Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3127
Views
5
Helpful
2
Replies

Integration of AMP for endpoints with microsoft SCOM

Go to solution
t.raavig
Level 4
Level 4

‎01-05-2018 03:50 AM - edited ‎03-08-2019 05:45 PM

Does anybody have any exprience with AMP for endpoints forwarding information/logs to microsoft SCOM . Our customer wants to integrate AMP with SCOM . The only thing i have found is that maybe it can be solved devopling api rests. But would realy like to know if anybody  has any experince before I dig into devopling api rests.

 

Best Regards

 

Tom 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
David Janulik
Cisco Employee
Cisco Employee

‎01-10-2018 03:21 AM

The work can be done with API. This is easy to do with powershell a built in method called “Invoke-RestMethod” it is part of the default MS powershell utility module.
 
Guide to use it: 
 
Regarding these examples from the doc, you should get. 
 
Note 1: When using this method in powershell, the response is JSON (like AMP API is) powershell will convert the response automatically to objects so handling of json data may differ vs. what you are used to (no difference in the information its just accessing it via Index/Key may be a little different) 
 
Note 2: this module was made available in PS 3.0 and  greater.
 
For a specific help on composing API, please open a support ticket.
 
Best Regards
David
Cyber security escalation engineer

View solution in original post

2 Replies 2

Go to solution
David Janulik
Cisco Employee
Cisco Employee

‎01-10-2018 03:21 AM

The work can be done with API. This is easy to do with powershell a built in method called “Invoke-RestMethod” it is part of the default MS powershell utility module.
 
Guide to use it: 
 
Regarding these examples from the doc, you should get. 
 
Note 1: When using this method in powershell, the response is JSON (like AMP API is) powershell will convert the response automatically to objects so handling of json data may differ vs. what you are used to (no difference in the information its just accessing it via Index/Key may be a little different) 
 
Note 2: this module was made available in PS 3.0 and  greater.
 
For a specific help on composing API, please open a support ticket.
 
Best Regards
David
Cyber security escalation engineer

Go to solution
t.raavig
Level 4
Level 4
In response to David Janulik

‎01-13-2018 10:15 PM

Hi David

 

Thank you very much.

 

Looks likes this will give us a possiblity to solve the case. I will try this out together  with the customer.

 

Best regards

 

tom

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents