s

2025-05-15 23:07:23 +00:00 · 2018-09-27 14:14:04 +03:00 · 2018-09-27 14:14:04 +03:00 · f35962ddce
commit f35962ddce
parent a19416f915
3 changed files with 14 additions and 15 deletions
--- a/windows/security/threat-protection/windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection-new.md
@ -14,13 +14,12 @@ ms.date: 12/08/2017
 ---

 # Get machine by ID API
-**Applies to:**
-
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
-

 [!include[Prerelease information](prerelease.md)]

+**Applies to:**
+
+- Windows Defender Advanced Threat Protection (Windows Defender ATP)
 Retrieves a machine entity by ID.

 ## Permissions
@ -78,13 +77,13 @@ Content-type: application/json
    "id": "1e5bc9d7e413ddd7902c2932e418702b84d0cc07",
    "computerDnsName": "mymachine1.contoso.com",
    "firstSeen": "2018-08-02T14:55:03.7791856Z",
+	"lastSeen": "2018-08-02T14:55:03.7791856Z",
    "osPlatform": "Windows10",
    "osVersion": null,
    "systemProductName": null,
    "lastIpAddress": "172.17.230.209",
    "lastExternalIpAddress": "167.220.196.71",
    "agentVersion": "10.5830.18209.1001",
-    "groupName": null,
    "osBuild": 18209,
    "healthStatus": "Active",
    "isAadJoined": true,
--- a/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection-new.md
@ -14,16 +14,16 @@ ms.date: 12/08/2017
 ---

 # List machines API
+
+[!include[Prerelease information](prerelease.md)]
+
 **Applies to:**

 - Windows Defender Advanced Threat Protection (Windows Defender ATP)

-
-[!include[Prerelease information](prerelease.md)]
-
-
-
 Retrieves a collection of machines that have communicated with WDATP cloud on the last 30 days.
+Get Machines collection API supports [OData V4 queries](https://www.odata.org/documentation/).
+The OData's Filter query is supported on: "Id", "ComputerDnsName", "LastSeen", "LastIpAddress", "HealthStatus", "OsPlatform", "RiskScore" and "RbacGroupId"

 ## Permissions

@ -36,7 +36,7 @@ Delegated (work or school account) | Machine.ReadWrite | 'Read and write machine

 ## HTTP request
 ```
-GET /api/machines
+GET https://api.securitycenter.windows.com/api/machines
 ```

 ## Request headers
@ -80,13 +80,13 @@ Content-type: application/json
            "id": "1e5bc9d7e413ddd7902c2932e418702b84d0cc07",
            "computerDnsName": "mymachine1.contoso.com",
            "firstSeen": "2018-08-02T14:55:03.7791856Z",
+			"lastSeen": "2018-08-02T14:55:03.7791856Z",
            "osPlatform": "Windows10",
            "osVersion": null,
            "systemProductName": null,
            "lastIpAddress": "172.17.230.209",
            "lastExternalIpAddress": "167.220.196.71",
            "agentVersion": "10.5830.18209.1001",
-            "groupName": null,
            "osBuild": 18209,
            "healthStatus": "Active",
            "isAadJoined": true,
@ -99,13 +99,13 @@ Content-type: application/json
            "id": "7292e4b8cb74ff1cc3d8a495eb29dc8858b732f7",
            "computerDnsName": "mymachine2.contoso.com",
            "firstSeen": "2018-07-09T13:22:45.1250071Z",
+			"lastSeen": "2018-07-09T13:22:45.1250071Z",
            "osPlatform": "Windows10",
            "osVersion": null,
            "systemProductName": null,
            "lastIpAddress": "192.168.12.225",
            "lastExternalIpAddress": "79.183.65.82",
            "agentVersion": "10.5820.17724.1000",
-            "groupName": "WDATPClientTeam",
            "osBuild": 17724,
            "healthStatus": "Inactive",
            "isAadJoined": true,
--- a/windows/security/threat-protection/windows-defender-atp/machine-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/machine-windows-defender-advanced-threat-protection-new.md
@ -30,14 +30,14 @@ Property |	Type	|	Description
 id | String | [machine](machine-windows-defender-advanced-threat-protection-new.md) identity.
 computerDnsName | String | [machine](machine-windows-defender-advanced-threat-protection-new.md) fully qualified name.
 firstSeen | DateTimeOffset | First date and time where the [machine](machine-windows-defender-advanced-threat-protection-new.md) was observed by WDATP.
+lastSeen | DateTimeOffset | Last date and time where the [machine](machine-windows-defender-advanced-threat-protection-new.md) was observed by WDATP.
 osPlatform | String | OS platform.
 osVersion | String | OS Version.
 lastIpAddress | Ip | Last IP on local NIC on the [machine](machine-windows-defender-advanced-threat-protection-new.md).
 lastExternalIpAddress | Ip | Last IP through which the [machine](machine-windows-defender-advanced-threat-protection-new.md) accessed the internet.
 agentVersion | String | Version of WDATP agent.
-groupName | String | [machine](machine-windows-defender-advanced-threat-protection-new.md) group name (when defined).
 osBuild | Int | OS build number.
-healthStatus | String | [machine](machine-windows-defender-advanced-threat-protection-new.md) health status.
+healthStatus | Enum | [machine](machine-windows-defender-advanced-threat-protection-new.md) health status. Possible values are: "Active", "Inactive", "ImpairedCommunication", "NoSensorData" and "NoSensorDataImpairedCommunication"
 isAadJoined | Boolean | Is [machine](machine-windows-defender-advanced-threat-protection-new.md) AAD joined.
 machineTags | String collection | Set of [machine](machine-windows-defender-advanced-threat-protection-new.md) tags.
 rbacGroupId | Int | Group ID.