Qodex.ai
Qodex.ai
Introduction
Carbon Black
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Access Profiles and Grants API
Create Grant for a PrincipalGet Permitted RolesUpdate Grant of a PrincipalUpdate Profile of Principal’s GrantBulk Fetch GrantsDelete ProfileGet Grant of a PrincipalCreate Profile in Principal’s GrantDelete Grant for a Principal
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-Search Alerts - Ungrouped
Export AlertsGet alert histogramGet Alert HistoryFind alerts - UngroupedGet Alert DetailsValidate Search RequestFacet alerts - ungroupedGet Alert Search Suggestions
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-Search Alerts - Grouped by Threat Id
Facet Alerts - GroupedGet alert histogram for grouped alertsFind Alerts - Grouped
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-Notes on Alerts
Get NotesCreate a NoteDelete a Note
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-tags
Get a list of tags based on Threat IdDelete a TagUpdate Tags
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-Threats
Delete a threat-level noteGet notes for a threatGet History of a Threat IDCreate a threat-level note
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-Workflow
Bulk Update Alerts Workflow by Search Definition
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-Deprecated - v6
Update Bulk Event WorkflowsGet Alert by IDCreate WorkflowFacet AlertsCreate NoteAlert SearchGet Alert Search SuggestionsDelete NoteGet NotesGet Status of Workflow Update
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Asset Groups-Groups
Update Asset GroupCreate Asset GroupPreview Asset Groups ChangeGet Asset Group by IDExport Asset GroupsGet All Asset GroupsGet Asset Group StatsDelete Asset GroupSearch for Asset Groups
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Asset Groups-Members
Remove Members from Asset GroupGet Asset Group MembersFind Which Member Belongs to Which Group
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Asset Groups-Group Query
Get Asset Group ConfigurationValidate QuerySupported Attribute Keywords
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Asset Groups
Preview Policies Rank Change
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Audit Log API
Search Audit LogsFetch from Audit Log QueueExport Audit Logs
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Data Forwarder Configuration API-Deprecated
⚠️ Create Forwarder⚠️ Forwarder Healthcheck⚠️ Delete Forwarder⚠️ Get Configured Forwarders⚠️ Edit Forwarder
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Data Forwarder Configuration API
Delete Filter on ForwarderValidate FilterEdit Filter on ForwarderCreate Filter on ForwarderForwarder HealthcheckEdit ForwarderGet Configured ForwardersCreate ForwarderDelete ForwarderGet Available Data VersionsGet Specific ForwarderFilterable Event SchemaGet Specific Filter on ForwarderGet Filters on Forwarder
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Devices API
Specific Device InformationLegacy Export Devices (CSV)Export DevicesSearch DevicesScroll DevicesDevice FacetDevice Actions
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Job Service API
Get Job DetailsGet Job ProgressStart an Export Events JobDownload Job Output
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Live Response APIs
Get All SessionsRetrieve CommandGet Commands ListGet File MetadataClose SessionDelete FileIssue CommandRetrieve Command CopyGet All Files MetadataStart SessionDisable Live ResponseUpload File to Carbon Black CloudGet File Content
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Policy Management
Get Policy DetailsDelete PolicyGet Policy SummaryCreate PolicyUpdate Policy
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Policy Rules Management
Add Policy RuleDelete Policy RuleUpdate Policy RuleBulk Modify Policy Rules
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Rule Configs
PresentationLookupParameter Schema
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Rule Config - Core Prevention
Delete Specific Core Prevention Rule ConfigUpdate Core Prevention Rule ConfigsGet Core Prevention Rule Configs
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Rule Config - Data Collection
Get Data Collection Rule ConfigsDelete Specific Data Collection Rule ConfigDelete Data Collection Rule ConfigsUpdate Data Collection Rule Configs
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Rule Config - Host-Based Firewall
Export Host-Based Firewall RulesGet Host-Based Firewall Rule ConfigsDelete Specific Host-Based Firewall Rule ConfigUpdate Host-Based Firewall Rule ConfigsCopy Host-Based Firewall Rule ConfigDelete Host-Based Firewall Rule Configs
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Rule Config - Bypass
Delete User Parameters for All Bypass Rule Configs.Update Bypass Rule ConfigsList Bypass Rule Configs
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Process Search API-Calls for Processes
Get Time Limits for Available Data (v1)Start a Details Request for Processes (v2)Retrieve Results for a Process Facets Search (v2)Process Search Validation (v2)Start a Facet Search on Processes (v2)Retrieve Results for a Process Summary or Tree Search (v2)Process Search Suggestions (v2)Cancel a Process Search (v1)Start a Process Search (v2)Start a Process Summary Search (v2)Retrieve Results for a Process Detail Search (v2)Retrieve Results for a Process Search (v2)
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Process Search API-Calls for Events
Get Events Facet Associated with a Process (v2)Get Validation for Event Search (v1)Get Suggestions for Event Searching (v1)
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Process Search API-Calls using Enterprise EDR Watchlist Features
Evaluate Processes for a Watchlist (v1)Get Report Hits (v1)
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Process Search API-Deprecated
⚠️ Get the Status of a Process Search (v1)⚠️ Get the Status of a Process Detail Search (v2)Process Search Validation (v1)Process Search Suggestions (v1)⚠️ Get the Status of Process Summary Search (v2)
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Process Search API
Export Process Events Search Results with Jobs Service
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Reputation Override API πŸ—
Search Reputation OverridesDelete Reputation OverrideExport Reputation OverridesConfigure Reputation OverrideBulk Delete Reputation OverridesGet Reputation Override
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Script Deobfuscation API
De-obfuscate script
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Sensor Update Services API-Deprecated
Get a list of all the Sensors in the given JobGet the details of a jobCancel an in progress JobCreate a Sensor Update Job
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Sensor Update Services API
Get Sensor Update JobCreate Sensor Update JobSearch Sensor Update JobsUpdate Sensor Update Job NameSearch Sensors in Sensor Update JobExport Sensors in Sensor Update JobStop Sensor Update Job
Carbon Black Cloud (CBC)-Platform APIs πŸ—-User Management API
Create UserReset Google Authenticator RegistrationDelete UserModify UserList All Users
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Vulnerability Assessment API-Organization Level
Get Asset View with Vulnerability SummaryGet Vulnerability List for Specific OS and ApplicationGet Asset View with Vulnerability Summary for vCenterGet a Vulnerability List in CSV FormatGet a Vulnerability List for a vCenter Server in CSV FormatGet Vulnerability Summary for vCenterExport Asset View with Vulnerability SummaryGet Vulnerability List for Specific OS and Application in vCenterGet Vulnerability SummaryExport Asset View with Vulnerability Summary for vCenter
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Vulnerability Assessment API-Device Level
Perform Action on a DeviceGet a Vulnerability List for Specific vCenter Device in CSV FormatGet Specific vCenter Device Vulnerability ListGet a Vulnerability List for Specific Device in CSV FormatGet Specific Device Vulnerability ListGet Specific Device Vulnerability SummaryPerform Action on a vCenter DeviceGet Specific vCenter Device Vulnerability Summary
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Vulnerability Assessment API-Vulnerability Level
Dismiss Edit VulnerabilitiesGet Affected Assets for Specific Vulnerability in vCenterGet Vulnerability DetailsGet Affected Assets for Specific Vulnerability
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Network Threat Metadata Service API
Get metadata for a detector (rule)
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Observations API-Observations Search Job
Get ResultsCreate Search JobGet Grouped Results
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Observations API-Observation Detail Job
Get ResultsCreate Detail Job
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Observations API-Observation Facet Job
Start Facet JobGet Facet Results
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Observations API
Search Suggestions for ObservationsExport Observations Search Results with Jobs ServiceValidate Observation Search
Carbon Black Cloud (CBC)-Audit and Remediation API-Differential Analysis API
Get Facets From Live Query Results Copy
Carbon Black Cloud (CBC)-Audit and Remediation API-LiveQuery REST API πŸ—-Live Query Run
Get Device Summary From ResultsGet Query Run ResultsGet Facets From Live Query ResultsGet Live Query RecommendationsDelete Query RunGet Device Summary FacetsGet Query HistoryGet Query DetailsStop Query RunScroll All Run ResultsStart Query Run
Carbon Black Cloud (CBC)-Audit and Remediation API-LiveQuery REST API πŸ—-Live Query Template
Delete Query Schedule by IDSearch Live Query TemplatesRetrieve Live Query Template by IDCreate Live Query TemplateEdit Live Query Template by ID
Carbon Black Cloud (CBC)-Containers πŸ—-Management-Policies
Create or Update PolicyGet All PoliciesDelete PolicyGet Policy
Carbon Black Cloud (CBC)-Containers πŸ—-Management-Scopes
Get Scope With PolicyCreate or Update ScopeGet All Scopes With PoliciesGet All ScopesGet Specified ScopeDelete Scope
Carbon Black Cloud (CBC)-Containers πŸ—-Management-Rules
Get All RulesDelete Custom Rule
Carbon Black Cloud (CBC)-Containers πŸ—-Management-Templates
Create or Update a TemplateAdd Rules to TemplatesDelete Custom TemplateGet All Templates
Carbon Black Cloud (CBC)-Containers πŸ—-Image Scanning - Account Analysis Overview
Get clusters, namespaces and repositoriesNew Vulnerabilities - previous 24 hoursSearch Vulnerabilities Over TimeFixes AvailableScan Status
Carbon Black Cloud (CBC)-Containers πŸ—-Scan Logs
Get Scan Log FacetsSearch Scan LogsGet Metadata of Scan Logs
Carbon Black Cloud (CBC)-Containers πŸ—-Image Analysis Inventory
Search ImagesGet Image FacetsSearch Repositories
Carbon Black Cloud (CBC)-Containers πŸ—-Image Scanning Vulnerabilities
Search Vulnerabilites for CVE informationGet Vulnerability SummarySearch Workloads for VulnerabilitiesSearch Vulnerabilities ExceptionsGet CVE
Carbon Black Cloud (CBC)-Containers πŸ—-Setup API
Get Operator CompatibilityCheck Status of a Custom ResourceCreate Custom ResourceGet Full Operator CompatibilityGet Operator Installation DataGet Sensor MetadataGet CLI Installation CommandGet Download Links for CLI
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Audit Log and Notifications
Get Notifications πŸ—Audit Log Events
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Device Control API πŸ—-Approvals
Delete Approval by IDSearch ApprovalsBulk Create ApprovalsUpdate ApprovalGet Approval by IDExport USB Approvals Export
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Device Control API πŸ—-Blocks
Get BlocksGet Block by IDDelete Block by IDUpdate BlockBulk Create Blocks
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Device Control API πŸ—-USB Devices
Get USB Device by IDSearch USB DevicesExport USB Devices InventoryGet Endpoints associated with a USB deviceFacet USB Devices
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Device Control API πŸ—-Products
Get USB Device Vendors and Products Seen
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Enriched Events Search API
Retrieve Results for an Enriched Events Facet Search (v2)Retrieve Results for an Enriched Event Aggregation Search (v1)Export Enriched Events Search Results with Jobs ServiceStart an Enriched Events Search (v2)Retrieve Results for an Enriched Events Search (v2)Start Aggregation Search on Enriched Events (v1)Request Details for Enriched Events (v2)Retrieve Results for an Enriched Event Detail Search (v2)Start a Facet Search on Enriched Events (v2)
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Recommendation API
Search RecommendationsRecommendation Workflow
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Deprecated-⚠️ Live Response APIs πŸ—
⚠️ Get Status of Session⚠️ Start a new session⚠️ Send Command to Endpoint⚠️ Close a session⚠️ Get File Metadata⚠️ Get File Content⚠️ Get Status of Command
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Deprecated
⚠️ Get details for a Specific Event⚠️ Add Rule to Existing Policy⚠️ Get Details on Alert⚠️ Get List of PoliciesGet the Enriched Events Detail Search Status (v2)⚠️ Find Processes⚠️ Update Existing Rule⚠️ Create New PolicyGet the Enriched Events Search Status (v1)⚠️ Delete Policy⚠️ Update Existing Policy⚠️ Change Status of an Individual Device⚠️ Bulk Sensor Data Retrieval⚠️ Remove Rule from Existing Policy⚠️ Find Events⚠️ Get Status of Individual Device⚠️ Retrieve Policy by ID⚠️ Device Status
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Feed Search API
Health CheckFeed SearchFeed Field Suggest
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Feed Manager API
Create a New Private Feed⚠️ Create a New Public FeedGet Specific FeedUpdate Reserved Feed DelegatesGet ReportsUpdate ReportDelete reportReplace ReportsUpdate Feed InfoGet all FeedsDelete FeedConvert Legacy QueryGet Reserved Feed DelegatesGet ReportCreate a New Reserved FeedGet Feed Info
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-⚠️ Process Search v1
⚠️ Evaluate Processes for a Watchlist⚠️ Process Summary⚠️ Get Time Limits for Available Data⚠️ Process Tree⚠️ Get Suggestions for Event Searching⚠️ Process Search Validation⚠️ Get Events Associated with a Given Process⚠️ Get a List of All Available Process Result Sets⚠️ Get Validation for Event Search⚠️ Get Report Hits⚠️ Process Search Suggestions⚠️ Get Search Process Results⚠️ Get the Status of a Query⚠️ Cancel Process Search⚠️ Start an Asynchronous Process Search⚠️ Health Check
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-⚠️ Process Search v2
⚠️ Get Events Facet Associated with a Given Process⚠️ Get Process Search Results⚠️ Get Enriched Events Facet Results⚠️ Start a Process Facet Job⚠️ Get Events Associated with a Given Process⚠️ Get Enriched Events Search Results⚠️ Start a Process Search Job⚠️ Get Process Facets⚠️ Start Enriched Events Facet Job⚠️ Start an Enriched Events Search Job
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Unified Binary Store
Download FileFile Path InputDevice SummaryRequest SignatureRetrieve Metadata
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Watchlist
Delete WatchlistGet Watchlist Tag StatusGet Report Ignore StatusRe-activate IOCEnable Watchlist TagsGet ReportHealthcheckDisable Watchlist AlertsIgnore IOCDisable Watchlist TagsGet Watchlist Alert StatusGet WatchlistBulk Ignore Report and IOCsSearch (Get) Watchlist TelemetryGet Ignore Status for Provided Report IDsRe-activate ReportUpdate Watchlist⚠️ Get Watchlist TelemetrySet Custom Report SeverityGet All WatchlistsCreate New ReportEnable Watchlist AlertsGet Custom Severity for ReportGet IOC Ignore StatusUpdate a ReportRemove ReportRemove Custom Report SeverityGet Custom Report SeveritiesCreate New WatchlistIgnore Report
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Auth Events-Events Search
Get Auth Events Search SuggestionsGet Auth Events Search Group ResultsGet Auth Events Search ValidationStart Auth Events Search JobGet Auth Events Search Job Results
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Auth Events-Events Details
Start Auth Events Detail JobGet Auth Events Detail Job Results
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Auth Events-Events Facet
Start Auth Events Facet JobGet Auth Events Detail Job Results
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Auth Events
Export Auth Events Search Results with Jobs ServiceGet Auth Events Descriptions
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Threat Hunt
Get Threat Hunt Information
Carbon Black Cloud (CBC)-Workload πŸ—-Appliance Service API
Update Appliance InfoRegister AppliancePost Worker Heartbeat Time IntervalGet Appliance Health details
Carbon Black Cloud (CBC)-Workload πŸ—-Sensor Lifecycle Management
Get Sensor Configuration TemplateGet Sensor Kit and Configuration LinksRequest Workload Sensor Installation
Carbon Black Cloud (CBC)-Workload πŸ—-VM Workloads Search API-Deprecated - v1
Fetch Compute Resource by IDSearch and Facet Compute Resources
Carbon Black Cloud (CBC)-Workload πŸ—-VM Workloads Search API
Search AWS Compute ResourcesDownload AWS Compute ResourcesFacet AWS Compute ResourcesCheck Compute Resource EligibilityGet Compute Resource by IDGet AWS Compute Resource Summary
Carbon Black Cloud (CBC)-Workload πŸ—-CIS Benchmarks API-Settings
Update Organization Settings for Compliance AssessmentGet Organization Settings for Compliance Assessment
Carbon Black Cloud (CBC)-Workload πŸ—-CIS Benchmarks API-Benchmark Configuration
Clone a Benchmark SetGet Specified RuleSearch Rules in a Benchmark SetExecute Action on a Benchmark Set - Enable, Disable, ReassessUpdate Benchmark SetExecute Action on Specified Devices in a Benchmark Set.Get All Benchmark Set SectionsUpdate Benchmark Set RulesSearch Benchmark SetsDelete Benchmark Set
Carbon Black Cloud (CBC)-Workload πŸ—-CIS Benchmarks API-Compliance Information
Search Compliance Information for DevicesExport Compliance Information for DevicesSearch Device Rule ResultsSearch Rule Compliance SummariesSearch Compliance Results for a DeviceSearch Compliance Summaries for a Benchmark SetExport Rule Compliance Summaries
Carbon Black Cloud (CBC)-Workload πŸ—-CIS Benchmarks API-Devices
Export Devices in a Benchmark SetSearch Devices in a Benchmark Set
Carbon Black Cloud (CBC)-Workload πŸ—-CIS Benchmarks API-Bundles
Get Compliance Bundle Version UpdatesGet Rule Info for Bundle VersionAcknowledge Compliance Bundle VersionDiff Compliance Bundle Versions
Carbon Black Cloud (CBC)-Workload πŸ—-Public Cloud Account API
Get Cloud Account by IdImport Cloud Accounts by CSVGet External ID for AWS AccountPerform Action on Multiple AccountsFacet Cloud AccountsDownload Cloud Account Import TemplateOnboard Multiple AccountsCreate Provision TemplateValidate Account RolesDelete Provision TemplateGet Regions for a Cloud AccountUpdate Cloud AccountDelete SSM DocumentBulk Delete Cloud AccountDelete Cloud AccountAdd SSM DocumentExport Cloud AccountsOnboard New Cloud AccountGet Details of a Cloud ProviderSearch Cloud Accounts
On Prem-CB EDR-Process Data
Process Event DetailsProcess PreviewProcess SummaryProcess SearchCollective Defense Cloud QueryProcess Segment Details
On Prem-CB EDR-Binary Data
Binary SearchRetrieve Binary MetadataDownload BinaryRetrieve Binary Icon
On Prem-CB EDR-Alerts
Bulk Update AlertsUpdate/Resolve AlertsSearch Alerts
On Prem-CB EDR-Administrative APIs
CB Enterprise Protection IntegrationServer LicenseServer LicenseCB Enterprise Protection Integration
On Prem-CB EDR-Banning
Ban Binary by HashBan Binary by Hash
On Prem-CB EDR-Watchlists & Feeds
Delete Feed by IDUpdate Feed by IDUpdate Watchlist by IDGet Watchlist by IDGet WatchlistsDelete Watchlist by IDCreate WatchlistCreate FeedGet FeedsGet Feed by ID
On Prem-CB EDR-Threat Reports
Search Threat ReportsBulk Modify Threat Reports
On Prem-CB EDR-Sensors/Endpoints
Retrieve/Modify Sensor Details
On Prem-CB EDR-Live Response
Close SessionsIssue CommandsView Current SessionsStart a New Session
On Prem-App Control
File Upload
Introduction
Carbon Black
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Access Profiles and Grants API
Create Grant for a PrincipalGet Permitted RolesUpdate Grant of a PrincipalUpdate Profile of Principal’s GrantBulk Fetch GrantsDelete ProfileGet Grant of a PrincipalCreate Profile in Principal’s GrantDelete Grant for a Principal
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-Search Alerts - Ungrouped
Export AlertsGet alert histogramGet Alert HistoryFind alerts - UngroupedGet Alert DetailsValidate Search RequestFacet alerts - ungroupedGet Alert Search Suggestions
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-Search Alerts - Grouped by Threat Id
Facet Alerts - GroupedGet alert histogram for grouped alertsFind Alerts - Grouped
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-Notes on Alerts
Get NotesCreate a NoteDelete a Note
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-tags
Get a list of tags based on Threat IdDelete a TagUpdate Tags
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-Threats
Delete a threat-level noteGet notes for a threatGet History of a Threat IDCreate a threat-level note
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-Workflow
Bulk Update Alerts Workflow by Search Definition
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Alerts API-Deprecated - v6
Update Bulk Event WorkflowsGet Alert by IDCreate WorkflowFacet AlertsCreate NoteAlert SearchGet Alert Search SuggestionsDelete NoteGet NotesGet Status of Workflow Update
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Asset Groups-Groups
Update Asset GroupCreate Asset GroupPreview Asset Groups ChangeGet Asset Group by IDExport Asset GroupsGet All Asset GroupsGet Asset Group StatsDelete Asset GroupSearch for Asset Groups
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Asset Groups-Members
Remove Members from Asset GroupGet Asset Group MembersFind Which Member Belongs to Which Group
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Asset Groups-Group Query
Get Asset Group ConfigurationValidate QuerySupported Attribute Keywords
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Asset Groups
Preview Policies Rank Change
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Audit Log API
Search Audit LogsFetch from Audit Log QueueExport Audit Logs
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Data Forwarder Configuration API-Deprecated
⚠️ Create Forwarder⚠️ Forwarder Healthcheck⚠️ Delete Forwarder⚠️ Get Configured Forwarders⚠️ Edit Forwarder
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Data Forwarder Configuration API
Delete Filter on ForwarderValidate FilterEdit Filter on ForwarderCreate Filter on ForwarderForwarder HealthcheckEdit ForwarderGet Configured ForwardersCreate ForwarderDelete ForwarderGet Available Data VersionsGet Specific ForwarderFilterable Event SchemaGet Specific Filter on ForwarderGet Filters on Forwarder
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Devices API
Specific Device InformationLegacy Export Devices (CSV)Export DevicesSearch DevicesScroll DevicesDevice FacetDevice Actions
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Job Service API
Get Job DetailsGet Job ProgressStart an Export Events JobDownload Job Output
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Live Response APIs
Get All SessionsRetrieve CommandGet Commands ListGet File MetadataClose SessionDelete FileIssue CommandRetrieve Command CopyGet All Files MetadataStart SessionDisable Live ResponseUpload File to Carbon Black CloudGet File Content
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Policy Management
Get Policy DetailsDelete PolicyGet Policy SummaryCreate PolicyUpdate Policy
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Policy Rules Management
Add Policy RuleDelete Policy RuleUpdate Policy RuleBulk Modify Policy Rules
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Rule Configs
PresentationLookupParameter Schema
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Rule Config - Core Prevention
Delete Specific Core Prevention Rule ConfigUpdate Core Prevention Rule ConfigsGet Core Prevention Rule Configs
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Rule Config - Data Collection
Get Data Collection Rule ConfigsDelete Specific Data Collection Rule ConfigDelete Data Collection Rule ConfigsUpdate Data Collection Rule Configs
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Rule Config - Host-Based Firewall
Export Host-Based Firewall RulesGet Host-Based Firewall Rule ConfigsDelete Specific Host-Based Firewall Rule ConfigUpdate Host-Based Firewall Rule ConfigsCopy Host-Based Firewall Rule ConfigDelete Host-Based Firewall Rule Configs
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Policy Service API-Rule Config - Bypass
Delete User Parameters for All Bypass Rule Configs.Update Bypass Rule ConfigsList Bypass Rule Configs
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Process Search API-Calls for Processes
Get Time Limits for Available Data (v1)Start a Details Request for Processes (v2)Retrieve Results for a Process Facets Search (v2)Process Search Validation (v2)Start a Facet Search on Processes (v2)Retrieve Results for a Process Summary or Tree Search (v2)Process Search Suggestions (v2)Cancel a Process Search (v1)Start a Process Search (v2)Start a Process Summary Search (v2)Retrieve Results for a Process Detail Search (v2)Retrieve Results for a Process Search (v2)
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Process Search API-Calls for Events
Get Events Facet Associated with a Process (v2)Get Validation for Event Search (v1)Get Suggestions for Event Searching (v1)
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Process Search API-Calls using Enterprise EDR Watchlist Features
Evaluate Processes for a Watchlist (v1)Get Report Hits (v1)
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Process Search API-Deprecated
⚠️ Get the Status of a Process Search (v1)⚠️ Get the Status of a Process Detail Search (v2)Process Search Validation (v1)Process Search Suggestions (v1)⚠️ Get the Status of Process Summary Search (v2)
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Process Search API
Export Process Events Search Results with Jobs Service
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Reputation Override API πŸ—
Search Reputation OverridesDelete Reputation OverrideExport Reputation OverridesConfigure Reputation OverrideBulk Delete Reputation OverridesGet Reputation Override
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Script Deobfuscation API
De-obfuscate script
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Sensor Update Services API-Deprecated
Get a list of all the Sensors in the given JobGet the details of a jobCancel an in progress JobCreate a Sensor Update Job
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Sensor Update Services API
Get Sensor Update JobCreate Sensor Update JobSearch Sensor Update JobsUpdate Sensor Update Job NameSearch Sensors in Sensor Update JobExport Sensors in Sensor Update JobStop Sensor Update Job
Carbon Black Cloud (CBC)-Platform APIs πŸ—-User Management API
Create UserReset Google Authenticator RegistrationDelete UserModify UserList All Users
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Vulnerability Assessment API-Organization Level
Get Asset View with Vulnerability SummaryGet Vulnerability List for Specific OS and ApplicationGet Asset View with Vulnerability Summary for vCenterGet a Vulnerability List in CSV FormatGet a Vulnerability List for a vCenter Server in CSV FormatGet Vulnerability Summary for vCenterExport Asset View with Vulnerability SummaryGet Vulnerability List for Specific OS and Application in vCenterGet Vulnerability SummaryExport Asset View with Vulnerability Summary for vCenter
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Vulnerability Assessment API-Device Level
Perform Action on a DeviceGet a Vulnerability List for Specific vCenter Device in CSV FormatGet Specific vCenter Device Vulnerability ListGet a Vulnerability List for Specific Device in CSV FormatGet Specific Device Vulnerability ListGet Specific Device Vulnerability SummaryPerform Action on a vCenter DeviceGet Specific vCenter Device Vulnerability Summary
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Vulnerability Assessment API-Vulnerability Level
Dismiss Edit VulnerabilitiesGet Affected Assets for Specific Vulnerability in vCenterGet Vulnerability DetailsGet Affected Assets for Specific Vulnerability
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Network Threat Metadata Service API
Get metadata for a detector (rule)
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Observations API-Observations Search Job
Get ResultsCreate Search JobGet Grouped Results
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Observations API-Observation Detail Job
Get ResultsCreate Detail Job
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Observations API-Observation Facet Job
Start Facet JobGet Facet Results
Carbon Black Cloud (CBC)-Platform APIs πŸ—-Observations API
Search Suggestions for ObservationsExport Observations Search Results with Jobs ServiceValidate Observation Search
Carbon Black Cloud (CBC)-Audit and Remediation API-Differential Analysis API
Get Facets From Live Query Results Copy
Carbon Black Cloud (CBC)-Audit and Remediation API-LiveQuery REST API πŸ—-Live Query Run
Get Device Summary From ResultsGet Query Run ResultsGet Facets From Live Query ResultsGet Live Query RecommendationsDelete Query RunGet Device Summary FacetsGet Query HistoryGet Query DetailsStop Query RunScroll All Run ResultsStart Query Run
Carbon Black Cloud (CBC)-Audit and Remediation API-LiveQuery REST API πŸ—-Live Query Template
Delete Query Schedule by IDSearch Live Query TemplatesRetrieve Live Query Template by IDCreate Live Query TemplateEdit Live Query Template by ID
Carbon Black Cloud (CBC)-Containers πŸ—-Management-Policies
Create or Update PolicyGet All PoliciesDelete PolicyGet Policy
Carbon Black Cloud (CBC)-Containers πŸ—-Management-Scopes
Get Scope With PolicyCreate or Update ScopeGet All Scopes With PoliciesGet All ScopesGet Specified ScopeDelete Scope
Carbon Black Cloud (CBC)-Containers πŸ—-Management-Rules
Get All RulesDelete Custom Rule
Carbon Black Cloud (CBC)-Containers πŸ—-Management-Templates
Create or Update a TemplateAdd Rules to TemplatesDelete Custom TemplateGet All Templates
Carbon Black Cloud (CBC)-Containers πŸ—-Image Scanning - Account Analysis Overview
Get clusters, namespaces and repositoriesNew Vulnerabilities - previous 24 hoursSearch Vulnerabilities Over TimeFixes AvailableScan Status
Carbon Black Cloud (CBC)-Containers πŸ—-Scan Logs
Get Scan Log FacetsSearch Scan LogsGet Metadata of Scan Logs
Carbon Black Cloud (CBC)-Containers πŸ—-Image Analysis Inventory
Search ImagesGet Image FacetsSearch Repositories
Carbon Black Cloud (CBC)-Containers πŸ—-Image Scanning Vulnerabilities
Search Vulnerabilites for CVE informationGet Vulnerability SummarySearch Workloads for VulnerabilitiesSearch Vulnerabilities ExceptionsGet CVE
Carbon Black Cloud (CBC)-Containers πŸ—-Setup API
Get Operator CompatibilityCheck Status of a Custom ResourceCreate Custom ResourceGet Full Operator CompatibilityGet Operator Installation DataGet Sensor MetadataGet CLI Installation CommandGet Download Links for CLI
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Audit Log and Notifications
Get Notifications πŸ—Audit Log Events
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Device Control API πŸ—-Approvals
Delete Approval by IDSearch ApprovalsBulk Create ApprovalsUpdate ApprovalGet Approval by IDExport USB Approvals Export
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Device Control API πŸ—-Blocks
Get BlocksGet Block by IDDelete Block by IDUpdate BlockBulk Create Blocks
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Device Control API πŸ—-USB Devices
Get USB Device by IDSearch USB DevicesExport USB Devices InventoryGet Endpoints associated with a USB deviceFacet USB Devices
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Device Control API πŸ—-Products
Get USB Device Vendors and Products Seen
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Enriched Events Search API
Retrieve Results for an Enriched Events Facet Search (v2)Retrieve Results for an Enriched Event Aggregation Search (v1)Export Enriched Events Search Results with Jobs ServiceStart an Enriched Events Search (v2)Retrieve Results for an Enriched Events Search (v2)Start Aggregation Search on Enriched Events (v1)Request Details for Enriched Events (v2)Retrieve Results for an Enriched Event Detail Search (v2)Start a Facet Search on Enriched Events (v2)
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Recommendation API
Search RecommendationsRecommendation Workflow
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Deprecated-⚠️ Live Response APIs πŸ—
⚠️ Get Status of Session⚠️ Start a new session⚠️ Send Command to Endpoint⚠️ Close a session⚠️ Get File Metadata⚠️ Get File Content⚠️ Get Status of Command
Carbon Black Cloud (CBC)-Endpoint Standard API (NGAV)-Deprecated
⚠️ Get details for a Specific Event⚠️ Add Rule to Existing Policy⚠️ Get Details on Alert⚠️ Get List of PoliciesGet the Enriched Events Detail Search Status (v2)⚠️ Find Processes⚠️ Update Existing Rule⚠️ Create New PolicyGet the Enriched Events Search Status (v1)⚠️ Delete Policy⚠️ Update Existing Policy⚠️ Change Status of an Individual Device⚠️ Bulk Sensor Data Retrieval⚠️ Remove Rule from Existing Policy⚠️ Find Events⚠️ Get Status of Individual Device⚠️ Retrieve Policy by ID⚠️ Device Status
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Feed Search API
Health CheckFeed SearchFeed Field Suggest
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Feed Manager API
Create a New Private Feed⚠️ Create a New Public FeedGet Specific FeedUpdate Reserved Feed DelegatesGet ReportsUpdate ReportDelete reportReplace ReportsUpdate Feed InfoGet all FeedsDelete FeedConvert Legacy QueryGet Reserved Feed DelegatesGet ReportCreate a New Reserved FeedGet Feed Info
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-⚠️ Process Search v1
⚠️ Evaluate Processes for a Watchlist⚠️ Process Summary⚠️ Get Time Limits for Available Data⚠️ Process Tree⚠️ Get Suggestions for Event Searching⚠️ Process Search Validation⚠️ Get Events Associated with a Given Process⚠️ Get a List of All Available Process Result Sets⚠️ Get Validation for Event Search⚠️ Get Report Hits⚠️ Process Search Suggestions⚠️ Get Search Process Results⚠️ Get the Status of a Query⚠️ Cancel Process Search⚠️ Start an Asynchronous Process Search⚠️ Health Check
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-⚠️ Process Search v2
⚠️ Get Events Facet Associated with a Given Process⚠️ Get Process Search Results⚠️ Get Enriched Events Facet Results⚠️ Start a Process Facet Job⚠️ Get Events Associated with a Given Process⚠️ Get Enriched Events Search Results⚠️ Start a Process Search Job⚠️ Get Process Facets⚠️ Start Enriched Events Facet Job⚠️ Start an Enriched Events Search Job
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Unified Binary Store
Download FileFile Path InputDevice SummaryRequest SignatureRetrieve Metadata
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Watchlist
Delete WatchlistGet Watchlist Tag StatusGet Report Ignore StatusRe-activate IOCEnable Watchlist TagsGet ReportHealthcheckDisable Watchlist AlertsIgnore IOCDisable Watchlist TagsGet Watchlist Alert StatusGet WatchlistBulk Ignore Report and IOCsSearch (Get) Watchlist TelemetryGet Ignore Status for Provided Report IDsRe-activate ReportUpdate Watchlist⚠️ Get Watchlist TelemetrySet Custom Report SeverityGet All WatchlistsCreate New ReportEnable Watchlist AlertsGet Custom Severity for ReportGet IOC Ignore StatusUpdate a ReportRemove ReportRemove Custom Report SeverityGet Custom Report SeveritiesCreate New WatchlistIgnore Report
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Auth Events-Events Search
Get Auth Events Search SuggestionsGet Auth Events Search Group ResultsGet Auth Events Search ValidationStart Auth Events Search JobGet Auth Events Search Job Results
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Auth Events-Events Details
Start Auth Events Detail JobGet Auth Events Detail Job Results
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Auth Events-Events Facet
Start Auth Events Facet JobGet Auth Events Detail Job Results
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Auth Events
Export Auth Events Search Results with Jobs ServiceGet Auth Events Descriptions
Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) πŸ—-Threat Hunt
Get Threat Hunt Information
Carbon Black Cloud (CBC)-Workload πŸ—-Appliance Service API
Update Appliance InfoRegister AppliancePost Worker Heartbeat Time IntervalGet Appliance Health details
Carbon Black Cloud (CBC)-Workload πŸ—-Sensor Lifecycle Management
Get Sensor Configuration TemplateGet Sensor Kit and Configuration LinksRequest Workload Sensor Installation
Carbon Black Cloud (CBC)-Workload πŸ—-VM Workloads Search API-Deprecated - v1
Fetch Compute Resource by IDSearch and Facet Compute Resources
Carbon Black Cloud (CBC)-Workload πŸ—-VM Workloads Search API
Search AWS Compute ResourcesDownload AWS Compute ResourcesFacet AWS Compute ResourcesCheck Compute Resource EligibilityGet Compute Resource by IDGet AWS Compute Resource Summary
Carbon Black Cloud (CBC)-Workload πŸ—-CIS Benchmarks API-Settings
Update Organization Settings for Compliance AssessmentGet Organization Settings for Compliance Assessment
Carbon Black Cloud (CBC)-Workload πŸ—-CIS Benchmarks API-Benchmark Configuration
Clone a Benchmark SetGet Specified RuleSearch Rules in a Benchmark SetExecute Action on a Benchmark Set - Enable, Disable, ReassessUpdate Benchmark SetExecute Action on Specified Devices in a Benchmark Set.Get All Benchmark Set SectionsUpdate Benchmark Set RulesSearch Benchmark SetsDelete Benchmark Set
Carbon Black Cloud (CBC)-Workload πŸ—-CIS Benchmarks API-Compliance Information
Search Compliance Information for DevicesExport Compliance Information for DevicesSearch Device Rule ResultsSearch Rule Compliance SummariesSearch Compliance Results for a DeviceSearch Compliance Summaries for a Benchmark SetExport Rule Compliance Summaries
Carbon Black Cloud (CBC)-Workload πŸ—-CIS Benchmarks API-Devices
Export Devices in a Benchmark SetSearch Devices in a Benchmark Set
Carbon Black Cloud (CBC)-Workload πŸ—-CIS Benchmarks API-Bundles
Get Compliance Bundle Version UpdatesGet Rule Info for Bundle VersionAcknowledge Compliance Bundle VersionDiff Compliance Bundle Versions
Carbon Black Cloud (CBC)-Workload πŸ—-Public Cloud Account API
Get Cloud Account by IdImport Cloud Accounts by CSVGet External ID for AWS AccountPerform Action on Multiple AccountsFacet Cloud AccountsDownload Cloud Account Import TemplateOnboard Multiple AccountsCreate Provision TemplateValidate Account RolesDelete Provision TemplateGet Regions for a Cloud AccountUpdate Cloud AccountDelete SSM DocumentBulk Delete Cloud AccountDelete Cloud AccountAdd SSM DocumentExport Cloud AccountsOnboard New Cloud AccountGet Details of a Cloud ProviderSearch Cloud Accounts
On Prem-CB EDR-Process Data
Process Event DetailsProcess PreviewProcess SummaryProcess SearchCollective Defense Cloud QueryProcess Segment Details
On Prem-CB EDR-Binary Data
Binary SearchRetrieve Binary MetadataDownload BinaryRetrieve Binary Icon
On Prem-CB EDR-Alerts
Bulk Update AlertsUpdate/Resolve AlertsSearch Alerts
On Prem-CB EDR-Administrative APIs
CB Enterprise Protection IntegrationServer LicenseServer LicenseCB Enterprise Protection Integration
On Prem-CB EDR-Banning
Ban Binary by HashBan Binary by Hash
On Prem-CB EDR-Watchlists & Feeds
Delete Feed by IDUpdate Feed by IDUpdate Watchlist by IDGet Watchlist by IDGet WatchlistsDelete Watchlist by IDCreate WatchlistCreate FeedGet FeedsGet Feed by ID
On Prem-CB EDR-Threat Reports
Search Threat ReportsBulk Modify Threat Reports
On Prem-CB EDR-Sensors/Endpoints
Retrieve/Modify Sensor Details
On Prem-CB EDR-Live Response
Close SessionsIssue CommandsView Current SessionsStart a New Session
On Prem-App Control
File Upload
HomeCarbon BlackCarbon Black Cloud (CBC)-Platform APIs πŸ—-Process Search API

Carbon Black Cloud (CBC)-Platform APIs πŸ—-Process Search API

Number of APIs: 1

  1. Export Process Events Search Results with Jobs Service POST {{cb_url}}/jobs/v1/orgs/{{cb_org_key}}/jobs/start/event_export
Previous
⚠️ Get the Status of Process Summary Search (v2)
Next
Export Process Events Search Results with Jobs Service