Cisco AMP for Endpoints API

GET /v1/computers

Description

Query Parameters

Name Type Example Values Description
hostname[] String mock_win_0f607e
limit Integer 10
offset Integer 20
internal_ip String
external_ip String 127.0.0.1
group_guid[] GUID 65f1129f-2481-4410-9f1b-5ed0648d88d7

Show Response Fields

Name Type Description
version String
metadata.links.self String
metadata.links.prev String
metadata.results.total Integer
metadata.results.current_item_count Integer
metadata.results.index Integer
metadata.results.items_per_page Integer
data Array
data[].connector_guid GUID
data[].hostname String
data[].active Boolean
data[].links.computer String
data[].links.trajectory String
data[].links.group String
data[].connector_version String
data[].operating_system String
data[].internal_ips Array
data[].external_ip String
data[].group_guid GUID
data[].install_date String (Time ISO8601)
data[].network_addresses Array
data[].network_addresses[].mac String
data[].network_addresses[].ip String
data[].policy.guid GUID
data[].policy.name String
data[].last_seen String (Time ISO8601)
data[].faults Array
data[].isolation.available Boolean
data[].isolation.status String
Write
Preview

Examples

Fetch list of computers
Fetch list of computers filtered by hostname
Fetch list of computers filtered by internal_ip
Fetch list of computers filtered by external_ip
Fetch list of computers filtered by group_guid

Fetch list of computers

Request

Requires Authorization
GET /v1/computers
Headers
accept: application/json
content-type: application/json
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.eu.amp.cisco.com/v1/computers'

Response

Shortened for readability

strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
status: 200 OK
x-ratelimit-limit: 3000
x-ratelimit-reset: 3590
x-ratelimit-remaining: 2969
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2019-09-30T15:59:05Z
transfer-encoding: chunked
{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.eu.amp.cisco.com/v1/computers"
    },
    "results": {
      "total": 23,
      "current_item_count": 23,
      "index": 0,
      "items_per_page": 500
    }
  },
  "data": [
    {
      "connector_guid": "dd225418-8019-43ef-aeed-758a720814c0",
      "hostname": "mock_win_0f607e",
      "active": true,
      "links": {
        "computer": "https://api.eu.amp.cisco.com/v1/computers/dd225418-8019-43ef-aeed-758a720814c0",
        "trajectory": "https://api.eu.amp.cisco.com/v1/computers/dd225418-8019-43ef-aeed-758a720814c0/trajectory",
        "group": "https://api.eu.amp.cisco.com/v1/groups/65f1129f-2481-4410-9f1b-5ed0648d88d7"
      },
      "connector_version": "6.4.1.11083",
      "operating_system": "Windows, SP 0.0",
      "internal_ips": [

      ],
      "external_ip": "127.0.0.1",
      "group_guid": "65f1129f-2481-4410-9f1b-5ed0648d88d7",
      "install_date": "2019-07-26T21:16:41Z",
      "network_addresses": [
        {
          "mac": "45:2A:00:ca:4e:65",
          "ip": ""
        }
      ],
      "policy": {
        "guid": "66a6a7f2-ec78-4cee-b8e3-7a6589e2c494",
        "name": "Endpoint Isolation Policy"
      },
      "last_seen": "2019-07-26T21:16:41Z",
      "faults": [

      ],
      "isolation": {
        "available": false,
        "status": "pending_stop"
      }
    },
    {
      "connector_guid": "683b5fd3-4d31-4608-9995-3640b98ff374",
      "hostname": "mock_win_1760f6",
      "active": true,
      "links": {
        "computer": "https://api.eu.amp.cisco.com/v1/computers/683b5fd3-4d31-4608-9995-3640b98ff374",
        "trajectory": "https://api.eu.amp.cisco.com/v1/computers/683b5fd3-4d31-4608-9995-3640b98ff374/trajectory",
        "group": "https://api.eu.amp.cisco.com/v1/groups/65f1129f-2481-4410-9f1b-5ed0648d88d7"
      },
      "connector_version": "6.4.1.11083",
      "operating_system": "Windows, SP 0.0",
      "internal_ips": [

      ],
      "external_ip": "127.0.0.1",
      "group_guid": "65f1129f-2481-4410-9f1b-5ed0648d88d7",
      "install_date": "2019-07-25T21:38:35Z",
      "network_addresses": [
        {
          "mac": "45:2A:00:ca:4e:65",
          "ip": ""
        }
      ],
      "policy": {
        "guid": "66a6a7f2-ec78-4cee-b8e3-7a6589e2c494",
        "name": "Endpoint Isolation Policy"
      },
      "last_seen": "2019-07-25T21:38:35Z",
      "faults": [

      ],
      "isolation": {
        "available": false,
        "status": "pending_stop"
      }
    }
  ]
}

Fetch list of computers filtered by hostname

Request

Requires Authorization
GET /v1/computers?hostname[]=mock_win_0f607e&limit=10&offset=20
Headers
accept: application/json
content-type: application/json
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.eu.amp.cisco.com/v1/computers?hostname[]=mock_win_0f607e&limit=10&offset=20'

Response

Shortened for readability

strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
status: 200 OK
x-ratelimit-limit: 3000
x-ratelimit-reset: 3589
x-ratelimit-remaining: 2967
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2019-09-30T15:59:05Z
transfer-encoding: chunked
{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.eu.amp.cisco.com/v1/computers?hostname[]=mock_win_0f607e&limit=10&offset=20",
      "prev": "https://api.eu.amp.cisco.com/v1/computers?hostname%5B%5D=mock_win_0f607e&limit=10&offset=0"
    },
    "results": {
      "total": 1,
      "current_item_count": 0,
      "index": 20,
      "items_per_page": 10
    }
  },
  "data": [

  ]
}

Fetch list of computers filtered by internal_ip

Request

Requires Authorization
GET /v1/computers?internal_ip=&limit=10&offset=20
Headers
accept: application/json
content-type: application/json
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.eu.amp.cisco.com/v1/computers?internal_ip=&limit=10&offset=20'

Response

Shortened for readability

strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
status: 400 Bad Request
x-ratelimit-limit: 3000
x-ratelimit-reset: 3589
x-ratelimit-remaining: 2965
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2019-09-30T15:59:05Z
transfer-encoding: chunked
{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.eu.amp.cisco.com/v1/computers?internal_ip=&limit=10&offset=20"
    }
  },
  "data": {
  },
  "errors": [
    {
      "error_code": 400,
      "description": "Bad Request",
      "details": [
        "internal_ip cannot be blank"
      ]
    }
  ]
}

Fetch list of computers filtered by external_ip

Request

Requires Authorization
GET /v1/computers?external_ip=127.0.0.1&limit=10&offset=20
Headers
accept: application/json
content-type: application/json
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.eu.amp.cisco.com/v1/computers?external_ip=127.0.0.1&limit=10&offset=20'

Response

Shortened for readability

strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
status: 200 OK
x-ratelimit-limit: 3000
x-ratelimit-reset: 3588
x-ratelimit-remaining: 2963
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2019-09-30T15:59:05Z
transfer-encoding: chunked
{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.eu.amp.cisco.com/v1/computers?external_ip=127.0.0.1&limit=10&offset=20",
      "prev": "https://api.eu.amp.cisco.com/v1/computers?external_ip=127.0.0.1&limit=10&offset=10"
    },
    "results": {
      "total": 23,
      "current_item_count": 3,
      "index": 20,
      "items_per_page": 10
    }
  },
  "data": [
    {
      "connector_guid": "33693156-e1e8-4199-b893-05ea684ba756",
      "hostname": "mock_win_d91054",
      "active": true,
      "links": {
        "computer": "https://api.eu.amp.cisco.com/v1/computers/33693156-e1e8-4199-b893-05ea684ba756",
        "trajectory": "https://api.eu.amp.cisco.com/v1/computers/33693156-e1e8-4199-b893-05ea684ba756/trajectory",
        "group": "https://api.eu.amp.cisco.com/v1/groups/65f1129f-2481-4410-9f1b-5ed0648d88d7"
      },
      "connector_version": "6.4.1.11083",
      "operating_system": "Windows, SP 0.0",
      "internal_ips": [

      ],
      "external_ip": "127.0.0.1",
      "group_guid": "65f1129f-2481-4410-9f1b-5ed0648d88d7",
      "install_date": "2019-07-25T21:39:30Z",
      "network_addresses": [
        {
          "mac": "45:2A:00:ca:4e:65",
          "ip": ""
        }
      ],
      "policy": {
        "guid": "66a6a7f2-ec78-4cee-b8e3-7a6589e2c494",
        "name": "Endpoint Isolation Policy"
      },
      "last_seen": "2019-07-25T21:39:30Z",
      "faults": [

      ],
      "isolation": {
        "available": false,
        "status": "pending_start"
      }
    },
    {
      "connector_guid": "401feec4-c575-4e24-8590-700ae1b9903c",
      "hostname": "mock_win_dc4309",
      "active": true,
      "links": {
        "computer": "https://api.eu.amp.cisco.com/v1/computers/401feec4-c575-4e24-8590-700ae1b9903c",
        "trajectory": "https://api.eu.amp.cisco.com/v1/computers/401feec4-c575-4e24-8590-700ae1b9903c/trajectory",
        "group": "https://api.eu.amp.cisco.com/v1/groups/65f1129f-2481-4410-9f1b-5ed0648d88d7"
      },
      "connector_version": "6.4.1.11083",
      "operating_system": "Windows, SP 0.0",
      "internal_ips": [

      ],
      "external_ip": "127.0.0.1",
      "group_guid": "65f1129f-2481-4410-9f1b-5ed0648d88d7",
      "install_date": "2019-07-26T21:16:12Z",
      "network_addresses": [
        {
          "mac": "45:2A:00:ca:4e:65",
          "ip": ""
        }
      ],
      "policy": {
        "guid": "66a6a7f2-ec78-4cee-b8e3-7a6589e2c494",
        "name": "Endpoint Isolation Policy"
      },
      "last_seen": "2019-07-26T21:16:12Z",
      "faults": [

      ],
      "isolation": {
        "available": false,
        "status": "pending_start"
      }
    }
  ]
}

Fetch list of computers filtered by group_guid

Request

Requires Authorization
GET /v1/computers?group_guid[]=65f1129f-2481-4410-9f1b-5ed0648d88d7&limit=10&offset=20
Headers
accept: application/json
content-type: application/json
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.eu.amp.cisco.com/v1/computers?group_guid[]=65f1129f-2481-4410-9f1b-5ed0648d88d7&limit=10&offset=20'

Response

Shortened for readability

strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
status: 200 OK
x-ratelimit-limit: 3000
x-ratelimit-reset: 3588
x-ratelimit-remaining: 2961
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2019-09-30T15:59:05Z
transfer-encoding: chunked
{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.eu.amp.cisco.com/v1/computers?group_guid[]=65f1129f-2481-4410-9f1b-5ed0648d88d7&limit=10&offset=20",
      "prev": "https://api.eu.amp.cisco.com/v1/computers?group_guid%5B%5D=65f1129f-2481-4410-9f1b-5ed0648d88d7&limit=10&offset=10"
    },
    "results": {
      "total": 23,
      "current_item_count": 3,
      "index": 20,
      "items_per_page": 10
    }
  },
  "data": [
    {
      "connector_guid": "33693156-e1e8-4199-b893-05ea684ba756",
      "hostname": "mock_win_d91054",
      "active": true,
      "links": {
        "computer": "https://api.eu.amp.cisco.com/v1/computers/33693156-e1e8-4199-b893-05ea684ba756",
        "trajectory": "https://api.eu.amp.cisco.com/v1/computers/33693156-e1e8-4199-b893-05ea684ba756/trajectory",
        "group": "https://api.eu.amp.cisco.com/v1/groups/65f1129f-2481-4410-9f1b-5ed0648d88d7"
      },
      "connector_version": "6.4.1.11083",
      "operating_system": "Windows, SP 0.0",
      "internal_ips": [

      ],
      "external_ip": "127.0.0.1",
      "group_guid": "65f1129f-2481-4410-9f1b-5ed0648d88d7",
      "install_date": "2019-07-25T21:39:30Z",
      "network_addresses": [
        {
          "mac": "45:2A:00:ca:4e:65",
          "ip": ""
        }
      ],
      "policy": {
        "guid": "66a6a7f2-ec78-4cee-b8e3-7a6589e2c494",
        "name": "Endpoint Isolation Policy"
      },
      "last_seen": "2019-07-25T21:39:30Z",
      "faults": [

      ],
      "isolation": {
        "available": false,
        "status": "pending_start"
      }
    },
    {
      "connector_guid": "401feec4-c575-4e24-8590-700ae1b9903c",
      "hostname": "mock_win_dc4309",
      "active": true,
      "links": {
        "computer": "https://api.eu.amp.cisco.com/v1/computers/401feec4-c575-4e24-8590-700ae1b9903c",
        "trajectory": "https://api.eu.amp.cisco.com/v1/computers/401feec4-c575-4e24-8590-700ae1b9903c/trajectory",
        "group": "https://api.eu.amp.cisco.com/v1/groups/65f1129f-2481-4410-9f1b-5ed0648d88d7"
      },
      "connector_version": "6.4.1.11083",
      "operating_system": "Windows, SP 0.0",
      "internal_ips": [

      ],
      "external_ip": "127.0.0.1",
      "group_guid": "65f1129f-2481-4410-9f1b-5ed0648d88d7",
      "install_date": "2019-07-26T21:16:12Z",
      "network_addresses": [
        {
          "mac": "45:2A:00:ca:4e:65",
          "ip": ""
        }
      ],
      "policy": {
        "guid": "66a6a7f2-ec78-4cee-b8e3-7a6589e2c494",
        "name": "Endpoint Isolation Policy"
      },
      "last_seen": "2019-07-26T21:16:12Z",
      "faults": [

      ],
      "isolation": {
        "available": false,
        "status": "pending_start"
      }
    }
  ]
}