Forum Discussion
Use powershell to add a tag to a MS Defender device
I did that and don't know how but the token issue seems that is solved. Now I've got the same piece of code but with another error, which is:
Invoke-RestMethod:
{
"error": {
"code": "InvalidRequestBody",
"message": "Request body is incorrect",
"target": "|5ca2fd80-4d6cdfba5c72ce16."
}
}
But the code is just the same. The $body variable has this content:
{
"Value": "Vulnerability-Update",
"Action": "Add"
}
Which is aligned with the body which is used on the API Explorer in MDE portal.
Any way to debug this?
Thanks
- But to answer your question, I don't know of a log or tool on the MDE side for debugging APi requests our code generates. You could use Fiddler or a similar local proxy tool (Postman maybe?) to look at exactly what your code is sending and examine the full response.
jbmartin6 Thanks for the tips.
Finally it's working. First, instead of using a variable on the creation of the body, like this:
$Body = @{"Value"=$Tag;"Action"="Add"}I removed the variable and added a value and it worked. Then I start messing with the variable values and then, the same variable value I had before worked, without really understanding why, but now it's working fine.
Great that it is working! I had a similar experience trying to run hunting queries using the API, there were some character escapes needed but then sometimes it still failed. I'm sure there is some technical wrinkle of strings or powershell that we are missing.