deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-04 08:37:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md
Daniel Simpson c93d7f2b6c massive prod & technology metadata update
2021-01-21 10:21:50 -08:00

3.3 KiB
Raw Blame History

title, description, keywords, search.product, ms.prod, ms.mktglfcycl, ms.sitesec, ms.pagetype, ms.author, author, ms.localizationpriority, manager, audience, ms.collection, ms.topic, ms.technology
title description keywords search.product ms.prod ms.mktglfcycl ms.sitesec ms.pagetype ms.author author ms.localizationpriority manager audience ms.collection ms.topic ms.technology
Get MachineAction object API Learn how to use the Get MachineAction API to retrieve a specific Machine Action by its ID in Microsoft Defender Advanced Threat Protection. apis, graph api, supported apis, machineaction object eADQiWindows 10XVcnh m365-security deploy library security macapara mjcaparas medium dansimp ITPro M365-security-compliance article mde

Get machineAction API

[!INCLUDE Microsoft 365 Defender rebranding]

Applies to: Microsoft Defender for Endpoint

[!includeMicrosoft Defender for Endpoint API URIs for US Government]

[!includeImprove request performance]

API description

Retrieves specific Machine Action by its ID.

Limitations

  1. Rate limitations for this API are 100 calls per minute and 1500 calls per hour.

Permissions

One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Use Defender for Endpoint APIs

Permission type Permission Permission display name
Application Machine.Read.All 'Read all machine profiles'
Application Machine.ReadWrite.All 'Read and write all machine information'
Delegated (work or school account) Machine.Read 'Read machine information'
Delegated (work or school account) Machine.ReadWrite 'Read and write machine information'

Note

When obtaining a token using user credentials:

  • The user needs to have at least the following role permission: 'View Data' (See Create and manage roles for more information)

HTTP request

GET https://api.securitycenter.microsoft.com/api/machineactions/{id}

Request headers

Name Type Description
Authorization String Bearer {token}. Required.

Request body

Empty

Response

If successful, this method returns 200, Ok response code with a Machine Action entity. If machine action entity with the specified id was not found - 404 Not Found.

Example

Request

Here is an example of the request.

GET https://api.securitycenter.microsoft.com/api/machineactions/2e9da30d-27f6-4208-81f2-9cd3d67893ba

Response

Here is an example of the response.

HTTP/1.1 200 Ok
Content-type: application/json
{
    "@odata.context": "https://api.securitycenter.microsoft.com/api/$metadata#MachineActions/$entity",
    "id": "5382f7ea-7557-4ab7-9782-d50480024a4e",
    "type": "Isolate",
	"scope": "Selective",
    "requestor": "Analyst@TestPrd.onmicrosoft.com",
    "requestorComment": "test for docs",
    "status": "Succeeded",
    "machineId": "7b1f4967d9728e5aa3c06a9e617a22a4a5a17378",
    "computerDnsName": "desktop-test",
    "creationDateTimeUtc": "2019-01-02T14:39:38.2262283Z",
    "lastUpdateDateTimeUtc": "2019-01-02T14:40:44.6596267Z",
    "relatedFileInfo": null
}