Sophos Endpoint API: How to GET information about Endpoint on Sophos Central using API. (PART 2)

1.Overview

To get the information about the Endpoint you will need to combine with the parameters taken in step 3 to authenticate and get the correct information you need. Sophos will give you GET some information about the Endpoint using the API. To be able to get the information you will need to understand more about a concept called “Paths” in the Endpoint API.

Just like in windows there are paths for saving files/folders, the concept of “Paths” in Endpoint API is similar. Paths is understood as the path to find or create objects with Endpoint API.

The article will guide you how to use the GET function to get the information you want on Sophos Central using the API in combination with Python code.

Link to the tutorial part 1: https://techbast.com/2022/10/sophos-endpoint-api-how-to-create-api-credentials-management-to-call-api-on-sophos-central-part-1.html

2. Instructions.

Step 1: Paths in Endpoint API.

Just like in windows there are paths for saving files/folders, the concept of “Paths” in Endpoint API is similar. Paths is understood as the path to find or create objects with Endpoint API.

You can access the following 2 links:

https://developer.sophos.com/docs/endpoint-v1/1/routes/policies/get

https://developer.sophos.com/docs/common-v1/1/routes/directory/users/get

For example: To get information about endpoints on Central will have the path “endpoint/v1/endpoints”.

Or Get information about policies that have been created on Central and applied to which endpoints will have the path “endpoint/v1/policies”.

Some common GET functions with paths:

  • List endpoint: “endpoint/v1/endpoints: Get information about Endpoints on Sophos Central.
  • List endpoint group: “endpoint/v1/endpoint-groups: Get information about the created Endpoint Group and the endpoints included in the group.
  • List users: “common/v1/directory/users: Get information about users and endpoint name login with user.
  • List users group: “common/v1/directory/user-groups: Get information about user groups and user in the group.
  • List policy: ““endpoint/v1/policies: Get information about policies available on Central in Endpoint Protection, Server Protection and Device Encryption.

Step 4.2: GET the information about the Endpoint

I will guide you to GET the information about the Endpoint in the same time, the information includes: List endpoint, list endpoint group, list users, list users group, list policy.

I have customized a python code file with the name “GET_INFO_ENDPOINT.py” combined with automatically getting the parameters in “Step 3” you will not need to enter these parameters, to get the information as above, you just need open CMD and run the python file to get the results.

You access the following link to get the Python code files used in the steps below

Link: https://drive.google.com/drive/u/0/folders/1jAVanOogWjC4bQuCVebrZqW0jeGAfMV_

The python code file has the following form:

You open CMD, run the file GET_INFO_ENDPOINT.py.

The results will be output in the API folder. Open these files with Visual Studio Code software to check the information obtained.

Example: Open List_Endpoint_Policies.json

Information obtained includes:

  • ID: The ID number that identifies the Policy “Device-Encryption”.
  • Name: Policy name
  • Type: Type of policy created
  • Settings: The settings are applied in Policy
  • True”: Settings is enabled
  • “False”: Settings is disabled

Step 4.3: Custom file GET_INFO_ENDPOINT.py to GET other information

As the links I have provided “Step 4.1“, there are many other parameters you can GET, I will guide you to customize the GET file above to get the information you want.

Example: You want to GET the information “Downloads” with the path “/endpoint/v1/downloads“.

You open the file GET_INFO_ENDPOINT.py, copy the line of code Get List User Groups and paste it below and change the following parameters:

+ Replace “/common/v1/directory/user-groups” with “/endpoint/v1/downloads”.

+ Change the output file name with the name you want with the extension .json

After editing, you click “Save” to save the changes.

You run the file GET_INFO_ENDPOINT.py again. The result will have an additional file List_Download.json

You open the file with Visual Studio Code and check the information obtained.

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.