Articles in this section

Available Cisco Secure Endpoint APIs

When you configure an export, import, other type of flow step using the prebuilt Cisco Secure connector, you can select any of the API operations listed below, organized by API type.

Note

If your API endpoint isn’t listed here, switch the flow step to HTTP mode and configure the endpoint provided in the Cisco Secure API documentation. You can also create a composite endpoint for this application in HTTP mode.

API v0 version

Resource

API endpoint

Export

Import

Event

Fetch list of events

X

Group

Fetch list of groups filtered by name

X

Fetch group with given group GUID

X

Computer activity

Fetch list of computers that have observed files with given file name

X

Event type

Fetch list of event types

X

Computer

Fetch list of computers

X

Fetch computer with given connector GUID

X

Fetch a specific computer's trajectory with given connector_GUID and filter for files with a SHA-256 value

X

API v1 version

Resource

API endpoint

Export

Import

Event

Fetch list of events

X

Computer activity

Fetch list of computers that have observed files with given file name

X

Event type

Fetch list of event types

X

Policy

Fetch list of policies filtered by product

X

Fetch policy for given policy GUID

X

Connector upgrade

Returns connector version

X

Assigns connector version

X

Unassigns connector version

X

Compromises

Fetch list of compromises

X

Provides the compromise status of a given computer

X

File list

Fetch list of application_blocking file_lists filtered by name

X

Fetch simple custom detection file list with given file list GUID

X

Fetch list of simple custom detections file lists filtered by name

X

Install package

Creates an android install package

X

Indicator

Fetch list of indicators

X

Fetch indicator with given indicator GUID

X

Vulnerabilities

Fetch list of vulnerabilities filtered by group GUID

X

Fetch computers on which a specific vulnerability has been observed with given SHA-256 and filter by group GUID

X

Group

Fetch list of groups filtered by name

X

Creates a new group

X

Fetch group with given group GUID

X

Updates group to given policies

X

Destroys group with a given GUID

X

Converts a group to a root group

X

Computer

All inventories count items

X

Fetch computer with given connector GUID

X

Moves computer to a group with given connector GUID and group GUID

X

Deletes a specific computer with given connector GUID

X

Fetch a specific computer's trajectory with given connector GUID and filter for files with a SHA-256 value

X

Fetch list of computers that have observed activity by given user name

X

Fetch a specific computer's trajectory with given connector GUID and filter for events with user name activity

X

Fetch a specific computer's vulnerabilities with given connector GUID and filter by date range

X

Fetch a specific computer's operating system vulnerabilities with given connector GUID

X

File list item

Fetch file list items associated with a specific file list with given file list GUID

X

Fetch file list item with a given SHA-256 and associated with file list for given file list GUID

X

Create a file list item with a given SHA-256 for a specific file list with a given file list GUID

X

Deletes file list item with a given SHA-256 and associated to file list with given file list GUID

X

Endpoint isolation

Show the isolation status of a computer

X

Isolates a computer

X

Stop isolation on a computer

X

Audit log

Fetch list of audit logs

X

Fetch list of audit log types

X

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.