GET /v1/computers
Description
Query Parameters
Name | Type | Example Values | Description |
---|---|---|---|
hostname[] |
Date | Demo_AMP_MAP_FriedEx | |
limit |
Integer | 10 | |
offset |
Integer | 20 | |
internal_ip |
String | 212.143.221.79 | |
external_ip |
String | 102.141.238.162 | |
group_guid[] |
GUID | 6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03 |
Name | Type | Description |
---|---|---|
version | String | |
metadata.links.self | String | |
metadata.results.total | Integer | |
metadata.results.current_item_count | Integer | |
metadata.results.index | Integer | |
metadata.results.items_per_page | Integer | |
data | Array | |
data[].connector_guid | GUID | |
data[].hostname | String | |
data[].active | Boolean | |
data[].links.computer | String | |
data[].links.trajectory | String | |
data[].links.group | String | |
data[].connector_version | String | |
data[].operating_system | String | |
data[].os_version | String | |
data[].internal_ips | Array | |
data[].internal_ips[] | String | |
data[].external_ip | String | |
data[].group_guid | GUID | |
data[].install_date | String (Time ISO8601) | |
data[].network_addresses | Array | |
data[].network_addresses[].mac | String | |
data[].network_addresses[].ip | String | |
data[].policy.guid | GUID | |
data[].policy.name | String | |
data[].last_seen | String (Time ISO8601) | |
data[].faults | Array | |
data[].isolation.available | Boolean | |
data[].isolation.status | String |
Note
The hostname search is conducted with an ending wildcard so a list of hosts will be returned if multiple matches occur.
Examples
- Fetch list of computers
- Fetch list of computers filtered by hostname
- Fetch list of computers filtered by internal_ip
- Fetch list of computers filtered by external_ip
- Fetch list of computers filtered by group_guid
- Fetch list of computers filtered by last_seen_within
- Fetch list of computers filtered by last_seen_over
Fetch list of computers
Request
Requires AuthorizationGET /v1/computers
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/computers'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 898 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2854 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"7f83b5e119c0111fdeb37958934ff4fc" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/computers"
},
"results": {
"total": 52,
"current_item_count": 52,
"index": 0,
"items_per_page": 500
}
},
"data": [
{
"connector_guid": "bad2c522-3052-4d75-93a0-832d6283c299",
"hostname": "Demo_AMP",
"windows_processor_id": "195b0d8736e2af4",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/bad2c522-3052-4d75-93a0-832d6283c299",
"trajectory": "https://api.amp.cisco.com/v1/computers/bad2c522-3052-4d75-93a0-832d6283c299/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"connector_version": "99.0.99.20946",
"operating_system": "Windows 10",
"os_version": "10.0.19044.1466",
"internal_ips": [
"74.177.148.86"
],
"external_ip": "78.127.198.189",
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"install_date": "2022-02-16T11:40:01Z",
"is_compromised": false,
"demo": true,
"network_addresses": [
{
"mac": "31:5e:f7:d7:d3:31",
"ip": "74.177.148.86"
}
],
"policy": {
"guid": "520c7c68-a637-43b1-b851-7830b0b336b6",
"name": "Protect Policy"
},
"groups": [
{
"guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"name": "Protect"
}
],
"last_seen": "2022-03-18T11:40:01Z",
"faults": [
],
"isolation": {
"available": false,
"status": "not_isolated"
},
"orbital": {
"status": "not_enabled"
}
},
{
"connector_guid": "8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"hostname": "Demo_AMP_Exploit_Prevention",
"windows_processor_id": "30f6257891edb4a",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"trajectory": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"connector_version": "99.0.99.20946",
"operating_system": "Windows 10",
"os_version": "10.0.19044.1466",
"internal_ips": [
"99.193.103.205"
],
"external_ip": "61.151.3.61",
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"install_date": "2022-02-16T11:40:00Z",
"is_compromised": false,
"demo": true,
"network_addresses": [
{
"mac": "c1:f9:f5:d3:ba:54",
"ip": "99.193.103.205"
}
],
"policy": {
"guid": "520c7c68-a637-43b1-b851-7830b0b336b6",
"name": "Protect Policy"
},
"groups": [
{
"guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"name": "Protect"
}
],
"last_seen": "2022-03-18T11:40:00Z",
"faults": [
],
"isolation": {
"available": false,
"status": "not_isolated"
},
"orbital": {
"status": "not_enabled"
}
}
]
}
Fetch list of computers filtered by hostname
Request
Requires AuthorizationGET /v1/computers?hostname%5B%5D=Demo_AMP&limit=10&offset=0
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers?hostname%5B%5D=Demo_AMP&limit=10&offset=0'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/computers?hostname%5B%5D=Demo_AMP&limit=10&offset=0'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 898 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2853 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"24c950ef1d53e7f0945665fae99f040c" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/computers?hostname%5B%5D=Demo_AMP&limit=10&offset=0"
},
"results": {
"total": 7,
"current_item_count": 7,
"index": 0,
"items_per_page": 10
}
},
"data": [
{
"connector_guid": "bad2c522-3052-4d75-93a0-832d6283c299",
"hostname": "Demo_AMP",
"windows_processor_id": "195b0d8736e2af4",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/bad2c522-3052-4d75-93a0-832d6283c299",
"trajectory": "https://api.amp.cisco.com/v1/computers/bad2c522-3052-4d75-93a0-832d6283c299/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"connector_version": "99.0.99.20946",
"operating_system": "Windows 10",
"os_version": "10.0.19044.1466",
"internal_ips": [
"74.177.148.86"
],
"external_ip": "78.127.198.189",
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"install_date": "2022-02-16T11:40:01Z",
"is_compromised": false,
"demo": true,
"network_addresses": [
{
"mac": "31:5e:f7:d7:d3:31",
"ip": "74.177.148.86"
}
],
"policy": {
"guid": "520c7c68-a637-43b1-b851-7830b0b336b6",
"name": "Protect Policy"
},
"groups": [
{
"guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"name": "Protect"
}
],
"last_seen": "2022-03-18T11:40:01Z",
"faults": [
],
"isolation": {
"available": false,
"status": "not_isolated"
},
"orbital": {
"status": "not_enabled"
}
},
{
"connector_guid": "8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"hostname": "Demo_AMP_Exploit_Prevention",
"windows_processor_id": "30f6257891edb4a",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"trajectory": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"connector_version": "99.0.99.20946",
"operating_system": "Windows 10",
"os_version": "10.0.19044.1466",
"internal_ips": [
"99.193.103.205"
],
"external_ip": "61.151.3.61",
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"install_date": "2022-02-16T11:40:00Z",
"is_compromised": false,
"demo": true,
"network_addresses": [
{
"mac": "c1:f9:f5:d3:ba:54",
"ip": "99.193.103.205"
}
],
"policy": {
"guid": "520c7c68-a637-43b1-b851-7830b0b336b6",
"name": "Protect Policy"
},
"groups": [
{
"guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"name": "Protect"
}
],
"last_seen": "2022-03-18T11:40:00Z",
"faults": [
],
"isolation": {
"available": false,
"status": "not_isolated"
},
"orbital": {
"status": "not_enabled"
}
}
]
}
Fetch list of computers filtered by internal_ip
Request
Requires AuthorizationGET /v1/computers?internal_ip=74.177.148.86&limit=10&offset=0
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers?internal_ip=74.177.148.86&limit=10&offset=0'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/computers?internal_ip=74.177.148.86&limit=10&offset=0'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 897 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2852 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"cbb7e917cd12175ea11ec3a936faec0b" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/computers?internal_ip=74.177.148.86&limit=10&offset=0"
},
"results": {
"total": 1,
"current_item_count": 1,
"index": 0,
"items_per_page": 10
}
},
"data": [
{
"connector_guid": "bad2c522-3052-4d75-93a0-832d6283c299",
"hostname": "Demo_AMP",
"windows_processor_id": "195b0d8736e2af4",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/bad2c522-3052-4d75-93a0-832d6283c299",
"trajectory": "https://api.amp.cisco.com/v1/computers/bad2c522-3052-4d75-93a0-832d6283c299/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"connector_version": "99.0.99.20946",
"operating_system": "Windows 10",
"os_version": "10.0.19044.1466",
"internal_ips": [
"74.177.148.86"
],
"external_ip": "78.127.198.189",
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"install_date": "2022-02-16T11:40:01Z",
"is_compromised": false,
"demo": true,
"network_addresses": [
{
"mac": "31:5e:f7:d7:d3:31",
"ip": "74.177.148.86"
}
],
"policy": {
"guid": "520c7c68-a637-43b1-b851-7830b0b336b6",
"name": "Protect Policy"
},
"groups": [
{
"guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"name": "Protect"
}
],
"last_seen": "2022-03-18T11:40:01Z",
"faults": [
],
"isolation": {
"available": false,
"status": "not_isolated"
},
"orbital": {
"status": "not_enabled"
}
}
]
}
Fetch list of computers filtered by external_ip
Request
Requires AuthorizationGET /v1/computers?external_ip=78.127.198.189&limit=10&offset=0
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers?external_ip=78.127.198.189&limit=10&offset=0'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/computers?external_ip=78.127.198.189&limit=10&offset=0'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 897 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2851 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"36d475f4e1b87b2922eeedcf1e9cbd00" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/computers?external_ip=78.127.198.189&limit=10&offset=0"
},
"results": {
"total": 1,
"current_item_count": 1,
"index": 0,
"items_per_page": 10
}
},
"data": [
{
"connector_guid": "bad2c522-3052-4d75-93a0-832d6283c299",
"hostname": "Demo_AMP",
"windows_processor_id": "195b0d8736e2af4",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/bad2c522-3052-4d75-93a0-832d6283c299",
"trajectory": "https://api.amp.cisco.com/v1/computers/bad2c522-3052-4d75-93a0-832d6283c299/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"connector_version": "99.0.99.20946",
"operating_system": "Windows 10",
"os_version": "10.0.19044.1466",
"internal_ips": [
"74.177.148.86"
],
"external_ip": "78.127.198.189",
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"install_date": "2022-02-16T11:40:01Z",
"is_compromised": false,
"demo": true,
"network_addresses": [
{
"mac": "31:5e:f7:d7:d3:31",
"ip": "74.177.148.86"
}
],
"policy": {
"guid": "520c7c68-a637-43b1-b851-7830b0b336b6",
"name": "Protect Policy"
},
"groups": [
{
"guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"name": "Protect"
}
],
"last_seen": "2022-03-18T11:40:01Z",
"faults": [
],
"isolation": {
"available": false,
"status": "not_isolated"
},
"orbital": {
"status": "not_enabled"
}
}
]
}
Fetch list of computers filtered by group_guid
Request
Requires AuthorizationGET /v1/computers?group_guid%5B%5D=6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03&limit=10&offset=0
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers?group_guid%5B%5D=6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03&limit=10&offset=0'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/computers?group_guid%5B%5D=6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03&limit=10&offset=0'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 897 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2850 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"eb56ae82d0b95e5cd91aa686a5c0bcb6" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/computers?group_guid%5B%5D=6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03&limit=10&offset=0",
"next": "https://api.amp.cisco.com/v1/computers?group_guid%5B%5D=6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03&limit=10&offset=10"
},
"results": {
"total": 13,
"current_item_count": 10,
"index": 0,
"items_per_page": 10
}
},
"data": [
{
"connector_guid": "bad2c522-3052-4d75-93a0-832d6283c299",
"hostname": "Demo_AMP",
"windows_processor_id": "195b0d8736e2af4",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/bad2c522-3052-4d75-93a0-832d6283c299",
"trajectory": "https://api.amp.cisco.com/v1/computers/bad2c522-3052-4d75-93a0-832d6283c299/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"connector_version": "99.0.99.20946",
"operating_system": "Windows 10",
"os_version": "10.0.19044.1466",
"internal_ips": [
"74.177.148.86"
],
"external_ip": "78.127.198.189",
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"install_date": "2022-02-16T11:40:01Z",
"is_compromised": false,
"demo": true,
"network_addresses": [
{
"mac": "31:5e:f7:d7:d3:31",
"ip": "74.177.148.86"
}
],
"policy": {
"guid": "520c7c68-a637-43b1-b851-7830b0b336b6",
"name": "Protect Policy"
},
"groups": [
{
"guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"name": "Protect"
}
],
"last_seen": "2022-03-18T11:40:01Z",
"faults": [
],
"isolation": {
"available": false,
"status": "not_isolated"
},
"orbital": {
"status": "not_enabled"
}
},
{
"connector_guid": "8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"hostname": "Demo_AMP_Exploit_Prevention",
"windows_processor_id": "30f6257891edb4a",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"trajectory": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"connector_version": "99.0.99.20946",
"operating_system": "Windows 10",
"os_version": "10.0.19044.1466",
"internal_ips": [
"99.193.103.205"
],
"external_ip": "61.151.3.61",
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"install_date": "2022-02-16T11:40:00Z",
"is_compromised": false,
"demo": true,
"network_addresses": [
{
"mac": "c1:f9:f5:d3:ba:54",
"ip": "99.193.103.205"
}
],
"policy": {
"guid": "520c7c68-a637-43b1-b851-7830b0b336b6",
"name": "Protect Policy"
},
"groups": [
{
"guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"name": "Protect"
}
],
"last_seen": "2022-03-18T11:40:00Z",
"faults": [
],
"isolation": {
"available": false,
"status": "not_isolated"
},
"orbital": {
"status": "not_enabled"
}
}
]
}
Fetch list of computers filtered by last_seen_within
Request
Requires AuthorizationGET /v1/computers?last_seen_within=30&limit=10&offset=0
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers?last_seen_within=30&limit=10&offset=0'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/computers?last_seen_within=30&limit=10&offset=0'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 897 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2849 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"1f5bb6ed80905f924f5c748d73348252" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/computers?last_seen_within=30&limit=10&offset=0",
"next": "https://api.amp.cisco.com/v1/computers?last_seen_within=30&limit=10&offset=10"
},
"results": {
"total": 38,
"current_item_count": 10,
"index": 0,
"items_per_page": 10
}
},
"data": [
{
"connector_guid": "bad2c522-3052-4d75-93a0-832d6283c299",
"hostname": "Demo_AMP",
"windows_processor_id": "195b0d8736e2af4",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/bad2c522-3052-4d75-93a0-832d6283c299",
"trajectory": "https://api.amp.cisco.com/v1/computers/bad2c522-3052-4d75-93a0-832d6283c299/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"connector_version": "99.0.99.20946",
"operating_system": "Windows 10",
"os_version": "10.0.19044.1466",
"internal_ips": [
"74.177.148.86"
],
"external_ip": "78.127.198.189",
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"install_date": "2022-02-16T11:40:01Z",
"is_compromised": false,
"demo": true,
"network_addresses": [
{
"mac": "31:5e:f7:d7:d3:31",
"ip": "74.177.148.86"
}
],
"policy": {
"guid": "520c7c68-a637-43b1-b851-7830b0b336b6",
"name": "Protect Policy"
},
"groups": [
{
"guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"name": "Protect"
}
],
"last_seen": "2022-03-18T11:40:01Z",
"faults": [
],
"isolation": {
"available": false,
"status": "not_isolated"
},
"orbital": {
"status": "not_enabled"
}
},
{
"connector_guid": "8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"hostname": "Demo_AMP_Exploit_Prevention",
"windows_processor_id": "30f6257891edb4a",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"trajectory": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"connector_version": "99.0.99.20946",
"operating_system": "Windows 10",
"os_version": "10.0.19044.1466",
"internal_ips": [
"99.193.103.205"
],
"external_ip": "61.151.3.61",
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"install_date": "2022-02-16T11:40:00Z",
"is_compromised": false,
"demo": true,
"network_addresses": [
{
"mac": "c1:f9:f5:d3:ba:54",
"ip": "99.193.103.205"
}
],
"policy": {
"guid": "520c7c68-a637-43b1-b851-7830b0b336b6",
"name": "Protect Policy"
},
"groups": [
{
"guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03",
"name": "Protect"
}
],
"last_seen": "2022-03-18T11:40:00Z",
"faults": [
],
"isolation": {
"available": false,
"status": "not_isolated"
},
"orbital": {
"status": "not_enabled"
}
}
]
}
Fetch list of computers filtered by last_seen_over
Request
Requires AuthorizationGET /v1/computers?last_seen_over=7&limit=10&offset=0
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/computers?last_seen_over=7&limit=10&offset=0'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/computers?last_seen_over=7&limit=10&offset=0'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 896 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2848 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"14bcb16813f2e0c54d0b526a8467fe13" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/computers?last_seen_over=7&limit=10&offset=0",
"next": "https://api.amp.cisco.com/v1/computers?last_seen_over=7&limit=10&offset=10"
},
"results": {
"total": 14,
"current_item_count": 10,
"index": 0,
"items_per_page": 10
}
},
"data": [
{
"connector_guid": "9cc16b53-6e61-4e9a-b93a-2ec21a3d741f",
"hostname": "mock_win_91fbd6",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/9cc16b53-6e61-4e9a-b93a-2ec21a3d741f",
"trajectory": "https://api.amp.cisco.com/v1/computers/9cc16b53-6e61-4e9a-b93a-2ec21a3d741f/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/65f1129f-2481-4410-9f1b-5ed0648d88d7"
},
"connector_version": "7.0.5.11385",
"operating_system": "Windows Ultimate",
"os_version": "0.0.7600",
"internal_ips": [
],
"external_ip": "127.0.0.1",
"group_guid": "65f1129f-2481-4410-9f1b-5ed0648d88d7",
"install_date": "2019-07-26T19:38:07Z",
"is_compromised": false,
"demo": false,
"network_addresses": [
{
"mac": "45:2A:00:ca:4e:65",
"ip": ""
}
],
"policy": {
"guid": "66a6a7f2-ec78-4cee-b8e3-7a6589e2c494",
"name": "Endpoint Isolation Policy"
},
"groups": [
{
"guid": "65f1129f-2481-4410-9f1b-5ed0648d88d7",
"name": "Endpoint Isolation Group"
}
],
"last_seen": "2019-07-26T19:38:07Z",
"faults": [
],
"isolation": {
"available": true,
"status": "pending_stop"
},
"orbital": {
"status": "not_enabled"
}
},
{
"connector_guid": "96a7d999-6045-41af-80a1-06454d02289d",
"hostname": "mock_win_92b855",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/96a7d999-6045-41af-80a1-06454d02289d",
"trajectory": "https://api.amp.cisco.com/v1/computers/96a7d999-6045-41af-80a1-06454d02289d/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/65f1129f-2481-4410-9f1b-5ed0648d88d7"
},
"connector_version": "7.0.5.11385",
"operating_system": "Windows Ultimate",
"os_version": "0.0.7600",
"internal_ips": [
],
"external_ip": "127.0.0.1",
"group_guid": "65f1129f-2481-4410-9f1b-5ed0648d88d7",
"install_date": "2019-07-25T21:38:18Z",
"is_compromised": false,
"demo": false,
"network_addresses": [
{
"mac": "45:2A:00:ca:4e:65",
"ip": ""
}
],
"policy": {
"guid": "66a6a7f2-ec78-4cee-b8e3-7a6589e2c494",
"name": "Endpoint Isolation Policy"
},
"groups": [
{
"guid": "65f1129f-2481-4410-9f1b-5ed0648d88d7",
"name": "Endpoint Isolation Group"
}
],
"last_seen": "2019-07-25T21:38:18Z",
"faults": [
],
"isolation": {
"available": true,
"status": "pending_start"
},
"orbital": {
"status": "not_enabled"
}
}
]
}