0 Replies Latest reply on Sep 27, 2017 5:09 PM by rkwarner2

    McAfee & EPO API - Scan status

    rkwarner2

      Hello All,

       

      I've been working on automating several aspects of our security operations. One of those items is the process around scanning machines that may have malware on them. Right now, we go into the EPO console, find the machine, move it to our 'special' group and wake up agents to start of scan. I've been looking at the API and have found info on getting system information and wake up agent calls, but there doesn't seem to be anything related to checking the scan status, or getting results of the scan.

       

      Basically, using the API, I would like to:

      1. find the system to be scanned

      2. Move it to our 'special' group

      3. Wake up agents to start the scan.

      4. Check to be sure the scan is running (or then attempt to wake up agents again)

      5. Periodically check the scan status - (unless there is a way to receive a notification of scan complete).

      6. Once the scan is complete, check the log for any detections.

       

      1,2,3 seem doable with the current API, but are 4,5,6?

       

      If this is wrong forum, please direct me to the correct one.

       

      Thanks!