Using the api to clear threats

  • 6 December 2017
  • 3 replies

I was looking through the api reference and was wondering if it's possible to clear threats from a command issued via the api.
I'm currently looking into the api for a project for college.
From what I can gather, the most likely command would be this one:
/service/api/console/gsm/{gsmKey}/sites/{siteId}/endpoints/commandsThen I have a few questions, where do I find the available commands? And, is it possible to issue a command to a single endpoint? Because as far as I can see it's either to a site or a group of sites.
greetings 🙂

Best answer by JosephRi 7 December 2017, 16:22

View original

3 replies

Userlevel 4
Badge +9
Hi @,
You are correct; that would be the request to issue a command to a list of endpoints, or all endpoints in a site. From the documentation at, your available commands are "scan", "cleanup", "uninstall", "changekeycode", "restart". As you can see the, "scan" and "cleanup" commands here would take care of cleaning threats off of an endpoint.
EDIT: Sorry, I missed your last question. You would be able to issue a command to "a list of endpoints" by modifying the body of your request, and including your respective EndpointIDs.
For example :
"EndpointsList": "1053897c-09a9-45c3-8824-b4b263e9d29f,176c2d1e-241a-402b-a66c-0ec412605350" 
Best regards,
Joseph R.
Ah shoot, I must have missed that in the documentation!
Thanks so much!

I don't yet have something set up to test it out, but looking at the "EndpointsList", I assume I can put just one endpoint in there and it could clean that single one for me?
If I'd have something set up I could test it myself and the question would be irrelevant, so no need to answer if you feel like I should try myself. I'll get the same answer, just a little later 😉.

Thanks for helping me out!
Userlevel 4
Badge +9
Hi @,
Yes, you are correct. Adding a single EndpointID to the EndpointsList body value will only send the command to that specific endpoint.
Best regards,
Joseph R.