cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Powershell API Calls to Create Tags Failing with no Error Message

%3CLINGO-SUB%20id%3D%22lingo-sub-2062050%22%20slang%3D%22en-US%22%3EPowershell%20API%20Calls%20to%20Create%20Tags%20Failing%20with%20no%20Error%20Message%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2062050%22%20slang%3D%22en-US%22%3E%3CP%3EI%20created%20a%20PowerShell%20script%20that%20calls%20the%20Security%20Center%20Defender%20for%20Endpoint%20api%20to%20create%20a%20machine%20tag.%26nbsp%3B%20I%20am%20experiencing%20some%20irregular%20behavior.%26nbsp%3B%20I%20will%20make%20the%20call%2C%20and%20it%20will%20return%20a%20success%20code%20of%20200%20and%20my%20expectation%20is%20the%20tag%20has%20been%20created.%26nbsp%3B%20When%20I%20go%20into%20Security%20Center%20for%20Defender%20for%20Endpoint%2C%20I%20may%20not%20see%20the%20tag.%26nbsp%3B%20I%20could%20run%20the%20same%20script%20again%2C%20and%20the%20tag%20will%20be%20there.%26nbsp%3B%20I%20am%20making%20sure%20to%20stay%20within%20the%20API%20limitations%20of%20100%20calls%20per%20minute%2C%201500%20calls%20per%20hour.%26nbsp%3B%20I%20don't%20know%20what%20is%20wrong.%26nbsp%3B%20Any%20ideas%3F%26nbsp%3B%20Here%20is%20a%20snippet%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%24myurl%20%3D%20%22%3CA%20href%3D%22https%3A%2F%2Fapi-us.securitycenter.windows.com%2Fapi%2Fmachines%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fapi-us.securitycenter.windows.com%2Fapi%2Fmachines%2F%3C%2FA%3E%22%20%2B%20%24machine.id%20%2B%20%22%2Ftags%22%3C%2FP%3E%3CP%3E%24body%20%3D%3CBR%20%2F%3E%40%7B%3CBR%20%2F%3E%26nbsp%3B%20%26nbsp%3B%22Value%22%20%3D%20%24tag%3CBR%20%2F%3E%26nbsp%3B%20%26nbsp%3B%20%E2%80%9CAction%E2%80%9D%20%3D%20%22Add%22%3CBR%20%2F%3E%7D%3C%2FP%3E%3CP%3E%23%20Send%20the%20webrequest%20and%20get%20the%20results.%3CBR%20%2F%3E%24response%20%3D%20Invoke-WebRequest%20-Method%20Post%20-Uri%20%24myurl%20-Body%20(%24body%20%7C%20ConvertTo-Json)%20-Headers%20%24headers%20-ErrorAction%20Stop%3CBR%20%2F%3Eif%20(%24response.StatusCode%20-eq%20200)%3CBR%20%2F%3E%7B%3CBR%20%2F%3E%26nbsp%3B%20%26nbsp%3BWrite-Host%20%22Added%20tag%20%24tag%20to%20%22%20%24machine.computerDnsName%3C%2FP%3E%3CP%3E%7D%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2063634%22%20slang%3D%22en-US%22%3ERe%3A%20Powershell%20API%20Calls%20to%20Create%20Tags%20Failing%20with%20no%20Error%20Message%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2063634%22%20slang%3D%22en-US%22%3EI%20tag%20a%20lot%20of%20machines%20with%20the%20API%20and%20haven't%20had%20any%20real%20issues.%3CBR%20%2F%3EIt%20might%20be%20possible%20that%20there%20is%20some%20delay%20between%20when%20you%20add%20it%20through%20the%20API%20and%20when%20it's%20visible%3F%3CBR%20%2F%3EHave%20you%20tried%20to%20check%20through%20the%20API%20is%20you%20see%20the%20tag%20there%3F%3C%2FLINGO-BODY%3E
bellinghamlady
New Contributor

‎01-14-2021 11:30 AM

‎01-14-2021 11:30 AM

Powershell API Calls to Create Tags Failing with no Error Message

I created a PowerShell script that calls the Security Center Defender for Endpoint api to create a machine tag.  I am experiencing some irregular behavior.  I will make the call, and it will return a success code of 200 and my expectation is the tag has been created.  When I go into Security Center for Defender for Endpoint, I may not see the tag.  I could run the same script again, and the tag will be there.  I am making sure to stay within the API limitations of 100 calls per minute, 1500 calls per hour.  I don't know what is wrong.  Any ideas?  Here is a snippet:

 

$myurl = "https://api-us.securitycenter.windows.com/api/machines/" + $machine.id + "/tags"

$body =
@{
   "Value" = $tag
    “Action” = "Add"
}

# Send the webrequest and get the results.
$response = Invoke-WebRequest -Method Post -Uri $myurl -Body ($body | ConvertTo-Json) -Headers $headers -ErrorAction Stop
if ($response.StatusCode -eq 200)
{
   Write-Host "Added tag $tag to " $machine.computerDnsName

}

48 Views
0 Likes
2 Replies
Reply
2 Replies
Thijs Lecomte

Friday

Friday

Re: Powershell API Calls to Create Tags Failing with no Error Message

I tag a lot of machines with the API and haven't had any real issues.
It might be possible that there is some delay between when you add it through the API and when it's visible?
Have you tried to check through the API is you see the tag there?
0 Likes
Reply
bellinghamlady

Sunday

Sunday

Re: Powershell API Calls to Create Tags Failing with no Error Message

@Thijs Lecomte 

I do not see the tags even after waiting a day.  They are really not there.  The problem occurs both when adding and removing tags.  I get a 200 response, indicating everything was OK, but then the tag was not added or removed as expected.  I guess I could do another call to see if the tag is there, but it wastes a lot of API calls.

0 Likes
Reply