Forum Discussion

wzender's avatar
wzender
Copper Contributor
Oct 25, 2024

Cannot run a AntiVirusScan via API [python]

Hello everyone,

 

I'm trying to run a scan via API using this endpoint : https://api.security.microsoft.com/api/machines/{id}/runAntiVirusScan.

At this moment, the status is Pending.

The request is successful, but for some reason, when I try to get the status of my scan on this endpoint: "https://api.securitycenter.microsoft.com/api/machineactions/{machine_action}", the status goes to Failed with errorHResult "-2147020579". This HResult code refers to 0x8007007B - ERROR_INVALID_NAME (correct me if I'm wrong).

 

As I'm able to isolate my device, I guess that my machine_id and token are good and I can communicate with my remote laptop.

 

My permissions are well set :

Machine.Isolate

Application

Isolate machine

 
 

Machine.ReadWrite.All

Application

Read and write all machine information

 
 

Machine.Scan

Application

Scan machine

 
 

Machine.StopAndQuarantine

Application

Stop and quarantine file

 

I do not understand what's going on. Does someone already encounter this issue ?

 

Here are my two functions :

 

def run_antivirus_scan(id, aadToken):
    url = f"https://api.security.microsoft.com/api/machines/{id}/runAntiVirusScan"
    json_data = {
        'Comment': 'Test',
        'ScanType': 'Quick'
    }
    headers = {
        'Authorization': 'Bearer ' + aadToken,
        'Content-Type': 'application/json'
    }
   
    try:
        response = requests.post(url=url, headers=headers, json=json_data)
        response.raise_for_status()
        result = response.json()
        print(result)
        return result.get("id")
    except requests.exceptions.HTTPError as http_err:
        print(f"HTTP error occurred: {http_err}")
    except requests.exceptions.RequestException as req_err:
        print(f"Request error occurred: {req_err}")
    except ValueError as json_err:
        print(f"JSON decode error: {json_err}")
    except KeyError as key_err:
        print(f"Key error: {key_err}")
def check_scan_result(machine_action, aadToken):
    url = f"https://api.securitycenter.microsoft.com/api/machineactions/{machine_action}"
    headers = {
        'Authorization': 'Bearer ' + aadToken,
        'Content-Type': 'application/json'
    }
    
    try:
        response = requests.get(url=url, headers=headers)
        response.raise_for_status() 
        result = response.json()
        print(result)
        return result
    except requests.exceptions.HTTPError as http_err:
        print(f"HTTP error occurred: {http_err}")
    except requests.exceptions.RequestException as req_err:
        print(f"Request error occurred: {req_err}")
    except ValueError as json_err:
        print(f"JSON decode error: {json_err}")
    except KeyError as key_err:
        print(f"Key error: {key_err}")

 

No RepliesBe the first to reply

Resources