cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1923
Views
5
Helpful
2
Replies
t.raavig
Enthusiast

Integration of AMP for endpoints with microsoft SCOM

Does anybody have any exprience with AMP for endpoints forwarding information/logs to microsoft SCOM . Our customer wants to integrate AMP with SCOM . The only thing i have found is that maybe it can be solved devopling api rests. But would realy like to know if anybody  has any experince before I dig into devopling api rests.

 

Best Regards

 

Tom 

1 ACCEPTED SOLUTION

Accepted Solutions
David Janulik
Cisco Employee

The work can be done with API. This is easy to do with powershell a built in method called “Invoke-RestMethod” it is part of the default MS powershell utility module.
 
Guide to use it: 
 
Regarding these examples from the doc, you should get. 
 
Note 1: When using this method in powershell, the response is JSON (like AMP API is) powershell will convert the response automatically to objects so handling of json data may differ vs. what you are used to (no difference in the information its just accessing it via Index/Key may be a little different) 
 
Note 2: this module was made available in PS 3.0 and  greater.
 
For a specific help on composing API, please open a support ticket.
 
Best Regards
David
Cyber security escalation engineer

View solution in original post

2 REPLIES 2
David Janulik
Cisco Employee

The work can be done with API. This is easy to do with powershell a built in method called “Invoke-RestMethod” it is part of the default MS powershell utility module.
 
Guide to use it: 
 
Regarding these examples from the doc, you should get. 
 
Note 1: When using this method in powershell, the response is JSON (like AMP API is) powershell will convert the response automatically to objects so handling of json data may differ vs. what you are used to (no difference in the information its just accessing it via Index/Key may be a little different) 
 
Note 2: this module was made available in PS 3.0 and  greater.
 
For a specific help on composing API, please open a support ticket.
 
Best Regards
David
Cyber security escalation engineer

View solution in original post

Hi David

 

Thank you very much.

 

Looks likes this will give us a possiblity to solve the case. I will try this out together  with the customer.

 

Best regards

 

tom

Content for Community-Ad

This widget could not be displayed.