Solved

Using the api to clear threats

  • 6 December 2017
  • 3 replies
  • 60 views

Hi,
I was looking through the api reference and was wondering if it's possible to clear threats from a command issued via the api.
I'm currently looking into the api for a project for college.
 
From what I can gather, the most likely command would be this one:
/service/api/console/gsm/{gsmKey}/sites/{siteId}/endpoints/commandsThen I have a few questions, where do I find the available commands? And, is it possible to issue a command to a single endpoint? Because as far as I can see it's either to a site or a group of sites.
 
greetings 🙂
icon

Best answer by JosephRi 7 December 2017, 16:22

View original

3 replies

Userlevel 4
Badge +9
Hi @,
 
You are correct; that would be the request to issue a command to a list of endpoints, or all endpoints in a site. From the documentation at https://unityapi.webrootcloudav.com/Docs/en/APIDoc/Api/POST-api-console-gsm-gsmKey-sites-siteId-endpoints-commands, your available commands are "scan", "cleanup", "uninstall", "changekeycode", "restart". As you can see the, "scan" and "cleanup" commands here would take care of cleaning threats off of an endpoint.
 
EDIT: Sorry, I missed your last question. You would be able to issue a command to "a list of endpoints" by modifying the body of your request, and including your respective EndpointIDs.
 
For example :
"EndpointsList": "1053897c-09a9-45c3-8824-b4b263e9d29f,176c2d1e-241a-402b-a66c-0ec412605350" 
Best regards,
Joseph R.
Ah shoot, I must have missed that in the documentation!
Thanks so much!

I don't yet have something set up to test it out, but looking at the "EndpointsList", I assume I can put just one endpoint in there and it could clean that single one for me?
If I'd have something set up I could test it myself and the question would be irrelevant, so no need to answer if you feel like I should try myself. I'll get the same answer, just a little later 😉.

Thanks for helping me out!
Userlevel 4
Badge +9
Hi @,
 
Yes, you are correct. Adding a single EndpointID to the EndpointsList body value will only send the command to that specific endpoint.
 
Best regards,
Joseph R.

Reply