cancel
Showing results for 
Search instead for 
Did you mean: 
vidrine
Level 9
Report Inappropriate Content
Message 1 of 46

McAfee Open API via PowerShell

Wanted to start a discussion for a few reasons.

(1) To see if any other community members are accessing/using the API via PowerShell.

(2) To begin a point of reference for my development of PowerShell modules/scripts for the Open API.

I've recently been tasked with starting development work within our environment using the Open APIs, and coming from a Windows shop - the scripting choice is PowerShell (and .NET).  I've been looking around online, but noticed that there aren't many articles on the use of PowerShell with the APIs. 

So, please, if your or someone you know is doing any work with the APIs via PowerShell - point them in this direction.

Message was edited by: wp4n on 1/18/12 4:32:47 PM CST
45 Replies
prinand
Level 7
Report Inappropriate Content
Message 2 of 46

Re: McAfee Open API via PowerShell

I managed to get some commands working:

[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

$url = "https://Servername_or_localhost:8443/remote/system.findGroups?searchText=Region"
$username = "username"
$pwd = "password"
$wc = new-object System.net.WebClient
$wc.Credentials = new-object System.Net.NetworkCredential($username, $pwd)
$webpage = $wc.DownloadString($url)

if ($webpage.IndexOf('groupId:') -gt 0)
{
    $groupId = $webpage.Substring($webpage.IndexOf('groupId')+9, $webpage.IndexOf('groupPath') - $webpage.IndexOf('groupId')-9)

    $groupId

}

obviously replace region with a sub"folder" that exists in your system tree in the ePO console.

however more comlex commands which require an link to a local file does not work yet...

so I just created a small python script that I call from powershell:

c:\python26\python.exe d:\tools\andre\myPythonScript.py

which executes the mc.system.importSystem(uploadFile="file///d:\tools\andre\tree.txt",branchNodeId='2')

so... if someone figures out how to fix this for a windows system, let me know

vidrine
Level 9
Report Inappropriate Content
Message 3 of 46

Re: McAfee Open API via PowerShell

@prinand - I'll try to take a look at your code this week to see if I can get it working.  Glad to see at least one other person working with some PowerShell.

I've started tinkering around and I'll post a compiled module once I have enough built.  For now, I'll just upload the functions that I complete in pieces.

----------------------------------------------------------------------------------------------------------------------

<#

.SYNOPSIS

          Author: WP4N

          Date:    2012.01.30

.DESCRIPTION

          Web Client initialization and authentication to the McAfee ePO server.

#>

#region << ePO Connection and Initialization >>

<#

.DESCRIPTION

          This function is used to begin the connection attempt.  This will call two subsequent functions (1) to create the web client, and (2) to prompt the user for credentials used for authentication.

.EXAMPLE

          McAfee-Connect

#>

function McAfee-Connect{

     param([String]$script:ServerURL="https://SERVERNAME:8443")

     $c = McAfee-Credential

     $script:wc = McAfee-WebClient -Credential $c

}

<#

.DESCRIPTION

          Calls the Get-Credential cmdlet to prompt the user for authentication credentials.  These are passed to the web client during initialization.

#>

function McAfee-Credential{

     $c = Get-Credential -Credential $null

     return $c

}

<#

.DESCRIPTION

          Creates the .NET web client and populates the previously gathered credentials in the object.

#>

function McAfee-WebClient{

     param($Credential)

     $wc = new-object system.net.webclient

     $wc.credentials = New-Object System.Net.NetworkCredential -ArgumentList ($Credential.GetNetworkCredential().username,$Credential.GetNetworkCredential().password)

     return $wc

}

#endregion

----------------------------------------------------------------------------------------------------------------------

Message was edited by: wp4n on 1/30/12 5:42:04 PM CST

Re: McAfee Open API via PowerShell

Thanks to Prinand, I was able to get the following working to Tag multiple systems at once using a source CSV file:

$epoServer = "https://<server>:<port>"
$Credential = get-credential -Credential $null
$epoUser = $Credential.GetNetworkCredential().username
$epoPassword = $Credential.GetNetworkCredential().password

$arrSys = Import-Csv ".\test.csv"

foreach ($sys in $arrSys) {

      $compName = $sys.hostname
      $epoTag = $sys.tag

      $url = "$epoServer/remote/system.applyTag?names=$compName&tagName=$epoTag"
      $wc = new-object system.net.webclient
      $wc.credentials = New-Object System.Net.NetworkCredential `
                                     -ArgumentList ($epoUser,$epoPassword)
      $wc.DownloadString($url)

}

Re: McAfee Open API via PowerShell

I created a Powershell module in C# months ago, but I had to stop working on the project due to workload. I implemented cmdlets to get system properties, add and remove tags, get and run ePO queries, and maybe some other stuff I forgot about.

I'm thinking of digging up and continuing the project, if the community is still interested.

prinand
Level 7
Report Inappropriate Content
Message 6 of 46

Re: McAfee Open API via PowerShell

so far I can do almost anything in powershell with the webapi.

my biggest problem is those commands that can import computers from a flat file.

I have not been able to achieve that in powershell. I actually even created a very small python script that did import the computers, which I called out of my powershell script.

so... if you can add that capability in any way, I would be very interrested.

ramil
Level 9
Report Inappropriate Content
Message 7 of 46

Re: McAfee Open API via PowerShell

I downloaded and used your module today. I'd like you to continue with this !

Or if you're not interested in developing it, share the source

bartb
Level 7
Report Inappropriate Content
Message 8 of 46

Re: McAfee Open API via PowerShell

I'm trying to impliment some powershell scripts for ePo, but I'm having difficulty getting started.  I was looking for resources and found this forum post.  Not sure if anyone is still playing with this, but I was hoping for some help.  I've used some of the code snippets here to get started, but I don't understand how to send commands to ePo through the web object, any help or suggestions?

vidrine
Level 9
Report Inappropriate Content
Message 9 of 46

Re: McAfee Open API via PowerShell

Do you have any examples of what you're using and/or what commands you're trying to accomplish?

Re: McAfee Open API via PowerShell

I currently use Powershell for everything I can with the WebAPI. I also user Mischa's module which has been a big help for what he has completed on it. My Latest undertaking has been with Rogue System Detection. I take a list of machines and parse out their information and add them to the exceptions list if required. I have a few other that I am either working on or completed. If you are interested in seeing any code snippets I would be happy to provide them. Like wp4n stated, what are you looking for?

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community