BitDefAPI/BitDefender_get_endpoint_status_via_API.powershell at master · jaondayko/BitDefAPI · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
## Functions

function GetSubGroups {
  param (
    [string]$GroupId = ''
  )
  #Write-Host "Working on Group: $GroupId"
  $results = @($GroupId)
  $groups = Get-CustomGroupList -GroupId $GroupId
  #Write-Host " Child Groups: $($groups -join ", ")"
  if($groups.count -ge 1){
    $groups | % {GetSubGroups -GroupId $_ | % {$results += $_}}
    #Write-Host "Results: $($results -join ", ")"
  }
  return $results
}

function Get-CustomGroupList {
  param(
    [string]$GroupId = $null
  )

  if ($groupId){
    $payload = @{
      id      = 1;
      jsonrpc = "2.0";
      method  = "getCustomGroupsList";
      params = @{
        parentId = "$GroupId";
      }
    } | ConvertTo-Json
  }
  else{
    $payload = @{
      id      = 1;
      jsonrpc = "2.0";
      method  = "getCustomGroupsList";
    } | ConvertTo-Json
  }

  $response = Invoke-RestMethod `
    -Uri $apiUrl `
    -Method Post `
    -Headers $headers `
    -Body $payload `
    -ErrorAction Stop `
    -ContentType "application/json"
  return $response.result.id
}

function Get-EndpointsList {
  param(
    [string]$ParentId
  )

  $payload = @{
    id      = 1;
    jsonrpc = "2.0";
    method  = "getEndpointsList";
    params  = @{
      parentId = "$ParentId";
    }
  } | ConvertTo-Json

  $response = Invoke-RestMethod `
    -Uri $apiUrl `
    -Method Post `
    -Headers $headers `
    -Body $payload `
    -ErrorAction Stop `
    -ContentType "application/json"

   return $response.result.items
}

function Get-ManagedEndpointDetails {
  param(
    [string]$EndpointId
  )
  $payload = @{
    id      = 1;
    jsonrpc = "2.0";
    method  = "getManagedEndpointDetails";
    params  = @{
      endpointId = "$EndpointId";
    }
  } | ConvertTo-Json

  $response = Invoke-RestMethod `
    -Uri $apiUrl `
    -Method Post `
    -Headers $headers `
    -Body $payload `
    -ErrorAction Stop `
    -ContentType "application/json"
  return $response.result
}
#Code

$apiUrl = "https://cloud.gravityzone.bitdefender.com/api/v1.0/jsonrpc/network"
$apiKey = "XXXXXXXXX" #Insert API Key Here
$apiKey = $apiKey + ":"
$Base64 = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($apiKey))

$headers = @{
  'Authorization' = "Basic $Base64"
}

#Get List of Groups
$groups = @()
$topLevelGroups = Get-CustomGroupList
Write-Host "Processing Top Level Groups"
$topLevelGroups | % {GetSubGroups -GroupId $_ | % {$groups += $_}}

#Get List of endpoints in each group
$computers = @()
foreach ($group in $groups){
  $endpoints = Get-EndpointsList -ParentId $group

  #Get Detailed Information about each endpoint
  foreach ($c in $endpoints) {
    Write-Host "Working on Computer: $($c.name)"
    $computers += Get-ManagedEndpointDetails -EndpointId $c.id
  }
}

$computers | Select-Object Name, OperatingSystem, Label, MalwareStatus, Group | format-table -Property *