GET /v1/computers/{:connector_guid}/vulnerabilities
Description
Provides a list of vulnerabilities observed on a specific computer.
The list can be filtered to show only the vulnerable applications observed for a specific time range. For example, the query string: start_time=2019-05-15&end_time=2019-05-20, will return any vulnerable applications observed during the period from 2019-05-15 to 2019-05-20.
The start_time and end_time parameters accept date and time expressed according to ISO 8601.
Query Parameters
| Name | Type | Example Values | Description |
|---|---|---|---|
start_time |
String (Time ISO8601) | 2019-05-09T08:15:22+00:00, 2019-05-09 | Inclusive (The list will include vulnerable programs detected at start_time) |
end_time |
String (Time ISO8601) | 2019-05-16T08:15:22+00:00, 2019-05-16 | Exclusive - if end_time is a time (The list will only include vulnerable programs detected before end_time); Inclusive - if end_time is a date (The list will include vulnerable programs detected on the date) |
offset |
Integer | 10 | |
limit |
Integer | 10 |
| Name | Type | Description |
|---|---|---|
| version | String | |
| metadata.links.self | String | |
| metadata.links.prev | String | |
| metadata.results.total | Integer | |
| metadata.results.current_item_count | Integer | |
| metadata.results.index | Integer | |
| metadata.results.items_per_page | Integer | |
| data.connector_guid | GUID | |
| data.hostname | String | |
| data.vulnerabilities | Array | |
| data.links.computer | String | |
| data.links.trajectory | String |
Examples
- Fetch a specific computer's vulnerabilities with given connector_guid
- Fetch a specific computer's vulnerabilities with given connector_guid and filter by time range
- Fetch a specific computer's vulnerabilities with given connector_guid and filter by date range
Fetch a specific computer's vulnerabilities with given connector_guid
Request
Requires AuthorizationGET /v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/vulnerabilities?offset=0&limit=5
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/vulnerabilities?offset=0&limit=5'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/vulnerabilities?offset=0&limit=5'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 894 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2842 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"ddc2b7801baccac2af1bbce177b6b6fc" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/vulnerabilities?offset=0&limit=5"
},
"results": {
"total": 1,
"current_item_count": 1,
"index": 0,
"items_per_page": 5
}
},
"data": {
"connector_guid": "8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"hostname": "Demo_AMP_Exploit_Prevention",
"windows_processor_id": "30f6257891edb4a",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"trajectory": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"vulnerabilities": [
{
"application": "Mozilla Firefox",
"version": "41.0",
"file": {
"filename": "firefox.exe",
"identity": {
"sha256": "4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F"
}
},
"cves": [
{
"id": "CVE-2015-7204",
"link": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7204",
"cvss": 6.8
}
],
"latest_timestamp": 1647598800,
"latest_date": "2022-03-18T10:20:00+00:00"
}
]
}
}
Fetch a specific computer's vulnerabilities with given connector_guid and filter by time range
Request
Requires AuthorizationGET /v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/vulnerabilities?start_time=2022-03-16T10%3A20%3A00%2B00%3A00&end_time=2022-03-18T10%3A20%3A00%2B00%3A00&offset=0&limit=5
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/vulnerabilities?start_time=2022-03-16T10%3A20%3A00%2B00%3A00&end_time=2022-03-18T10%3A20%3A00%2B00%3A00&offset=0&limit=5'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/vulnerabilities?start_time=2022-03-16T10%3A20%3A00%2B00%3A00&end_time=2022-03-18T10%3A20%3A00%2B00%3A00&offset=0&limit=5'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 893 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2841 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"0ed07ae1bbe85b4a4d933d71f1df4bc2" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/vulnerabilities?start_time=2022-03-16T10%3A20%3A00%2B00%3A00&end_time=2022-03-18T10%3A20%3A00%2B00%3A00&offset=0&limit=5"
},
"results": {
"total": 0,
"current_item_count": 0,
"index": 0,
"items_per_page": 5
}
},
"data": {
"connector_guid": "8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"hostname": "Demo_AMP_Exploit_Prevention",
"windows_processor_id": "30f6257891edb4a",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"trajectory": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"vulnerabilities": [
]
}
}
Fetch a specific computer's vulnerabilities with given connector_guid and filter by date range
Request
Requires AuthorizationGET /v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/vulnerabilities?start_time=2022-03-16&end_time=2022-03-18&offset=0&limit=5
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/vulnerabilities?start_time=2022-03-16&end_time=2022-03-18&offset=0&limit=5'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/vulnerabilities?start_time=2022-03-16&end_time=2022-03-18&offset=0&limit=5'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 893 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2840 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"58e02715427c495f436601d4e8be9399" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/vulnerabilities?start_time=2022-03-16&end_time=2022-03-18&offset=0&limit=5"
},
"results": {
"total": 1,
"current_item_count": 1,
"index": 0,
"items_per_page": 5
}
},
"data": {
"connector_guid": "8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"hostname": "Demo_AMP_Exploit_Prevention",
"windows_processor_id": "30f6257891edb4a",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"trajectory": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"vulnerabilities": [
{
"application": "Mozilla Firefox",
"version": "41.0",
"file": {
"filename": "firefox.exe",
"identity": {
"sha256": "4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F"
}
},
"cves": [
{
"id": "CVE-2015-7204",
"link": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7204",
"cvss": 6.8
}
],
"latest_timestamp": 1647598800,
"latest_date": "2022-03-18T10:20:00+00:00"
}
]
}
}