deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-15 23:07:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

fixes

Browse Source
This commit is contained in:
Joey Caparas 2020-04-09 16:16:19 -07:00
parent ac81be317a
commit c3fc7ad143
2 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
windows/security/threat-protection/microsoft-defender-atp/alerts.md
View File

@ -23,6 +23,7 @@ ms.topic: article
- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
## Methods ## Methods
Method |Return Type |Description Method |Return Type |Description
:---|:---|:--- :---|:---|:---
[Get alert](get-alert-info-by-id.md) | [Alert](alerts.md) | Get a single [alert](alerts.md) object. [Get alert](get-alert-info-by-id.md) | [Alert](alerts.md) | Get a single [alert](alerts.md) object.
@ -37,7 +38,8 @@ Method |Return Type |Description
## Properties ## Properties
Property | Type | Description
Property | Type | Description
:---|:---|:--- :---|:---|:---
id | String | Alert ID. id | String | Alert ID.
title | String | Alert title. title | String | Alert title.
@ -61,7 +63,6 @@ threatFamilyName | String | Threat family.
machineId | String | ID of a [machine](machine.md) entity that is associated with the alert. machineId | String | ID of a [machine](machine.md) entity that is associated with the alert.
comments | List of Alert comments | Alert Comment is an object that contains: comment string, createdBy string and createTime date time. comments | List of Alert comments | Alert Comment is an object that contains: comment string, createdBy string and createTime date time.
### Response example for getting single alert: ### Response example for getting single alert:
``` ```
@ -73,7 +74,7 @@ GET https://api.securitycenter.windows.com/api/alerts/da637084217856368682_-2929
"id": "da637084217856368682_-292920499", "id": "da637084217856368682_-292920499",
"incidentId": 66860, "incidentId": 66860,
"investigationId": 4416234, "investigationId": 4416234,
"investigationState": "Running", "investigationState": "Running",
"assignedTo": "secop@contoso.com", "assignedTo": "secop@contoso.com",
"severity": "Low", "severity": "Low",
"status": "New", "status": "New",

22
windows/security/threat-protection/microsoft-defender-atp/api-explorer.md
View File

@ -1,7 +1,7 @@
--- ---
title: API Explorer in Microsoft Defender ATP title: API Explorer in Microsoft Defender ATP
ms.reviewer: ms.reviewer:
description: Use the API Explorer to construct and perform API queries, test and send requests for any available API description: Use the API Explorer to construct and do API queries, test, and send requests for any available API
keywords: api, explorer, send, request, get, post, keywords: api, explorer, send, request, get, post,
search.product: eADQiWindows 10XVcnh search.product: eADQiWindows 10XVcnh
search.appverid: met150 search.appverid: met150
@ -19,14 +19,16 @@ ms.topic: conceptual
--- ---
# API Explorer # API Explorer
**Applies to:** **Applies to:**
- [Microsoft Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - [Microsoft Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
The Microsoft Defender ATP API Explorer is a tool that helps you explore various Microsoft Defender ATP APIs interactively. The Microsoft Defender ATP API Explorer is a tool that helps you explore various Microsoft Defender ATP APIs interactively.
The API Explorer makes it easy to construct and perform API queries, test and send requests for any available Microsoft Defender ATP API endpoint. You can also use the API Explorer to perform actions or find data that might not yet be available through the user interface. The API Explorer makes it easy to construct and do API queries, test, and send requests for any available Microsoft Defender ATP API endpoint. Use the API Explorer to take actions or find data that might not yet be available through the user interface.
The tool is useful during app development because it allows you to perform API queries that respect your user access settings, reducing the need to generate access tokens. The tool is useful during app development. It allows you to perform API queries that respect your user access settings, reducing the need to generate access tokens.
You can also use the tool to explore the gallery of sample queries, copy result code samples, and generate debug information. You can also use the tool to explore the gallery of sample queries, copy result code samples, and generate debug information.
@ -34,26 +36,30 @@ With the API Explorer, you can:
- Run requests for any method and see responses in real-time - Run requests for any method and see responses in real-time
- Quickly browse through the API samples and learn what parameters they support - Quickly browse through the API samples and learn what parameters they support
- Make API calls with ease; no need to authenticate beyond the management portal sign-in - Make API calls with ease; no need to authenticate beyond the management portal sign in
## Access API Explorer ## Access API Explorer
From the left navigation menu, select **Partners & APIs** > **API Explorer**. From the left navigation menu, select **Partners & APIs** > **API Explorer**.
## Supported APIs ## Supported APIs
API Explorer supports all the APIs offered by Microsoft Defender ATP. API Explorer supports all the APIs offered by Microsoft Defender ATP.
The list of supported APIs is available in the [APIs documentation](apis-intro.md). The list of supported APIs is available in the [APIs documentation](apis-intro.md).
## Get started with the API Explorer ## Get started with the API Explorer
1. In the left pane, there is a list of sample requests that you can use. 1. In the left pane, there is a list of sample requests that you can use.
2. Follow the links and click **Run query**. 2. Follow the links and click **Run query**.
Some of the samples may require specifying a parameter in the URL, for example, {machine- id}. Some of the samples may require specifying a parameter in the URL, for example, {machine- ID}.
## FAQ ## FAQ
**Do I need to have an API token to use the API Explorer?** <br> **Do I need to have an API token to use the API Explorer?** <br>
Credentials to access an API are not needed since the API Explorer uses the Microsoft Defender ATP management portal token whenever it makes a request. Credentials to access an API aren't needed. The API Explorer uses the Microsoft Defender ATP management portal token whenever it makes a request.
The logged-in user authentication credential is used to verify that the API Explorer is authorized to access data on your behalf. The logged-in user authentication credential is used to verify that the API Explorer is authorized to access data on your behalf.
Specific API requests are limited based on your RBAC privileges; for example, a request to "Submit indicator" is limited to the security admin role. Specific API requests are limited based on your RBAC privileges. For example, a request to "Submit indicator" is limited to the security admin role.