cancel
Showing results for 
Search instead for 
Did you mean: 

ePO Web API info

Jump to solution

I am not a developer and i am looking for some assistance for automating for data capturing from ePO for reporting purpose using the WebAPI; Below are the information i am looking for capturing VIA API programmatically;

Integrate API with ePO and pull the endpoint Info:

Assignment Path
System Name
IP Address
Operating System
Last Update
Product Version (VirusScan Enterprise)
DAT Version (VirusScan Enterprise)
Engine Version (VirusScan Enterprise)
Product Version (Endpoint Security Platform)
Product Version (Endpoint Security Threat Prevention)
Product Version (Endpoint Security Firewall)
AMCore Content Version
AMCore Engine Version
AMCORE Date
DAT Version (Non-Windows)
DAT Date

Questions:

1. Should i need to do any changes on the ePO console?

2. Is there a different URL for ePO API and is that different for each requirement? If I create a user and if the user had a admin role for ePO will that user can authenticate for Web API? is there any specific role for web API?

1 Solution

Accepted Solutions
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 46 of 51

Re: ePO Web API info

Jump to solution

From the SR that you opened, try this:


Its the + symbols 
Curl or URL encoding doesn't need that - use %20 for space characters instead
for the output, use this:

-o/--output <file>

Write output to <file> instead of stdout.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

50 Replies
McAfee Employee Hawkmoon
McAfee Employee
Report Inappropriate Content
Message 2 of 51

Re: ePO Web API info

Jump to solution

Hi Maheshnaidu,

Maybe this will help you!

The site/doc has example scripts and so on to help a user work with the interface.

ePolicy Orchestrator Web API-reference guide.

The above is hosted here, where additional documentation for products can be found!

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: ePO Web API info

Jump to solution


Thank you so much for your response; 

I am using a simple command to check the list of quires and epo verison, but the outcome is some thing to do with permission, but i had given a admin permission for the user i created. Any assistance?

C:\>curl -k -u epoadmin https://eposerverip:8443/remote/core.help?command=epo.getVersion
Enter host password for user 'epoadmin':
OK:
epo.getVersion
Gets the ePO version
Requires admin rights


C:\>curl -k -u epoadmin https://eposerverip:8443/remote/core.help?command=core.listQueries
Enter host password for user 'epoadmin':
OK:
core.listQueries
Displays all queries that the user is permitted to see. Returns the list of
queries or throws on error.
Requires permission to use queries.

Reliable Contributor Daniel_S
Reliable Contributor
Report Inappropriate Content
Message 4 of 51

Re: ePO Web API info

Jump to solution

Hi,

regarding your quesiotns:

1. There should be no need on doing changes to the ePO

2. Yes the URL is different like https://epo:8443/remote/your-desired-call and yes they differ from the type of action you want to achive. 

For example a nested query for systems that have "Lost" in their Systemtree-Branch looks like that:

https://epo:8443/remote/core.executeQuery?target=EPOLeafNode&select=(select EPOBranchNode.NodeTextPath2 EPOLeafNode.NodeName )&joinTables=EPOBranchNode&where=(where(contains EPOBranchNode.NodeTextPath2 "Lost"))

So it starts with /remote/core.executyQuery...

To run a certain servertask it would look like /remote/scheduler.runservertask?taskname=test

 

As for the permissionset I don´t know - but would bet that you have to be admin.

Best regards
Dan

Re: ePO Web API info

Jump to solution

Thank you so much for your response; 

I am using a simple command to check the list of quires and epo verison, but the outcome is some thing to do with permission, but i had given a admin permission for the user i created. Any assistance?

C:\>curl -k -u epoadmin https://eposerverip:8443/remote/core.help?command=epo.getVersion
Enter host password for user 'epoadmin':
OK:
epo.getVersion
Gets the ePO version
Requires admin rights


C:\>curl -k -u epoadmin https://eposerverip:8443/remote/core.help?command=core.listQueries
Enter host password for user 'epoadmin':
OK:
core.listQueries
Displays all queries that the user is permitted to see. Returns the list of
queries or throws on error.
Requires permission to use queries.

Re: ePO Web API info

Jump to solution

I am using a simple command to check the list of quires and epo verison, but the outcome is some thing to do with permission, but i had given a admin permission for the user i created. Any assistance?

C:\>curl -k -u epoadmin https://eposerverip:8443/remote/core.help?command=epo.getVersion
Enter host password for user 'epoadmin':
OK:
epo.getVersion
Gets the ePO version
Requires admin rights


C:\>curl -k -u epoadmin https://eposerverip:8443/remote/core.help?command=core.listQueries
Enter host password for user 'epoadmin':
OK:
core.listQueries
Displays all queries that the user is permitted to see. Returns the list of
queries or throws on error.
Requires permission to use queries.

Any assistance please?

McAfee Employee johma
McAfee Employee
Report Inappropriate Content
Message 7 of 51

Re: ePO Web API info

Jump to solution

HI, Maheshnaidu, 

I had a chat with Hawkmoon, See the following..

if the command is not working then the userid that you specified does not have admin rights. Either add admin permissions to the provided account or use the epo admin account ( admin ).

  1. Get customer to go into Queries and Reports.
  2. Create new report.
  3. Select criteria from Query builder that you require. .
  4. Save Query giving it a name.
  5. curl -k -u admin:adminpw https://eposerverip:8443/remote/core.listQueries -oqueries.txt

    This is an example:


    Id: 809
    Name: Sarah
    Description: Sarah API
    Criteria:
    Group Name: Endpoint Upgrade Assistant
    Owner: Public
    Database Type:
    Target: EPOLeafNode
    Created by: admin
    Created on: 28/06/19 12:04:23 BST
    Modified by: admin
    Modified on: 28/06/19 12:20:47 BST

  6. search "queries.txt" via notepad for name of new query and grab ID number.( mine was 809 ).

  7. curl -k -u admin:adminpw https://eposerverip:8443/remote/core.listQueries?queryId=809

    Should return the results from the report that you just created. You will need to parse/reformat as you require. 

    Hope this helps.


 







Was my reply helpful?


If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

Re: ePO Web API info

Jump to solution

Johma,

This is very informative, thank you so much; 

When i try this i get the permission error;  any advice will be much appreciated

I had given a admin permission and also tried other permissions to webapi user

C:\>curl -k -u webapi https://epoip:port/remote/core.help?command=core.listQueries -o apiquery.txt
Enter host password for user 'webapi':
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0Warning: Failed to create the file apiquery.txt: Permission denied
100 166 100 166 0 0 166 0 0:00:01 --:--:-- 0:00:01 709
curl: (23) Failed writing body (0 != 166)

 

Re: ePO Web API info

Jump to solution

I was able to execute the command and create the txt file; but inside txt file i could see this content:

 

OK:
core.listQueries
Displays all queries that the user is permitted to see. Returns the list of
queries or throws on error.
Requires permission to use queries.

 

which is a permission issue;

McAfee Employee johma
McAfee Employee
Report Inappropriate Content
Message 10 of 51

Re: ePO Web API info

Jump to solution

HI Maheshnaidu

Can you try the query with the epo admin account?

It may be that you don't have rights to add ePO admin to the "webapi" account even though you might have admin rights on a lower section of the system tree maybe?

It may be that you need to log a support case for further assistance, as I used my epo "admin" account and everything worked OK, 

It does look like the "webapi" login does not have rights. This will need to be resolved and you should be good from there with the information you have already. 




Was my reply helpful?


If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community