Invoke-Restmethod -uri $auditlog -header $header -Method GET IMPORTANT: Without any parameters specified, a maximum of 50 entries are returned. Key information is blurred out in these examples. There will be a brief pause before the data is returned in this task (E.1) and in task E.2. NOTE: In Tasks E.1 and E.2, pressing Enter will execute the method and return data. Invoke-Restmethod -uri $inventory -header $header -Method GET Copy and paste the following line of code into the window: In this task we will run the GET method to return the data we want.ġ. Press Enter on your keypad: Task E: Get Data Replace the URL in this line of code with the auditlog URL you copied in Task B.2.Ĩ. Define an auditlog variable by copying and pasting the following line of code into the window:ħ. Replace the URL in this line of code with the inventory URL you copied in Task B.1.Ħ. Define an inventory variable by copying and pasting the following line of code into the window:Ĥ. Define a header variable by copying and pasting the following line of code into the window:ģ. In this task we will define several variables to make the code easier to work with.ġ. The username has been blurred out in these examples. NOTE: In Tasks C and D, pressing Enter will not return anything, but will take you to a new line in PowerShell. Replace the API Key in this line of code with the API Key you copied in Task A. Launch Windows PowerShell and declare the API Key by copying and pasting the following line of code into the window: Set-executionpolicy bypass -scope processġ. However, the full process will not be covered in the scope of this blog. NOTE: If you want to run the code within this blog as a script you will need to change the default execution policy to bypass or unrestricted using the following line of code in PowerShell. Task C: Start PowerShell and Declare API Key Paste the Auditlog URL into notepad (or similar) to be retrieved later, so that it is not overwritten in Task C. NOTE: For this example, we want to return an array of auditlog entries.ģ. Paste the inventory URL into notepad (or similar) to be retrieved later, so that it is not overwritten in Task B.2. In this example we are using data centre 1, so see dc1api in the URL. IMPORTANT: The URL depends on your datacentre. NOTE: For this example, we want to return our current inventory. From the list of resources, copy the URL you want to work with using the copy to clipboard button to the right of the URL: In this task we will locate and copy two URLs to be used to make queries in subsequent tasks.Ģ. Task B: Copy Required URLs from Resources Paste the API Key into notepad (or similar) to be retrieved later, so that it is not overwritten in Task B.1. NOTE: The API Key is an inactive key in these examples used for demonstration purposes only.ĥ. Set API access to ON and copy the API Key to the clipboard using the copy to clipboard button to the right of the API Key: From the left-hand side menu, select option Privacy (not the PRIVACY tab at the top):Ĥ. In the Admin By Request user portal, navigate to menu Settings > Windows Settings:Ģ. IMPORTANT: In order to use Invoke-RestMethods cmdlets used during this task, you will need to be running Windows PowerShell version 3.0 or higher. Task B: Copy Required URLs from Resourcesģ. This blog covers how to test functionality and get data from Admin By Request using Windows PowerShell.Ģ. The Admin By Request API allows you to get the necessary data into your preferred SIEM system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |