Environment
- Predictive Security Cloud (PSC) Console: All Versions
- CB Defense
- CB LiveOps
- CB ThreatHunter
- CB ThreatSight
- Machine able to run Postman
This article uses an undocumented API route which is not officially supported and may change or disappear at any time
Objective
Provide details on exporting data from the Malware Removal page using Postman
Resolution
1. Create API Key
- Log into Console
- Go to Settings > API Keys
- Copy Org ID
- Click 'Add API Key' button
- 'Add API Key' modal/pop-up appears
- Enter name for easy identification
Example: Malware_Removal_Export
- Set Access Level
Access level: Custom
Custom access level: View All
*Warning message can be ignored:
This permission set may contain unversioned APIs. Visit developer.carbonblack.com for all currently supported/versioned APIs.
- Enter Description as desired
- Click 'Save'
- Copy API credentials displayed ({{api_id}}, {{secret_key}} below)
2. Configure Postman
- Download and install Postman
- Download configuration JSON file and import into Postman
- Define variables and name the Environment for use with API calls
{{api_id}}
{{environment}}
{{org_id}}
{{secret_key}
- Select the Environment created
- View Collection named 'Malware Removal Export'
- Run the 'Malware Detected' call
- Click 'Save Response' > 'Save to a file' and name the file (Ex: Malware_Detected.json)
- Run the 'Malware Deleted' call
- Click 'Save Response' > 'Save to a file' and name the file (Ex: Malware_Deleted.json)
Additional Notes
- The '/binary/knownbad' API is served to the Console and not currently configured to work as a standalone API, which is why the Access Level is a User role from the Console
- For ease of use, there are a number of options available online to convert JSON files to CSV using Python, Java, etc.
Related Content
