Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com See the corresponding Indicators page in the portal. TABLE 1 Method Return Type Description List Indicators Indicator Collection List Indicator entities. Submit Indicator […]
Articles Tagged: Microsoft
File resource type (Microsoft)
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com Represent a file entity in Defender for Endpoint. Methods METHODS Method Return Type Description Get file file Get […]
Get domain-related alerts API (Microsoft)
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com API description Retrieves a collection of Alerts related to a given domain address. Limitations You can query on alerts last […]
Investigation resource type (Microsoft)
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com Represent an Automated Investigation entity in Defender for Endpoint. For more information, see Overview of automated investigations. Methods METHODS […]
Export assessment methods and properties per device (Microsoft)
API description Provides methods and property details about the APIs that pull threat and vulnerability management data on a per-device basis. There are different API calls to get different types of data. In general, each API call contains the requisite data for devices in your organization. Note Unless indicated otherwise, all export assessment methods listed are full […]
Update alert (Microsoft)
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com API description Updates properties of existing Alert. Submission of comment is available with or without updating properties. Updatable properties are: status, determination, classification, and assignedTo. […]
Batch update alerts (Microsoft)
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com API description Updates properties of a batch of existing Alerts. Submission of comment is available with or without updating properties. Updatable […]
Create alert API (Microsoft)
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com API description Creates new Alert on top of Event. Microsoft Defender for Endpoint Event is required for the alert creation. You need […]
List alerts API (Microsoft)
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com API description Retrieves a collection of Alerts. Supports OData V4 queries. OData supported operators: $filter on: alertCreationTime, lastUpdateTime, incidentId, InvestigationId, id, asssignedTo, detectionSource, lastEventTime, status, severity and category properties. $top with max value of […]
Alert resource type (Microsoft)
Note If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers. Tip For better performance, you can use server closer to your geo location: api-us.securitycenter.microsoft.com api-eu.securitycenter.microsoft.com api-uk.securitycenter.microsoft.com Methods METHODS Method Return Type Description Get alert Alert Get a single alert object. List alerts Alert collection List alert collection. Update alert […]