GET /v1/vulnerabilities/{:sha256}/computers
Description
Provides a list of computers on which the vulnerability has been observed with given SHA-256.
The list can be filtered to show only the vulnerable computers observed for a specific time range. For example, the query string: start_time=2019-05-15&end_time=2019-05-20
, will return any vulnerable computers observed during the period from 2019-05-15 to 2019-05-20.
The start_time
and end_time
parameters accept date and time expressed according to ISO 8601.
Query Parameters
Name | Type | Example Values | Description |
---|---|---|---|
start_time |
Date | 2019-05-22, 2019-05-22T07:05:49+00:00 | |
end_time |
Date | 2019-05-26, 2019-05-26T07:05:49+00:00 | |
offset |
Integer | 0 | |
limit |
Integer | 5 | |
group_guid[] |
GUID | 68665863-74d5-4bc1-ac7f-5477b2b6406e |
Name | Type | Description |
---|---|---|
version | String | |
metadata.links.self | String | |
metadata.results.total | Integer | |
metadata.results.current_item_count | Integer | |
metadata.results.index | Integer | |
metadata.results.items_per_page | Integer | |
data | Array | |
data[].connector_guid | GUID | |
data[].hostname | String | |
data[].active | Boolean | |
data[].links.computer | String | |
data[].links.trajectory | String | |
data[].links.group | String | |
data[].group_guid | GUID |
Examples
- Fetch computers on which a specific vulnerability has been observed with given SHA-256
- Fetch computers on which a specific vulnerability has been observed with given SHA-256 and filter...
- Fetch computers on which a specific vulnerability has been observed with given SHA-256 and filter...
- Fetch computers on which a specific vulnerability has been observed with given SHA-256 and filter...
Fetch computers on which a specific vulnerability has been observed with given SHA-256
Request
Requires AuthorizationGET /v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?offset=0&limit=5
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?offset=0&limit=5'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?offset=0&limit=5'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 866 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2769 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"f3aa07103e52ca44f85daeb06e696069" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?offset=0&limit=5"
},
"results": {
"total": 1,
"current_item_count": 1,
"index": 0,
"items_per_page": 5
}
},
"data": [
{
"connector_guid": "8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"hostname": "Demo_AMP_Exploit_Prevention",
"windows_processor_id": "30f6257891edb4a",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"trajectory": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
}
]
}
Fetch computers on which a specific vulnerability has been observed with given SHA-256 and filter by time range
Request
Requires AuthorizationGET /v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?start_time=2022-03-11T10%3A20%3A00%2B00%3A00&end_time=2022-03-18T11%3A20%3A00%2B00%3A00&offset=0&limit=5
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?start_time=2022-03-11T10%3A20%3A00%2B00%3A00&end_time=2022-03-18T11%3A20%3A00%2B00%3A00&offset=0&limit=5'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?start_time=2022-03-11T10%3A20%3A00%2B00%3A00&end_time=2022-03-18T11%3A20%3A00%2B00%3A00&offset=0&limit=5'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 866 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2768 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"8a7ffc3f5fa3a19ee8424f4e6735508d" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?start_time=2022-03-11T10%3A20%3A00%2B00%3A00&end_time=2022-03-18T11%3A20%3A00%2B00%3A00&offset=0&limit=5"
},
"results": {
"total": 1,
"current_item_count": 1,
"index": 0,
"items_per_page": 5
}
},
"data": [
{
"connector_guid": "8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"hostname": "Demo_AMP_Exploit_Prevention",
"windows_processor_id": "30f6257891edb4a",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"trajectory": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
}
]
}
Fetch computers on which a specific vulnerability has been observed with given SHA-256 and filter by date range
Request
Requires AuthorizationGET /v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?start_time=2022-03-11&end_time=2022-03-18&offset=0&limit=5
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?start_time=2022-03-11&end_time=2022-03-18&offset=0&limit=5'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?start_time=2022-03-11&end_time=2022-03-18&offset=0&limit=5'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 865 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2767 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"82910748fca42b8e512cc7c7344861f9" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?start_time=2022-03-11&end_time=2022-03-18&offset=0&limit=5"
},
"results": {
"total": 1,
"current_item_count": 1,
"index": 0,
"items_per_page": 5
}
},
"data": [
{
"connector_guid": "8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"hostname": "Demo_AMP_Exploit_Prevention",
"windows_processor_id": "30f6257891edb4a",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"trajectory": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
}
]
}
Fetch computers on which a specific vulnerability has been observed with given SHA-256 and filter by group_guid
Request
Requires AuthorizationGET /v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?group_guid%5B%5D=b3ec6a58-20df-4504-b427-be2b8f922de5&offset=0&limit=5
Headers
accept: application/json
content-type: application/json
accept-encoding: identity
authorization: Basic FILTERED
cURL Edit, then copy and paste on your terminal
curl -X GET \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'accept-encoding: identity' \
--compressed -H 'Accept-Encoding: gzip, deflate' \
-u YOUR_API_CLIENT_ID \
'https://api.amp.cisco.com/v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?group_guid%5B%5D=b3ec6a58-20df-4504-b427-be2b8f922de5&offset=0&limit=5'
Response
cURL Edit, then copy and paste on your terminal
curl -X GET \ -H 'accept: application/json' \ -H 'content-type: application/json' \ -H 'accept-encoding: identity' \ --compressed -H 'Accept-Encoding: gzip, deflate' \ -u YOUR_API_CLIENT_ID \ 'https://api.amp.cisco.com/v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?group_guid%5B%5D=b3ec6a58-20df-4504-b427-be2b8f922de5&offset=0&limit=5'
Shortened for readability
content-type: application/json transfer-encoding: chunked status: 200 OK x-ratelimit-limit: 3000 x-ratelimit-reset: 865 strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000 referrer-policy: strict-origin-when-cross-origin x-ratelimit-remaining: 2766 x-permitted-cross-domain-policies: none x-download-options: noopen etag: W/"78cdb423f929610112a12211d0534701" x-frame-options: SAMEORIGIN x-ratelimit-resetdate: 2022-03-18T11:55:11Z
{
"version": "v1.2.0",
"metadata": {
"links": {
"self": "https://api.amp.cisco.com/v1/vulnerabilities/4312CDB2EAD8FD8D2DD6D8D716F3B6E9717B3D7167A2A0495E4391312102170F/computers?group_guid%5B%5D=b3ec6a58-20df-4504-b427-be2b8f922de5&offset=0&limit=5"
},
"results": {
"total": 1,
"current_item_count": 1,
"index": 0,
"items_per_page": 5
}
},
"data": [
{
"connector_guid": "8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"hostname": "Demo_AMP_Exploit_Prevention",
"windows_processor_id": "30f6257891edb4a",
"active": true,
"links": {
"computer": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c",
"trajectory": "https://api.amp.cisco.com/v1/computers/8ebeb060-465f-41a7-b7d0-b4490d8cc08c/trajectory",
"group": "https://api.amp.cisco.com/v1/groups/6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
},
"group_guid": "6c3c2005-4c74-4ba7-8dbb-c4d5b6bafe03"
}
]
}