Skip to content
/ amp-01-basics Public

Scripts that cover the basics of interacting with the AMP for Endpoints API

16 stars 10 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

CiscoSecurity/amp-01-basics

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
01_authentication.py
01_authentication.py
 
 
02a_get_computers_list.py
02a_get_computers_list.py
 
 
02b_get_computer_details.py
02b_get_computer_details.py
 
 
02c_get_computer_trajectory.py
02c_get_computer_trajectory.py
 
 
02d_get_computer_user_trajectory.py
02d_get_computer_user_trajectory.py
 
 
02e_get_user_activity.py
02e_get_user_activity.py
 
 
02f_search_environment_for_indicator.py
02f_search_environment_for_indicator.py
 
 
02g_move_computer_to_group.py
02g_move_computer_to_group.py
 
 
02h_delete_computer.py
02h_delete_computer.py
 
 
03_get_event_types.py
03_get_event_types.py
 
 
04_get_events.py
04_get_events.py
 
 
05a_get_groups_list.py
05a_get_groups_list.py
 
 
05b_get_group_details.py
05b_get_group_details.py
 
 
05c_create_new_group.py
05c_create_new_group.py
 
 
05d_set_policy_for_group.py
05d_set_policy_for_group.py
 
 
05e_make_group_a_child_of_another_group.py
05e_make_group_a_child_of_another_group.py
 
 
05f_make_a_child_group_a_parent.py
05f_make_a_child_group_a_parent.py
 
 
06a_get_policies_list.py
06a_get_policies_list.py
 
 
06b_get_policy_details.py
06b_get_policy_details.py
 
 
06c_get_policy_guid_xml.py
06c_get_policy_guid_xml.py
 
 
07a_get_simple_custom_dection_lists.py
07a_get_simple_custom_dection_lists.py
 
 
07b_get_application_blocking_lists.py
07b_get_application_blocking_lists.py
 
 
07c_get_file_list_details.py
07c_get_file_list_details.py
 
 
07d_get_list_of_SHA256s_on_a_file_list.py
07d_get_list_of_SHA256s_on_a_file_list.py
 
 
07e_get_info_about_a_SHA256_on_a_file_list.py
07e_get_info_about_a_SHA256_on_a_file_list.py
 
 
07f_add_SHA256_to_file_list.py
07f_add_SHA256_to_file_list.py
 
 
07g_delete_SHA256_from_file_list.py
07g_delete_SHA256_from_file_list.py
 
 
08a_get_event_streams_list.py
08a_get_event_streams_list.py
 
 
08b_get_event_stream_details.py
08b_get_event_stream_details.py
 
 
08c_create_event_stream.py
08c_create_event_stream.py
 
 
08d_update_event_stream.py
08d_update_event_stream.py
 
 
08e_delete_event_stream.py
08e_delete_event_stream.py
 
 
README.md
README.md
 
 

Repository files navigation

Gitter chat

AMP for Endpoint API Basics:

This collection of scripts cover the basics of interacting with the AMP for Endpoints API. Each script covers one API endpoint. These are intented to show the bare minimum required to interact with the API endpoint.

Before using you must update the following:

  • amp_client_id
  • amp_api_key

Additional variables where present:

  • computer_guid
  • user
  • query
  • group_guid
  • parent_group_guid
  • policy_guid
  • file_lists_guid
  • sha256
  • stream_id

When an additional variable is present in a script an example with the appropriate format is provided as a comment. These variables are noted with a < (less-than-sign) and > (greater-than-sign).

# EXAMPLE:
# computer_guid = 'd7fbcdb6-0a14-4e39-867e-02f5e1649497'
computer_guid = '<COMPUTER_GUID>'

Usage:

python 01_authentication.py

Example script output:

{'version': 'v1.2.0', 'metadata': {'links': {'self': 'https://api.amp.cisco.com/v1/version'}}, 'data': {}}

About

Scripts that cover the basics of interacting with the AMP for Endpoints API

Topics

basics amp-for-endpoints

Resources

Readme
Activity
Custom properties

Stars

16 stars

Watchers

9 watching

Forks

10 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages