cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
365
Views
0
Helpful
1
Replies

Secure Endpoint API - missing "av_update_definitions" values

Bunged
Level 1
Level 1

Hello,
I am currently working on an integration that requires me to export details about our computers from the Secure Endpoint API

One of the information I'm interested in is the timestamp from the last AV definition update.
However, I have noticed that this information is sometimes missing from the "/v1/computers" endpoint.
After investigating further, I found that "version" and "updated_at" are deducted from the response whenever the definitions are outdated. For example:

Computer A

API: /v1/computers
[...]

"av_update_definitions": {
"detection_engine": "TETRA 64 bit",
"status": "Definitions Outdated"
},
API: /v1/computers/{connector_guid}
[...]

"av_update_definitions": {
"detection_engine": "TETRA 64 bit",
"status": "Definition Update Failed",
"updated_at": "2023-09-04T13:36:05+00:00"
},

Computer B

API: /v1/computers
[...]

"av_update_definitions": {
"detection_engine": "TETRA 64 bit",
"status": "Definitions Up To Date",
"updated_at": "2023-11-30T15:18:14+00:00",
"version": "91637"
},
API: /v1/computers/{connector_guid}
[...]

"av_update_definitions": {
"detection_engine": "TETRA 64 bit",
"status": "Definitions Up To Date",
"updated_at": "2023-11-30T15:18:14+00:00",
"version": "91637"
},

As a result, we have to call the details page for each computer individually, which is time-consuming and puts unnecessary stress on your API endpoint.
It would be greatly appreciated if these two pieces of information could be included in the response regardless of whether the definitions are outdated or not. This would help us save time and resources while using your API.

1 Reply 1

Matthew Franks
Cisco Employee
Cisco Employee

I've created an issue for our team to investigate making this change. Thanks for reporting this.

-Matt