Cisco AMP for Endpoints API

GET /v1/computers

Description

Returns a list of computers with agents deployed on them. You can use parameters to narrow the search by IP address or hostname.

Query Parameters

Name Type Example Values Description
group_guid[] GUID 4060cf94-26e5-4176-8dea-cd3d0b68d8bc
limit Integer 10
hostname[] String Demo_CozyDuke, Demo_Dyre
external_ip String 93.111.140.204, 63.245.227.173
internal_ip String 87.27.44.37, 63.71.135.235

Show Response Fields

Name Type Description
version String
metadata.links.self String
metadata.results.total Integer
metadata.results.current_item_count Integer
metadata.results.index Integer
metadata.results.items_per_page Integer
data Array
data[].connector_guid GUID
data[].hostname String
data[].active Boolean
data[].links.computer String
data[].links.trajectory String
data[].links.group String
data[].connector_version String
data[].operating_system String
data[].internal_ips Array
data[].internal_ips[] String
data[].external_ip String
data[].group_guid GUID
data[].install_date String (Time ISO8601)
data[].network_addresses Array
data[].network_addresses[].mac String
data[].network_addresses[].ip String
data[].policy.guid GUID
data[].policy.name String
data[].last_seen String (Time ISO8601)
Write
Preview

Examples

Fetch list of computers
Fetch list of computers filtered by hostname
Fetch list of computers filtered by internal_ip
Fetch list of computers filtered by external_ip
Fetch list of computers filtered by group_guid

Fetch list of computers

Request

Requires Authorization
GET /v1/computers
Headers
accept: application/json
content-type: application/json
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers'

Response

Shortened for readability

strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
status: 200 OK
x-ratelimit-limit: 3000
x-ratelimit-reset: 1851
x-ratelimit-remaining: 2904
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2019-01-09T17:44:06Z
transfer-encoding: chunked
{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.amp.cisco.com/v1/computers"
    },
    "results": {
      "total": 16,
      "current_item_count": 16,
      "index": 0,
      "items_per_page": 500
    }
  },
  "data": [
    {
      "connector_guid": "6422df21-1d8d-4b36-9498-f5e7b9cdf706",
      "hostname": "Demo_SFEicar",
      "active": true,
      "links": {
        "computer": "https://api.amp.cisco.com/v1/computers/6422df21-1d8d-4b36-9498-f5e7b9cdf706",
        "trajectory": "https://api.amp.cisco.com/v1/computers/6422df21-1d8d-4b36-9498-f5e7b9cdf706/trajectory",
        "group": "https://api.amp.cisco.com/v1/groups/b077d6bc-bbdf-42f7-8838-a06053fbd98a"
      },
      "connector_version": "4.1.7.10201",
      "operating_system": "Windows 7, SP 1.0",
      "internal_ips": [
        "250.52.42.30"
      ],
      "external_ip": "74.19.208.197",
      "group_guid": "b077d6bc-bbdf-42f7-8838-a06053fbd98a",
      "install_date": "2016-05-20T19:20:00Z",
      "network_addresses": [
        {
          "mac": "34:8e:92:7b:d6:45",
          "ip": "250.52.42.30"
        }
      ],
      "policy": {
        "guid": "89912c9e-8dbd-4c2b-a1d8-dee8a0c2bb29",
        "name": "Audit Policy"
      },
      "last_seen": "2016-05-20T19:20:00Z",
      "faults": [

      ]
    },
    {
      "connector_guid": "41477ca9-cda2-4f7e-ba52-f1a9def97b63",
      "hostname": "Demo_SFEicar",
      "active": true,
      "links": {
        "computer": "https://api.amp.cisco.com/v1/computers/41477ca9-cda2-4f7e-ba52-f1a9def97b63",
        "trajectory": "https://api.amp.cisco.com/v1/computers/41477ca9-cda2-4f7e-ba52-f1a9def97b63/trajectory",
        "group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
      },
      "connector_version": "6.2.1.10804",
      "operating_system": "Windows 7, SP 1.0",
      "internal_ips": [
        "197.27.64.51"
      ],
      "external_ip": "12.229.163.171",
      "group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
      "install_date": "2018-11-01T20:35:26Z",
      "network_addresses": [
        {
          "mac": "ed:08:b4:ee:df:27",
          "ip": "197.27.64.51"
        }
      ],
      "policy": {
        "guid": "520c7c68-a637-43b1-b851-7830b0b336b6",
        "name": "Protect Policy"
      },
      "last_seen": "2018-11-01T20:35:26Z",
      "faults": [

      ]
    }
  ]
}

Fetch list of computers filtered by hostname

Request

Requires Authorization
GET /v1/computers?hostname[]=Demo_SFEicar&limit=10
Headers
accept: application/json
content-type: application/json
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers?hostname[]=Demo_SFEicar&limit=10'

Response

Shortened for readability

strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
status: 200 OK
x-ratelimit-limit: 3000
x-ratelimit-reset: 1850
x-ratelimit-remaining: 2902
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2019-01-09T17:44:06Z
transfer-encoding: chunked
{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.amp.cisco.com/v1/computers?hostname[]=Demo_SFEicar&limit=10"
    },
    "results": {
      "total": 2,
      "current_item_count": 2,
      "index": 0,
      "items_per_page": 10
    }
  },
  "data": [
    {
      "connector_guid": "6422df21-1d8d-4b36-9498-f5e7b9cdf706",
      "hostname": "Demo_SFEicar",
      "active": true,
      "links": {
        "computer": "https://api.amp.cisco.com/v1/computers/6422df21-1d8d-4b36-9498-f5e7b9cdf706",
        "trajectory": "https://api.amp.cisco.com/v1/computers/6422df21-1d8d-4b36-9498-f5e7b9cdf706/trajectory",
        "group": "https://api.amp.cisco.com/v1/groups/b077d6bc-bbdf-42f7-8838-a06053fbd98a"
      },
      "connector_version": "4.1.7.10201",
      "operating_system": "Windows 7, SP 1.0",
      "internal_ips": [
        "250.52.42.30"
      ],
      "external_ip": "74.19.208.197",
      "group_guid": "b077d6bc-bbdf-42f7-8838-a06053fbd98a",
      "install_date": "2016-05-20T19:20:00Z",
      "network_addresses": [
        {
          "mac": "34:8e:92:7b:d6:45",
          "ip": "250.52.42.30"
        }
      ],
      "policy": {
        "guid": "89912c9e-8dbd-4c2b-a1d8-dee8a0c2bb29",
        "name": "Audit Policy"
      },
      "last_seen": "2016-05-20T19:20:00Z",
      "faults": [

      ]
    },
    {
      "connector_guid": "41477ca9-cda2-4f7e-ba52-f1a9def97b63",
      "hostname": "Demo_SFEicar",
      "active": true,
      "links": {
        "computer": "https://api.amp.cisco.com/v1/computers/41477ca9-cda2-4f7e-ba52-f1a9def97b63",
        "trajectory": "https://api.amp.cisco.com/v1/computers/41477ca9-cda2-4f7e-ba52-f1a9def97b63/trajectory",
        "group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
      },
      "connector_version": "6.2.1.10804",
      "operating_system": "Windows 7, SP 1.0",
      "internal_ips": [
        "197.27.64.51"
      ],
      "external_ip": "12.229.163.171",
      "group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
      "install_date": "2018-11-01T20:35:26Z",
      "network_addresses": [
        {
          "mac": "ed:08:b4:ee:df:27",
          "ip": "197.27.64.51"
        }
      ],
      "policy": {
        "guid": "520c7c68-a637-43b1-b851-7830b0b336b6",
        "name": "Protect Policy"
      },
      "last_seen": "2018-11-01T20:35:26Z",
      "faults": [

      ]
    }
  ]
}

Fetch list of computers filtered by internal_ip

Request

Requires Authorization
GET /v1/computers?internal_ip=250.52.42.30&limit=10
Headers
accept: application/json
content-type: application/json
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers?internal_ip=250.52.42.30&limit=10'

Response

Shortened for readability

strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
status: 200 OK
x-ratelimit-limit: 3000
x-ratelimit-reset: 1849
x-ratelimit-remaining: 2900
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2019-01-09T17:44:06Z
transfer-encoding: chunked
{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.amp.cisco.com/v1/computers?internal_ip=250.52.42.30&limit=10"
    },
    "results": {
      "total": 1,
      "current_item_count": 1,
      "index": 0,
      "items_per_page": 10
    }
  },
  "data": [
    {
      "connector_guid": "6422df21-1d8d-4b36-9498-f5e7b9cdf706",
      "hostname": "Demo_SFEicar",
      "active": true,
      "links": {
        "computer": "https://api.amp.cisco.com/v1/computers/6422df21-1d8d-4b36-9498-f5e7b9cdf706",
        "trajectory": "https://api.amp.cisco.com/v1/computers/6422df21-1d8d-4b36-9498-f5e7b9cdf706/trajectory",
        "group": "https://api.amp.cisco.com/v1/groups/b077d6bc-bbdf-42f7-8838-a06053fbd98a"
      },
      "connector_version": "4.1.7.10201",
      "operating_system": "Windows 7, SP 1.0",
      "internal_ips": [
        "250.52.42.30"
      ],
      "external_ip": "74.19.208.197",
      "group_guid": "b077d6bc-bbdf-42f7-8838-a06053fbd98a",
      "install_date": "2016-05-20T19:20:00Z",
      "network_addresses": [
        {
          "mac": "34:8e:92:7b:d6:45",
          "ip": "250.52.42.30"
        }
      ],
      "policy": {
        "guid": "89912c9e-8dbd-4c2b-a1d8-dee8a0c2bb29",
        "name": "Audit Policy"
      },
      "last_seen": "2016-05-20T19:20:00Z",
      "faults": [

      ]
    }
  ]
}

Fetch list of computers filtered by external_ip

Request

Requires Authorization
GET /v1/computers?external_ip=74.19.208.197&limit=10
Headers
accept: application/json
content-type: application/json
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers?external_ip=74.19.208.197&limit=10'

Response

Shortened for readability

strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
status: 200 OK
x-ratelimit-limit: 3000
x-ratelimit-reset: 1848
x-ratelimit-remaining: 2898
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2019-01-09T17:44:06Z
transfer-encoding: chunked
{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.amp.cisco.com/v1/computers?external_ip=74.19.208.197&limit=10"
    },
    "results": {
      "total": 1,
      "current_item_count": 1,
      "index": 0,
      "items_per_page": 10
    }
  },
  "data": [
    {
      "connector_guid": "6422df21-1d8d-4b36-9498-f5e7b9cdf706",
      "hostname": "Demo_SFEicar",
      "active": true,
      "links": {
        "computer": "https://api.amp.cisco.com/v1/computers/6422df21-1d8d-4b36-9498-f5e7b9cdf706",
        "trajectory": "https://api.amp.cisco.com/v1/computers/6422df21-1d8d-4b36-9498-f5e7b9cdf706/trajectory",
        "group": "https://api.amp.cisco.com/v1/groups/b077d6bc-bbdf-42f7-8838-a06053fbd98a"
      },
      "connector_version": "4.1.7.10201",
      "operating_system": "Windows 7, SP 1.0",
      "internal_ips": [
        "250.52.42.30"
      ],
      "external_ip": "74.19.208.197",
      "group_guid": "b077d6bc-bbdf-42f7-8838-a06053fbd98a",
      "install_date": "2016-05-20T19:20:00Z",
      "network_addresses": [
        {
          "mac": "34:8e:92:7b:d6:45",
          "ip": "250.52.42.30"
        }
      ],
      "policy": {
        "guid": "89912c9e-8dbd-4c2b-a1d8-dee8a0c2bb29",
        "name": "Audit Policy"
      },
      "last_seen": "2016-05-20T19:20:00Z",
      "faults": [

      ]
    }
  ]
}

Fetch list of computers filtered by group_guid

Request

Requires Authorization
GET /v1/computers?group_guid[]=b077d6bc-bbdf-42f7-8838-a06053fbd98a&limit=10
Headers
accept: application/json
content-type: application/json
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers?group_guid[]=b077d6bc-bbdf-42f7-8838-a06053fbd98a&limit=10'

Response

Shortened for readability

strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
status: 200 OK
x-ratelimit-limit: 3000
x-ratelimit-reset: 1848
x-ratelimit-remaining: 2896
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2019-01-09T17:44:06Z
transfer-encoding: chunked
{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.amp.cisco.com/v1/computers?group_guid[]=b077d6bc-bbdf-42f7-8838-a06053fbd98a&limit=10",
      "next": "https://api.amp.cisco.com/v1/computers?group_guid%5B%5D=b077d6bc-bbdf-42f7-8838-a06053fbd98a&limit=10&offset=10"
    },
    "results": {
      "total": 11,
      "current_item_count": 10,
      "index": 0,
      "items_per_page": 10
    }
  },
  "data": [
    {
      "connector_guid": "6422df21-1d8d-4b36-9498-f5e7b9cdf706",
      "hostname": "Demo_SFEicar",
      "active": true,
      "links": {
        "computer": "https://api.amp.cisco.com/v1/computers/6422df21-1d8d-4b36-9498-f5e7b9cdf706",
        "trajectory": "https://api.amp.cisco.com/v1/computers/6422df21-1d8d-4b36-9498-f5e7b9cdf706/trajectory",
        "group": "https://api.amp.cisco.com/v1/groups/b077d6bc-bbdf-42f7-8838-a06053fbd98a"
      },
      "connector_version": "4.1.7.10201",
      "operating_system": "Windows 7, SP 1.0",
      "internal_ips": [
        "250.52.42.30"
      ],
      "external_ip": "74.19.208.197",
      "group_guid": "b077d6bc-bbdf-42f7-8838-a06053fbd98a",
      "install_date": "2016-05-20T19:20:00Z",
      "network_addresses": [
        {
          "mac": "34:8e:92:7b:d6:45",
          "ip": "250.52.42.30"
        }
      ],
      "policy": {
        "guid": "89912c9e-8dbd-4c2b-a1d8-dee8a0c2bb29",
        "name": "Audit Policy"
      },
      "last_seen": "2016-05-20T19:20:00Z",
      "faults": [

      ]
    },
    {
      "connector_guid": "d8775b6a-3f59-433e-b1ab-3a54d8ccbc46",
      "hostname": "Demo_Stabuniq",
      "active": true,
      "links": {
        "computer": "https://api.amp.cisco.com/v1/computers/d8775b6a-3f59-433e-b1ab-3a54d8ccbc46",
        "trajectory": "https://api.amp.cisco.com/v1/computers/d8775b6a-3f59-433e-b1ab-3a54d8ccbc46/trajectory",
        "group": "https://api.amp.cisco.com/v1/groups/b077d6bc-bbdf-42f7-8838-a06053fbd98a"
      },
      "connector_version": "4.1.7.10201",
      "operating_system": "Windows 7, SP 1.0",
      "internal_ips": [
        "229.174.248.203"
      ],
      "external_ip": "185.3.46.116",
      "group_guid": "b077d6bc-bbdf-42f7-8838-a06053fbd98a",
      "install_date": "2016-05-20T19:20:01Z",
      "network_addresses": [
        {
          "mac": "f2:e6:16:7d:03:0b",
          "ip": "229.174.248.203"
        }
      ],
      "policy": {
        "guid": "89912c9e-8dbd-4c2b-a1d8-dee8a0c2bb29",
        "name": "Audit Policy"
      },
      "last_seen": "2016-05-20T19:20:01Z",
      "faults": [

      ]
    }
  ]
}