Posted on September 30, 2019
We have exposed new enhancements to the Alerts and Devices Platform APIs, giving you more efficent control over the devices and data in your organizations. The most current documentation on these APIs is available at the Platform APIs page.
We have extended the capabilities of the Alerts API by improving the methods of retrieving alerts and adding functionality to manage the workflows.
With the addition of the Search Request pathway in the Alerts API, you can now filter on dozens of fields, including creation time, category, type, status, tag, and more, allowing you to more efficiently call the API. A full list of filterable criteria is available in the Alerts API Documentation.
Additionally, we have enabled greater control of workflows with the ability to dismiss alerts or to update event workflows in bulk.
Significant improvements have been made to the Devices API around retrieving device information and performing actions on devices. A wider range of filterable fields are available, including policy ID, status, operating system, last contact time, and more.
You can now search for devices, export a list of devices, and get specific device information with the enhanced Devices API. These routes take advantage of the wider range of filterable fields available, enabling you to be more efficient when calling the API.
Further enhancements also add the functionality to perform actions on devices. You can now perform actions on individual devices such as quarantine/unquarantine, enable or disable bypass, upgrade to a new sensor version, and more.
These enhanced APIs use Role Based Access Control, which allows you to apply access controls and create least-privileged API keys. Ensure you’re using API keys with the correct permissions by reviewing our Carbon Black Cloud Authentication Guide.