SEP 15 PowerShell API Example Script
Article ID: 176023
Updated On:
Products
Issue/Introduction
- Following API documentation for SEP 15 works in postman, but does not work in PowerShell.
- SEP 15 PowerShell API Example Script
- How can I create an API request using PowerShell in SEP 15?
Resolution
- Get the Client ID and Client Secret by logging into the SEP 15 Console: https://sep.securitycloud.symantec.com
- Go to Endpoint > Integration > Client Applications
- You can use an existing client application or create a new one by choosing "Client Application".
- This is where you will get your Client ID, Client Secret, Customer ID, and Domain ID.
- More information here: https://apidocs.symantec.com/home/sep_15
Use the following Sample PowerShell script to generate the token. Fill out the clientid, clientsecret, x-epmp-customer-id, and x-epmp-domain-id.
# Get Authorization Token
$clientid = ''
$clientsecret = ''
$cred = [Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($clientid + ':' + $clientsecret))
$uri = 'https://usea1.r3.securitycloud.symantec.com/r3_epmp_i'
$path = '/oauth2/tokens'
$params = '?grant_type=client_credentials'
$method = 'Post'
$headers = @{
'Authorization' = "Basic $cred";
'Accept' = 'application/json';
'Content-Type' = 'application/x-www-form-urlencoded';
}
$auth = Invoke-RestMethod -Uri $uri$path$params -Method $method -Headers $headers
# Export Events
$path = '/sccs/v1/events/export'
$params = ''
$method = 'Post'
$headers = @{
'Authorization' = $auth.access_token;
'Content-Type' = 'application/json';
'x-epmp-customer-id' = '';
'x-epmp-domain-id' = '';
'x-epmp-product' = 'SAEP';
}
$request_info = @{
'batchSize' = '10000';
'type' = 'FIREWALL';
'startDate' = '1970-01-01T00:00:00.000Z';
'endDate' = Get-Date -UFormat "%Y-%m-%dT%H:%M:%S.000Z";
}
$body = $request_info | ConvertTo-Json -Compress
echo $body
$events = Invoke-RestMethod -Uri $uri$path$params -Method $method -Headers $headers -Body $body
echo $events
Feedback
