post
/public_api/v1/scripts/get_script_execution_results
Retrieve the results of a script execution action.
Required license: Cortex XDR Pro per Endpoint or Cortex XDR Pro per GB
CURL
curl -X POST \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
"https://api-yourfqdn/public_api/v1/scripts/get_script_execution_results" \
-d '{
"request_data" : {
"action_id" : "action_id"
}
}'
Response
{
"reply": {
"script_name": "snippet script",
"script_description": "",
"script_parameters": [],
"date_created": "2020-03-29 13:21:59",
"scope": "win_10and 21 other endpoints",
"error_message": "",
"results": [
{
"endpoint_name": "<name>",
"endpoint_ip_address": [
"<IP address>"
],
"endpoint_status": "LOST",
"domain": "aaaa",
"endpoint_id": "<endpoint ID>",
"execution_status": "PENDING",
"standard_output": null,
"retrieved_files": 0,
"failed_files": 0,
"retention_date": null
},
{
"endpoint_name": "<name>",
"endpoint_ip_address": [
"<IP address>"
],
"endpoint_status": "LOST",
"domain": "<domain name>",
"endpoint_id": "<endpoint ID>",
"execution_status": "PENDING",
"standard_output": null,
"retrieved_files": 0,
"failed_files": 0,
"retention_date": null
},
{
"endpoint_name": "<name>",
"endpoint_ip_address": [
"<IP address>"
],
"endpoint_status": "DISCONNECTED",
"domain": "WORKGROUP",
"endpoint_id": "<endpoint ID>",
"execution_status": "PENDING",
"standard_output": null,
"retrieved_files": 0,
"failed_files": 0,
"retention_date": null
}
]
}
}
Request
Body
optional
Example:
{"request_data":{"action_id":""}}
request_data
required
A dictionary containing the API request fields.
action_id
required
String
Action ID. This can be found in the Cortex XDR console Response > Action Center > Action ID field.
Responses