Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I am trying to run the BrowserExtensionReporting module via Orbital. It is installed, saved in "C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BrowserExtensionReporting", and I think Orbital can find it:Get-Item "C:\Windows\System32\WindowsPower...
Is there any additional documentation (blogs, webinars, etc) beyond Microsoft Windows Endpoint Target (cisco.com) on how to set up a Windows Endpoint target in XDR? Is it possible to target internal endpoints? I am under the impression that it woul...
The HTTP Request fails when trying to query our secure email appliance using the subjectfilterValue parameter of a subject that contains an &, i.e subject is "Foo & Bar." /sma/api/v2.0/message-tracking/messages?searchOption=messages&ciscoHost=All_H...
Hi, within XDR I can conduct message remediation by pivoting off of a Cisco Message ID (MID):However I cannot seem to find any documentation detailing how to conduct message remediation with the API (PUT or POST with a list of MIDs) so I can incorpor...
Curious if there is way to mark a potential compromise as resolved with the API. I would like to automate some known false positives that routinely appear.I didn't notice any POSTs in the current version of the documentation (Secure Endpoint API - C...
Tracking the XDR option/profile for NVM but looking for more guidance on configuring a Microsoft Windows Endpoint Target. Guessing it needs a public IP address?
Thanks @eugechan , I created a new API client with Admin and Orbital options. I think I am making progress - I'll further review the API documentation. Appreciate your feedback!import requests
import json
url = "https://orbital.amp.cisco.com/v0/s...
I am a bit confused on the Orbital Script API document. I am hoping it is like using the Query body syntax where I can give it the name of the Script ("windows_exec_powershell_cmdlets" in this case) along with its arguments.import requests
import js...
