Secure Endpoint API - missing "av_update_definitions" values

Bunged · ‎11-30-2023

Hello,
I am currently working on an integration that requires me to export details about our computers from the Secure Endpoint API

One of the information I'm interested in is the timestamp from the last AV definition update.
However, I have noticed that this information is sometimes missing from the "/v1/computers" endpoint.
After investigating further, I found that "version" and "updated_at" are deducted from the response whenever the definitions are outdated. For example:

Computer A

API: /v1/computers
[...]

"av_update_definitions": {
    "detection_engine": "TETRA 64 bit",
    "status": "Definitions Outdated"
},

API: /v1/computers/{connector_guid}
[...]

"av_update_definitions": {
   "detection_engine": "TETRA 64 bit",
   "status": "Definition Update Failed",
   "updated_at": "2023-09-04T13:36:05+00:00"
},

Computer B

API: /v1/computers
[...]

"av_update_definitions": {
  "detection_engine": "TETRA 64 bit",
  "status": "Definitions Up To Date",
  "updated_at": "2023-11-30T15:18:14+00:00",
  "version": "91637"
},

API: /v1/computers/{connector_guid}
[...]

"av_update_definitions": {
   "detection_engine": "TETRA 64 bit",
   "status": "Definitions Up To Date",
   "updated_at": "2023-11-30T15:18:14+00:00",
   "version": "91637"
},

As a result, we have to call the details page for each computer individually, which is time-consuming and puts unnecessary stress on your API endpoint.
It would be greatly appreciated if these two pieces of information could be included in the response regardless of whether the definitions are outdated or not. This would help us save time and resources while using your API.

Matthew Franks · ‎12-01-2023

I've created an issue for our team to investigate making this change. Thanks for reporting this.

-Matt