computer, track software installations, and maintain compliance with various standards.

Important Notes

  • To query the table you must set session_id argument in the config file (~/.steampipe/config/vanta.spc).

Examples

Basic info

Explore which computers have a specific owner, serial number, and operating system version. This can help in identifying and managing the different machines within your network.

select
  owner_name,
  serial_number,
  agent_version,
  os_version,
  hostname
from
  vanta_computer;
select
  owner_name,
  serial_number,
  agent_version,
  os_version,
  hostname
from
  vanta_computer;

List computers with unencrypted hard drive

Discover the segments that consist of computers with unencrypted hard drives, allowing you to identify potential security vulnerabilities and take necessary actions to ensure data protection.

select
  owner_name,
  serial_number,
  agent_version,
  os_version,
  hostname
from
  vanta_computer
where
  not is_encrypted;
select
  owner_name,
  serial_number,
  agent_version,
  os_version,
  hostname
from
  vanta_computer
where
  is_encrypted = 0;

List computers with no screen lock configured

Discover the segments that include computers lacking screen lock configuration. This could be useful for identifying potential security risks within your network and implementing necessary security measures.

select
  owner_name,
  serial_number,
  agent_version,
  os_version,
  hostname
from
  vanta_computer
where
  not has_screen_lock;
select
  owner_name,
  serial_number,
  agent_version,
  os_version,
  hostname
from
  vanta_computer
where
  has_screen_lock = 0;

List computers with no password manager installed

Identify computers that may be vulnerable due to the absence of a password manager. This can help in enhancing system security by pinpointing machines that need password manager installations.

select
  owner_name,
  serial_number,
  agent_version,
  os_version,
  hostname
from
  vanta_computer
where
  installed_password_managers is null;
select
  owner_name,
  serial_number,
  agent_version,
  os_version,
  hostname
from
  vanta_computer
where
  installed_password_managers is null;

List computers not checked over the last 90 days

Explore which computers haven't been checked in the last 90 days. This is useful to identify potential risks or issues that might have been overlooked due to lack of regular monitoring.

select
  owner_name,
  serial_number,
  agent_version,
  os_version,
  hostname,
  last_ping
from
  vanta_computer
where
  last_ping < (current_timestamp - interval '90 days');
select
  owner_name,
  serial_number,
  agent_version,
  os_version,
  hostname,
  last_ping
from
  vanta_computer
where
  last_ping < datetime('now', '-90 day');

List unmonitored computers

Discover the segments that contain computers that are not being monitored. This is useful in identifying potential gaps in your IT infrastructure, allowing you to address any unsupported operating systems or versions.

select
  owner_name,
  serial_number,
  agent_version,
  os_version,
  hostname,
  case
    when (unsupported_reasons -> 'unsupportedOsVersion') :: boolean then 'OS version not supported'
    when (unsupported_reasons -> 'unsupportedOsType') :: boolean then 'OS not supported'
  end as status
from
  vanta_computer
where
  unsupported_reasons is not null;
select
  owner_name,
  serial_number,
  agent_version,
  os_version,
  hostname,
  case
    when json_extract(unsupported_reasons, '$.unsupportedOsVersion') = 'true' then 'OS version not supported'
    when json_extract(unsupported_reasons, '$.unsupportedOsType') = 'true' then 'OS not supported'
  end as status
from
  vanta_computer
where
  unsupported_reasons is not null;

List computers with Tailscale app installed

Determine the areas in which computers have the Tailscale app installed. This query is useful for gaining insights into the distribution and usage of this specific application within your network.

select
  owner_name,
  serial_number,
  last_ping,
  app as application
from
  vanta_computer,
  jsonb_array_elements_text(endpoint_applications) as app
where
  app like 'Tailscale %';
select
  owner_name,
  serial_number,
  last_ping,
  app.value as application
from
  vanta_computer,
  json_each(endpoint_applications) as app
where
  app.value like 'Tailscale %';

List computers with no Slack app installed

Determine the computers that do not have the Slack app installed. This can be useful for IT administrators to identify and rectify gaps in software deployment across the organization.

with device_with_slack_installed as (
  select
    distinct id
  from
    vanta_computer,
    jsonb_array_elements_text(endpoint_applications) as app
  where
    app like 'Slack %'
)
select
  owner_name,
  serial_number,
  last_ping
from
  vanta_computer
where
  endpoint_applications is not null
  and id not in (
    select
      id
    from
      device_with_slack_installed
  );
with device_with_slack_installed as (
  select
    distinct id
  from
    vanta_computer,
    json_each(endpoint_applications) as app
  where
    app.value like 'Slack %'
)
select
  owner_name,
  serial_number,
  last_ping
from
  vanta_computer
where
  endpoint_applications is not null
  and id not in (
    select
      id
    from
      device_with_slack_installed
  );

List computers with an older version of Zoom app (< 5.12)

Determine the areas in which computers are running outdated versions of the Zoom app for potential software updates. This helps in maintaining system security and ensuring all devices are up-to-date with the latest software versions.

select
  owner_name,
  serial_number,
  last_ping,
  app as application
from
  vanta_computer,
  jsonb_array_elements_text(endpoint_applications) as app
where
  app like 'zoom.us %'
  and string_to_array(split_part(app, ' ', 2), '.') :: int [ ] < string_to_array('5.12', '.') :: int [ ];
Error: SQLite does not support string_to_array
and split functions.

List computers owned by inactive users

Explore which computers are owned by users who are no longer active. This can help in asset management and ensuring resources are effectively allocated.

select
  u.display_name as owner,
  c.serial_number,
  u.end_date,
  c.last_ping
from
  vanta_computer as c
  join vanta_user as u on c.owner_id = u.id
  and not u.is_active;
select
  u.display_name as owner,
  c.serial_number,
  u.end_date,
  c.last_ping
from
  vanta_computer as c
  join vanta_user as u on c.owner_id = u.id
  and u.is_active = 0;

Schema for vanta_computer

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
agent_versiontextThe Vanta agent version.
endpoint_applicationsjsonbA list of applications installed on the device.
has_screen_lockbooleanIf true, the workstation has a screen lock configured.
host_identifiertextThe host identifier of the workstation.
hostnametextThe hostname of the workstation.
idtextA unique Vanta generated identifier of the computer.
installed_av_programsjsonbA list of anti-virus programs installed in the workstation.
installed_password_managersjsonbA list of password managers installed in the workstation.
is_encryptedbooleanIf true, the workstation's hard drive is encrypted.
is_password_manager_installedbooleanIf true, a password manager is installed in the workstation.
last_pingtimestamp with time zoneThe time when the workstation was last scanned by the Vanta agent.
num_browser_extensionsbigintThe number of browser extensions installed in the workstation.
organization_nametextThe name of the organization.
os_versiontextThe OS version of the workstation.
owner_idtextA unique identifier of the owner of the workstation.
owner_nametextThe name of the workstation owner.
serial_numbertextThe serial number of the workstation.
unsupported_reasonsjsonbSpecifies the reason for unmonitored computers.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- vanta

You can pass the configuration to the command with the --config argument:

steampipe_export_vanta --config '<your_config>' vanta_computer