Cisco AMP for Endpoints API

GET /v1/policies

Description

Returns a list of policies. You can filter this list by name and product.

Query Parameters

Name	Type	Example Values
`product[]`	String	windows
`limit`	Integer	10, 3
`offset`	Integer	2
`name[]`	String	Audit Policy

Show Response Fields

Name	Type	Description
version	String
metadata.links.self	String
metadata.links.prev	String
metadata.links.next	String
metadata.results.total	Integer
metadata.results.current_item_count	Integer
metadata.results.index	Integer
metadata.results.items_per_page	Integer
data	Array
data[].name	String
data[].guid	GUID
data[].product	String
data[].default	Boolean
data[].serial_number	Integer
data[].links.policy	String

Write

Preview

Describe this action in markdown

Auto Generate

Examples

Fetch list of policies

Fetch list of policies filtered by name

Fetch list of policies filtered by product

Fetch list of policies

Request

Requires Authorization

GET /v1/policies?limit=3&offset=2

Headers

accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.eu.amp.cisco.com/v1/policies?limit=3&offset=2'

Response

Shortened for readability

content-type: application/json; charset=utf-8
transfer-encoding: chunked
status: 200 OK
x-ratelimit-limit: 3000
x-ratelimit-reset: 1956
referrer-policy: strict-origin-when-cross-origin
x-ratelimit-remaining: 2783
x-permitted-cross-domain-policies: none
x-download-options: noopen
etag: W/"bdd82b966fbb578c9f6dda2f4bf283aa"
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2021-05-05T23:55:49Z
strict-transport-security: max-age=31536000

{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.eu.amp.cisco.com/v1/policies?limit=3&offset=2",
      "prev": "https://api.eu.amp.cisco.com/v1/policies?limit=3&offset=0",
      "next": "https://api.eu.amp.cisco.com/v1/policies?limit=3&offset=5"
    },
    "results": {
      "total": 15,
      "current_item_count": 3,
      "index": 2,
      "items_per_page": 3
    }
  },
  "data": [
    {
      "name": "Protect",
      "description": "This is the standard policy for Clarity that will log and alert on convictions and block any potentially malicious traffic.",
      "guid": "2d167ea4-5020-4ea1-aa99-b1ec025a7a48",
      "product": "ios",
      "default": false,
      "serial_number": 125,
      "links": {
        "policy": "https://api.eu.amp.cisco.com/v1/policies/2d167ea4-5020-4ea1-aa99-b1ec025a7a48"
      }
    },
    {
      "name": "Audit Policy for FireAMP Linux",
      "description": "",
      "guid": "f55db9c4-51a0-4e3b-8a3a-6532f06fc0c8",
      "product": "linux",
      "default": true,
      "serial_number": 120,
      "links": {
        "policy": "https://api.eu.amp.cisco.com/v1/policies/f55db9c4-51a0-4e3b-8a3a-6532f06fc0c8"
      }
    }
  ]
}

Fetch list of policies filtered by name

Request

Requires Authorization

GET /v1/policies?name%5B%5D=00-cat-forensic-mar25&limit=10

Headers

accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.eu.amp.cisco.com/v1/policies?name%5B%5D=00-cat-forensic-mar25&limit=10'

Response

Shortened for readability

content-type: application/json; charset=utf-8
transfer-encoding: chunked
status: 200 OK
x-ratelimit-limit: 3000
x-ratelimit-reset: 1956
referrer-policy: strict-origin-when-cross-origin
x-ratelimit-remaining: 2781
x-permitted-cross-domain-policies: none
x-download-options: noopen
etag: W/"d1ebfafd8a5936c0c78e42002a360eed"
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2021-05-05T23:55:49Z
strict-transport-security: max-age=31536000

{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.eu.amp.cisco.com/v1/policies?name%5B%5D=00-cat-forensic-mar25&limit=10"
    },
    "results": {
      "total": 1,
      "current_item_count": 1,
      "index": 0,
      "items_per_page": 10
    }
  },
  "data": [
    {
      "name": "00-cat-forensic-mar25",
      "description": "",
      "guid": "3dc1435d-bdc8-4a9d-9da5-e7371562378d",
      "product": "windows",
      "default": false,
      "serial_number": 131,
      "links": {
        "policy": "https://api.eu.amp.cisco.com/v1/policies/3dc1435d-bdc8-4a9d-9da5-e7371562378d"
      }
    }
  ]
}

Fetch list of policies filtered by product

Request

Requires Authorization

GET /v1/policies?product%5B%5D=windows&limit=10

Headers

accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED

cURL Edit, then copy and paste on your terminal

curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.eu.amp.cisco.com/v1/policies?product%5B%5D=windows&limit=10'

Response

Shortened for readability

content-type: application/json; charset=utf-8
transfer-encoding: chunked
status: 200 OK
x-ratelimit-limit: 3000
x-ratelimit-reset: 1954
referrer-policy: strict-origin-when-cross-origin
x-ratelimit-remaining: 2780
x-permitted-cross-domain-policies: none
x-download-options: noopen
etag: W/"857583361a66d410c1ef09d5b7d09a3d"
x-frame-options: SAMEORIGIN
x-ratelimit-resetdate: 2021-05-05T23:55:49Z
strict-transport-security: max-age=31536000

{
  "version": "v1.2.0",
  "metadata": {
    "links": {
      "self": "https://api.eu.amp.cisco.com/v1/policies?product%5B%5D=windows&limit=10"
    },
    "results": {
      "total": 7,
      "current_item_count": 7,
      "index": 0,
      "items_per_page": 10
    }
  },
  "data": [
    {
      "name": "00-cat-forensic-mar25",
      "description": "",
      "guid": "3dc1435d-bdc8-4a9d-9da5-e7371562378d",
      "product": "windows",
      "default": false,
      "serial_number": 131,
      "links": {
        "policy": "https://api.eu.amp.cisco.com/v1/policies/3dc1435d-bdc8-4a9d-9da5-e7371562378d"
      }
    },
    {
      "name": "Audit Policy",
      "description": "",
      "guid": "89912c9e-8dbd-4c2b-a1d8-dee8a0c2bb29",
      "product": "windows",
      "default": true,
      "serial_number": 112,
      "links": {
        "policy": "https://api.eu.amp.cisco.com/v1/policies/89912c9e-8dbd-4c2b-a1d8-dee8a0c2bb29"
      }
    }
  ]
}