Run Script
Initiate a new endpoint script execution action using
a script from the script library.
Synopsis
URI | /public_api/v1/scripts/run_script/ |
HTTP Method | POST |
Required License | Cortex XDR Pro per Endpoint |
Description
Initiate a new endpoint script
execution action using a script from the script library.
Request Fields
The body of this request
contains a JSON object with the following fields:
Field | Description |
---|---|
request_data | ( Required ) A dictionary containing the
API request fields. |
script_uid | ( Required ) GUID, unique identifier of
the script, returned by the “get scripts” API per script. |
parameters_values | ( Required ) Dictionary, contains
the parameter name, key and its value for
this execution, value . |
timeout | Integer, represents the timeout in seconds
for this execution. Default value is 600. |
filters | ( Required ) Provides an array of filtered
fields for running the script on a number of endpoints at once. Each
JSON object must contain the following keywords:
|
Request Example
curl -X POST https://api-{fqdn}/public_api/v1/scripts/run_script/ \ -H "x-xdr-auth-id:{API_KEY_ID}" \ -H "Authorization:{API_KEY}" \ -H "Content-Type:application/json" \ -d '{ "request_data":{ "filters":[ { "field":"endpoint_id_list", "operator":"in", "value":[ "<endpoint ID>" ] } ], "script_uid":"<unique ID>", "parameters_values":{ "x":"param input as string", "y":4 } } }'
Success Response
Upon success,
the HTTP response code is 200.
Field | Description |
---|---|
reply | JSON object containing the query result. |
action_id | Integer, ID of the action initiated. ID
will be used as a reference to track in the action center. |
endpoints_count | Integer, number of endpoints the action
was initiated on. |
status |
Success Response Example
{ "reply":{ "action_id":22519813685366, "status":1, "endpoints_count":1 } }
Error Response
Upon error,
the reply includes an HTTP response code, an error message, and
additional information describing the error. The HTTP response code
is one of the following:
Field | Description |
---|---|
400 | Bad Request. Got an invalid JSON. |
401 | Unauthorized access. An issue occurred during authentication.
This can indicate an incorrect key, id, or other invalid authentication
parameters. |
402 | Unauthorized access. User does not have the
required license type to run this API. |
403 | Forbidden access. The provided API Key does
not have the required RBAC permissions to run this API. |
500 | Internal server error. A unified status for
API communication type errors. |
Error Response Format
{"reply": {"err_code": STATUS_CODE, "err_msg": GENERAL_MESSAGE, "err_extra": EXTRA_DATA}}
Recommended For You
Recommended Videos
Recommended videos not found.