Forum Discussion

JasonW1580's avatar
JasonW1580
Copper Contributor
Aug 06, 2024

Get Device Inventory list using graph/powershell/cli

Hello,

I am currently in the process of onboarding a set of Windows and Linux servers into Defender for Servers. 

I am trying to figure out how I can pull the Device Inventory list located under Microsoft Defender -> Assets -> Device Inventory programmatically.

I tried Get-MgDeviceManagementManagedDevice but this only returns the devices in Intune which does not include the servers.

Thanks

 

  • JasonW1580 

     

    I have written a PowerShell script for you to use for the export of inventory.
    Only thing you need to do before it will work, is to create an app registration, create a secret in that app registration, and add WindowsDefenderATP "Machine.Read.All" application permission under API Permissions. 

     

    # PLEASE UPDATE THESE 3 VARIABLES - REMOVE {} ALSO

    $clientID = "{INSERT-APPREGISTRATION-APPID-HERE}"
    $clientSecret = "{INSERT-APPREGISTRATION-SECRET-HERE}"
    $tenantID = "{INSERT-TENANTID-HERE}"
     
    # DO NOT CHANGE BELOW THIS LINE
    $oAuthUri = "https://login.microsoftonline.com/$TenantID/oauth2/token"
    $body = [Ordered] @{
        resource = "$resourceAppIdUri"
        client_id = "$clientID"
        client_secret = "$clientSecret"
        grant_type = 'client_credentials'
    }
    $response = Invoke-RestMethod -Method Post -Uri $oAuthUri -Body $body -ErrorAction Stop
    $aadToken = $response.access_token

    $Headers = @{
        "Authorization" = "Bearer $($AccessToken)"
        "Content-type"  = "application/json"
    }

    $headers = @{
        'Content-Type' = 'application/json'
        Accept = 'application/json'
        Authorization = "Bearer $aadToken"
    }

    $webResponse = Invoke-WebRequest -Method Get -Uri $url -Headers $headers -ErrorAction Stop
    $response =  $webResponse | ConvertFrom-Json

    $response | format-table
    • JasonW1580's avatar
      JasonW1580
      Copper Contributor
      Thank you. I was looking in the wrong API. This worked great.
  • JasonW1580 

     

    I have written a PowerShell script for you to use for the export of inventory.
    Only thing you need to do before it will work, is to create an app registration, create a secret in that app registration, and add WindowsDefenderATP "Machine.Read.All" application permission under API Permissions. 

     

    # PLEASE UPDATE THESE 3 VARIABLES - REMOVE {} ALSO

    $clientID = "{INSERT-APPREGISTRATION-APPID-HERE}"
    $clientSecret = "{INSERT-APPREGISTRATION-SECRET-HERE}"
    $tenantID = "{INSERT-TENANTID-HERE}"
     
    # DO NOT CHANGE BELOW THIS LINE
    $oAuthUri = "https://login.microsoftonline.com/$TenantID/oauth2/token"
    $body = [Ordered] @{
        resource = "$resourceAppIdUri"
        client_id = "$clientID"
        client_secret = "$clientSecret"
        grant_type = 'client_credentials'
    }
    $response = Invoke-RestMethod -Method Post -Uri $oAuthUri -Body $body -ErrorAction Stop
    $aadToken = $response.access_token

    $Headers = @{
        "Authorization" = "Bearer $($AccessToken)"
        "Content-type"  = "application/json"
    }

    $headers = @{
        'Content-Type' = 'application/json'
        Accept = 'application/json'
        Authorization = "Bearer $aadToken"
    }

    $webResponse = Invoke-WebRequest -Method Get -Uri $url -Headers $headers -ErrorAction Stop
    $response =  $webResponse | ConvertFrom-Json

    $response | format-table

Resources