Indicates whether the configuration or policy is properly configured Indicates whether the configuration or policy is applicable Unique identifier for the device in the service.įully qualified domain name (FQDN) of the device. In many cases, this describes specific capabilities or features. Subcategory or subgrouping to which the configuration belongs. Onboard devices to Microsoft Defender for Endpoint Rated impact of the configuration to the overall configuration score (1-10) Unique identifier for a specific configuration These columns are temporary and might be removed, please use only the documented columns.Ĭategory or grouping to which the configuration belongs: Application, OS, Network, Accounts, Security controls Some additional columns might be returned in the response.When running this API, the resulting output will not necessarily be returned in the same order listed in this table. The properties defined in the following table are listed alphabetically, by property ID. $top: Number of results to return (doesn't return and therefore doesn't pull all the data).pageSize (default = 50,000): Number of results in response.'Read Threat and Vulnerability Management vulnerability information'ġ.3 URL GET /api/machines/SecureConfigurationsAssessmentByMachine To learn more, including how to choose permissions, see Use Microsoft Defender for Endpoint APIs for details. One of the following permissions is required to call this API. Rate limitations for this API are 30 calls per minute and 1000 calls per hour. This API response contains the Secure Configuration Assessment on your exposed devices, and returns an entry for every unique combination of DeviceId, ConfigurationId. Export secure configuration assessment (JSON response) 1.1 API method description Unless indicated otherwise, all export assessment methods listed are full export and by device (also referred to as per device). In order to collect historic data, customers must save the data in their own data storages. This API enables you to download all your data from Azure Storage as follows:Ĭall the API to get a list of download URLs with all your organization data.ĭownload all the files using the download URLs and process the data as you like.ĭata that is collected (using either JSON response or via files) is the current snapshot of the current state, and does not contain historic data. The response contains URLs to download all the data from Azure Storage. This API pulls all data in your organization as download files. Therefore, it is recommended for large organizations, with more than 100-K devices. The response is paginated, so you can use the field from the response to fetch the next results.Įxport secure configuration assessment via files: This API solution enables pulling larger amounts of data faster and more reliably. This method is best for small organizations with less than 100-K devices. Because the amount of data can be large, there are two ways it can be retrieved:Įxport secure configuration assessment JSON response: The API pulls all data in your organization as Json responses. There are different API calls to get different types of data. Returns all of the configurations and their status, on a per-device basis. Want to experience Microsoft Defender for Endpoint? Sign up for a free trial. Microsoft Defender Vulnerability Management.
0 Comments
Leave a Reply. |