Is there an API query that returns a list of endpoints that have tamper protection enabled?
Article ID: 284801
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
Is there an API query that returns a list of endpoints with Tamper Protection enabled?
Environment
- App Control: All supported versions
Resolution
|
NOTE: The following information is a best effort as writing API Scripts and/or supporting the API functionality for customer written scripts falls outside the scope of Carbon Black Support. |
import requests, json, urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
# --- Prepare our request header and url ---
authJson={
'X-Auth-Token': 'YOUR-API-TOKEN-HERE', # Replace with actual user token
'content-type': 'application/json'
}
b9StrongCert = False # Set to False if your Server has self-signed IIS certificate
url = 'https://SERVERADDRESS/api/bit9platform' # Replace with actual Server Address
# --- Get computers without tamper protection enabled ---
computers = requests.get(url + '/v1/computer?q=tamperProtectionActive:false',
headers=authJson,
verify=b9StrongCert).json()
# --- For each computer found, send request to enable tamper protection
for c in computers:
print c['name'] + " " + c['agentVersion'] + ": Enabling Tamper Protection..."
requests.post(
url+'/v1/computer?newTamperProtectionActive=true',
json.dumps(c), headers=authJson, verify=b9StrongCert)
Collapse
Additional Information
- For question regarding the query please reach out to the CB Developer Network on the User Exchange
- Getting Started with App Control APIs & Integrations
- Use Postman to Retrieve Data Via API
- Manage API Users and Tokens
Feedback
Yes
No
Powered by
