Using the API to get devices with Malware

Occasional Visitor

Hi All,

 

Does anyone have any guidance on how to get the Devices with malware detection with the API? I dont see it in the documentation unless I've missed it. Someone posted a way how to get the query but I am not sure what end point to use. Ideally this is the data I would like to extract.

 

Screenshot 2022-04-14 162807.jpg

 

Thanks yall

1 Reply
The advanced hunting API should be a good endpoint for this. It will allow you to run that query against it.

https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/run-advanced-query-api?vie...