├── 01_authentication.py ├── 02a_get_computers_list.py ├── 02b_get_computer_details.py ├── 02c_get_computer_trajectory.py ├── 02d_get_computer_user_trajectory.py ├── 02e_get_user_activity.py ├── 02f_search_environment_for_indicator.py ├── 02g_move_computer_to_group.py ├── 02h_delete_computer.py ├── 03_get_event_types.py ├── 04_get_events.py ├── 05a_get_groups_list.py ├── 05b_get_group_details.py ├── 05c_create_new_group.py ├── 05d_set_policy_for_group.py ├── 05e_make_group_a_child_of_another_group.py ├── 05f_make_a_child_group_a_parent.py ├── 06a_get_policies_list.py ├── 06b_get_policy_details.py ├── 06c_get_policy_guid_xml.py ├── 07a_get_simple_custom_dection_lists.py ├── 07b_get_application_blocking_lists.py ├── 07c_get_file_list_details.py ├── 07d_get_list_of_SHA256s_on_a_file_list.py ├── 07e_get_info_about_a_SHA256_on_a_file_list.py ├── 07f_add_SHA256_to_file_list.py ├── 07g_delete_SHA256_from_file_list.py ├── 08a_get_event_streams_list.py ├── 08b_get_event_stream_details.py ├── 08c_create_event_stream.py ├── 08d_update_event_stream.py ├── 08e_delete_event_stream.py └── README.md /01_authentication.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | url = 'https://api.amp.cisco.com/v1/version' 8 | 9 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 10 | 11 | print(request.json()) 12 | -------------------------------------------------------------------------------- /02a_get_computers_list.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | url = 'https://api.amp.cisco.com/v1/computers' 8 | 9 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 10 | 11 | print(request.json()) 12 | -------------------------------------------------------------------------------- /02b_get_computer_details.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLE: 8 | # computer_guid = 'd7fbcdb6-0a14-4e39-867e-02f5e1649497' 9 | computer_guid = '' 10 | 11 | url = 'https://api.amp.cisco.com/v1/computers/{}'.format(computer_guid) 12 | 13 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 14 | 15 | print(request.json()) 16 | -------------------------------------------------------------------------------- /02c_get_computer_trajectory.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLE: 8 | # computer_guid = 'd7fbcdb6-0a14-4e39-867e-02f5e1649497' 9 | computer_guid = '' 10 | 11 | url = 'https://api.amp.cisco.com/v1/computers/{}/trajectory'.format(computer_guid) 12 | 13 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 14 | 15 | print(request.json()) 16 | -------------------------------------------------------------------------------- /02d_get_computer_user_trajectory.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLE: 8 | # computer_guid = 'd7fbcdb6-0a14-4e39-867e-02f5e1649497' 9 | computer_guid = '' 10 | 11 | url = 'https://api.amp.cisco.com/v1/computers/{}/user_trajectory'.format(computer_guid) 12 | 13 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 14 | 15 | print(request.json()) 16 | -------------------------------------------------------------------------------- /02e_get_user_activity.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLE: 8 | # user = 'johndoe' 9 | user = '' 10 | 11 | url = 'https://api.amp.cisco.com/v1/computers/user_activity' 12 | 13 | request = requests.get(url, auth=(amp_client_id, amp_api_key), params={'q':user}) 14 | 15 | print(request.json()) 16 | -------------------------------------------------------------------------------- /02f_search_environment_for_indicator.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLES: 8 | # query = 'sovereutilizeignty.com' 9 | # query = '814a37d89a79aa3975308e723bc1a3a67360323b7e3584de00896fe7c59bbb8e' 10 | # query = '75.102.25.76' 11 | # query = 'SearchProtocolHost.exe' 12 | query = '' 13 | 14 | url = 'https://api.amp.cisco.com/v1/computers/activity' 15 | 16 | request = requests.get(url, auth=(amp_client_id, amp_api_key), params={'q':query}) 17 | 18 | print(request.json()) 19 | -------------------------------------------------------------------------------- /02g_move_computer_to_group.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLES: 8 | # computer_guid = 'd7fbcdb6-0a14-4e39-867e-02f5e1649497' 9 | # group_guid = '68665863-74d5-4bc1-ac7f-5477b2b6406e' 10 | computer_guid = '' 11 | 12 | group_guid = '' 13 | 14 | url = 'https://api.amp.cisco.com/v1/computers/{}'.format(computer_guid) 15 | 16 | request = requests.patch(url, auth=(amp_client_id, amp_api_key), data={'group_guid':group_guid}) 17 | 18 | print(request.json()) 19 | -------------------------------------------------------------------------------- /02h_delete_computer.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLE: 8 | # computer_guid = 'd7fbcdb6-0a14-4e39-867e-02f5e1649497' 9 | computer_guid = '' 10 | 11 | url = 'https://api.amp.cisco.com/v1/computers/{}'.format(computer_guid) 12 | 13 | request = requests.delete(url, auth=(amp_client_id, amp_api_key)) 14 | 15 | print(request.json()) 16 | -------------------------------------------------------------------------------- /03_get_event_types.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | url = 'https://api.amp.cisco.com/v1/event_types' 8 | 9 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 10 | 11 | print(request.json()) 12 | -------------------------------------------------------------------------------- /04_get_events.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | url = 'https://api.amp.cisco.com/v1/events' 8 | 9 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 10 | 11 | print(request.json()) 12 | -------------------------------------------------------------------------------- /05a_get_groups_list.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | url = 'https://api.amp.cisco.com/v1/groups' 8 | 9 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 10 | 11 | print(request.json()) 12 | -------------------------------------------------------------------------------- /05b_get_group_details.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLES: 8 | # group_guid = '68665863-74d5-4bc1-ac7f-5477b2b6406e' 9 | group_guid = '' 10 | 11 | url = 'https://api.amp.cisco.com/v1/groups/{}'.format(group_guid) 12 | 13 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 14 | 15 | print(request.json()) 16 | -------------------------------------------------------------------------------- /05c_create_new_group.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | url = 'https://api.amp.cisco.com/v1/groups' 8 | 9 | data = {'name':'New Group','description':'This is a new group'} 10 | 11 | request = requests.post(url, auth=(amp_client_id, amp_api_key), data=data) 12 | 13 | print(request.json()) 14 | -------------------------------------------------------------------------------- /05d_set_policy_for_group.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLES: 8 | # group_guid = '68665863-74d5-4bc1-ac7f-5477b2b6406e' 9 | # windows_policy_guid = '89912c9e-8dbd-4c2b-a1d8-dee8a0c2bb29' 10 | group_guid = '' 11 | 12 | windows_policy_guid = '' 13 | 14 | url = 'https://api.amp.cisco.com/v1/groups/{}'.format(group_guid) 15 | 16 | data = {'windows_policy_guid':windows_policy_guid} 17 | 18 | request = requests.patch(url, auth=(amp_client_id, amp_api_key), data=data) 19 | 20 | print(request.json()) 21 | -------------------------------------------------------------------------------- /05e_make_group_a_child_of_another_group.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLES: 8 | # group_guid = '68665863-74d5-4bc1-ac7f-5477b2b6406e' 9 | # parent_group_guid = 'bfe6abd0-6591-4bf2-a0d3-02efc1cd268e' 10 | group_guid = '' 11 | 12 | parent_group_guid = '' 13 | 14 | url = 'https://api.amp.cisco.com/v1/groups/{}/parent'.format(group_guid) 15 | 16 | data = {'parent_group_guid':parent_group_guid} 17 | 18 | request = requests.patch(url, auth=(amp_client_id, amp_api_key), data=data) 19 | 20 | print(request.json()) 21 | -------------------------------------------------------------------------------- /05f_make_a_child_group_a_parent.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLE: 8 | # group_guid = '68665863-74d5-4bc1-ac7f-5477b2b6406e' 9 | group_guid = '' 10 | 11 | url = 'https://api.amp.cisco.com/v1/groups/{}/parent'.format(group_guid) 12 | 13 | request = requests.patch(url, auth=(amp_client_id, amp_api_key)) 14 | 15 | print(request.json()) 16 | -------------------------------------------------------------------------------- /06a_get_policies_list.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | url = 'https://api.amp.cisco.com/v1/policies' 8 | 9 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 10 | 11 | print(request.json()) 12 | -------------------------------------------------------------------------------- /06b_get_policy_details.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLE: 8 | # group_guid = '89912c9e-8dbd-4c2b-a1d8-dee8a0c2bb29' 9 | policy_guid = '' 10 | 11 | url = 'https://api.amp.cisco.com/v1/policies/{}'.format(policy_guid) 12 | 13 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 14 | 15 | print(request.json()) 16 | -------------------------------------------------------------------------------- /06c_get_policy_guid_xml.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLE: 8 | # group_guid = '89912c9e-8dbd-4c2b-a1d8-dee8a0c2bb29' 9 | policy_guid = '' 10 | 11 | url = 'https://api.amp.cisco.com/v1/policies/{}.xml'.format(policy_guid) 12 | 13 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 14 | 15 | print(request.text) 16 | -------------------------------------------------------------------------------- /07a_get_simple_custom_dection_lists.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | url = 'https://api.amp.cisco.com/v1/file_lists/simple_custom_detections' 8 | 9 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 10 | 11 | print(request.json()) 12 | -------------------------------------------------------------------------------- /07b_get_application_blocking_lists.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | url = 'https://api.amp.cisco.com/v1/file_lists/application_blocking' 8 | 9 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 10 | 11 | print(request.json()) 12 | -------------------------------------------------------------------------------- /07c_get_file_list_details.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLE: 8 | # file_lists_guid = 'e773a9eb-296c-40df-98d8-bed46322589d' 9 | file_lists_guid = '' 10 | 11 | url = 'https://api.amp.cisco.com/v1/file_lists/{}'.format(file_lists_guid) 12 | 13 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 14 | 15 | print(request.json()) 16 | -------------------------------------------------------------------------------- /07d_get_list_of_SHA256s_on_a_file_list.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLE: 8 | # file_lists_guid = 'e773a9eb-296c-40df-98d8-bed46322589d' 9 | file_lists_guid = '' 10 | 11 | url = 'https://api.amp.cisco.com/v1/file_lists/{}/files'.format(file_lists_guid) 12 | 13 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 14 | 15 | print(request.json()) 16 | -------------------------------------------------------------------------------- /07e_get_info_about_a_SHA256_on_a_file_list.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLES: 8 | # file_lists_guid = 'e773a9eb-296c-40df-98d8-bed46322589d' 9 | # sha256 = '4ce4e7ab22a8900bf438ff84baebe74d3ef3828a716b933b6e2a85b991b36f31' 10 | file_lists_guid = '' 11 | 12 | sha256 = '' 13 | 14 | url = 'https://api.amp.cisco.com/v1/file_lists/{}/files/{}'.format(file_lists_guid, sha256) 15 | 16 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 17 | 18 | print(request.json()) 19 | -------------------------------------------------------------------------------- /07f_add_SHA256_to_file_list.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLES: 8 | # file_lists_guid = 'e773a9eb-296c-40df-98d8-bed46322589d' 9 | # sha256 = '4ce4e7ab22a8900bf438ff84baebe74d3ef3828a716b933b6e2a85b991b36f31' 10 | file_lists_guid = '' 11 | 12 | sha256 = '' 13 | 14 | url = 'https://api.amp.cisco.com/v1/file_lists/{}/files/{}'.format(file_lists_guid, sha256) 15 | 16 | request = requests.post(url, auth=(amp_client_id, amp_api_key)) 17 | 18 | print(request.json()) 19 | -------------------------------------------------------------------------------- /07g_delete_SHA256_from_file_list.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLES: 8 | # file_lists_guid = 'e773a9eb-296c-40df-98d8-bed46322589d' 9 | # sha256 = '4ce4e7ab22a8900bf438ff84baebe74d3ef3828a716b933b6e2a85b991b36f31' 10 | file_lists_guid = '' 11 | 12 | sha256 = '' 13 | 14 | url = 'https://api.amp.cisco.com/v1/file_lists/{}/files/{}'.format(file_lists_guid, sha256) 15 | 16 | request = requests.delete(url, auth=(amp_client_id, amp_api_key)) 17 | 18 | print(request.json()) 19 | -------------------------------------------------------------------------------- /08a_get_event_streams_list.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | url = 'https://api.amp.cisco.com/v1/event_streams' 8 | 9 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 10 | 11 | print(request.json()) 12 | -------------------------------------------------------------------------------- /08b_get_event_stream_details.py: -------------------------------------------------------------------------------- 1 | import requests 2 | 3 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 4 | 5 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 6 | 7 | # EXAMPLE: 8 | # stream_id = '7213' 9 | stream_id = '' 10 | 11 | url = 'https://api.amp.cisco.com/v1/event_streams/{}'.format(stream_id) 12 | 13 | request = requests.get(url, auth=(amp_client_id, amp_api_key)) 14 | 15 | print(request.json()) 16 | -------------------------------------------------------------------------------- /08c_create_event_stream.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import json 3 | 4 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 5 | 6 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 7 | 8 | url = 'https://api.amp.cisco.com/v1/event_streams' 9 | 10 | headers = {'content-type': 'application/json'} 11 | 12 | data = {'name':'Threat Detected','event_type':[1090519054],'group_guid':['bfe6abd0-6591-4bf2-a0d3-02efc1cd268e']} 13 | 14 | request = requests.post(url, headers=headers, auth=(amp_client_id, amp_api_key), data=json.dumps(data)) 15 | 16 | print(request.json()) 17 | -------------------------------------------------------------------------------- /08d_update_event_stream.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import json 3 | 4 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 5 | 6 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 7 | 8 | # EXAMPLE: 9 | # stream_id = '7213' 10 | stream_id = '' 11 | 12 | url = 'https://api.amp.cisco.com/v1/event_streams/{}'.format(stream_id) 13 | 14 | headers = {'content-type': 'application/json'} 15 | 16 | data = {'event_type':[1090519054]} 17 | 18 | request = requests.patch(url, headers=headers, auth=(amp_client_id, amp_api_key), data=json.dumps(data)) 19 | 20 | print(request.json()) 21 | -------------------------------------------------------------------------------- /08e_delete_event_stream.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import json 3 | 4 | amp_client_id = 'a1b2c3d4e5f6g7h8i9j0' 5 | 6 | amp_api_key = 'a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6' 7 | 8 | # EXAMPLE: 9 | # stream_id = '7213' 10 | stream_id = '' 11 | 12 | url = 'https://api.amp.cisco.com/v1/event_streams/{}'.format(stream_id) 13 | 14 | request = requests.delete(url, auth=(amp_client_id, amp_api_key)) 15 | 16 | print(request.json()) 17 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![Gitter chat](https://img.shields.io/badge/gitter-join%20chat-brightgreen.svg)](https://gitter.im/CiscoSecurity/AMP-for-Endpoints "Gitter chat") 2 | 3 | ### AMP for Endpoint API Basics: 4 | This collection of scripts cover the basics of interacting with the AMP for Endpoints API. Each script covers one API endpoint. These are intented to show the bare minimum required to interact with the API endpoint. 5 | 6 | ### Before using you must update the following: 7 | - amp_client_id 8 | - amp_api_key 9 | 10 | Additional variables where present: 11 | - computer_guid 12 | - user 13 | - query 14 | - group_guid 15 | - parent_group_guid 16 | - policy_guid 17 | - file_lists_guid 18 | - sha256 19 | - stream_id 20 | 21 | When an additional variable is present in a script an example with the appropriate format is provided as a comment. These variables are noted with a < (less-than-sign) and > (greater-than-sign). 22 | ``` 23 | # EXAMPLE: 24 | # computer_guid = 'd7fbcdb6-0a14-4e39-867e-02f5e1649497' 25 | computer_guid = '' 26 | ``` 27 | 28 | ### Usage: 29 | ``` 30 | python 01_authentication.py 31 | ``` 32 | 33 | ### Example script output: 34 | ``` 35 | {'version': 'v1.2.0', 'metadata': {'links': {'self': 'https://api.amp.cisco.com/v1/version'}}, 'data': {}} 36 | ``` 37 | --------------------------------------------------------------------------------