-
Notifications
You must be signed in to change notification settings - Fork 6
Get SophosCentralEndpoint
external help file: SophosCentral-help.xml Module Name: SophosCentral online version: https://developer.sophos.com/docs/endpoint-v1/1/routes/endpoints/get schema: 2.0.0
Get Endpoints in Sophos Central (Workstations, Servers)
Get-SophosCentralEndpoint [[-HealthStatus] <String[]>] [[-Type] <String[]>]
[[-TamperProtectionEnabled] <Boolean>] [[-LockdownStatus] <String[]>] [[-IsolationStatus] <String>]
[[-HostnameContains] <String>] [[-IpAddresses] <String>] [[-MacAddresses] <String>]
[[-LastSeenBefore] <Object>] [[-LastSeenAfter] <Object>] [[-ID] <String[]>] [<CommonParameters>]
Get Endpoints in Sophos Central (Workstations, Servers)
Get-SophosCentralEndpoint
List all endpoints in the tenant
Get-SophosCentralEndpoint -HealthStatus 'bad'
List all endpoints with a bad health status
Get-SophosCentralEndpoint -TamperProtectionEnabled $false
List all endpoints with tamper protection disabled
Get-SophosCentralEndpoint -LastSeenBefore '-P90D'
List all endpoints seen more than 90 day ago
Get-SophosCentralEndpoint -LastSeenAfter '-P1D'
List all endpoints seen in the last 1 day
Get-SophosCentralEndpoint -LastSeenAfter (Get-Date).AddDays(-1)
List all endpoints seen in the last 1 day
Get-SophosCentralEndpoint -LastSeenAfter '-PT2H'
List all endpoints seen in the last 2 hours
Get-SophosCentralEndpoint -LastSeenAfter '-PT20M'
List all endpoints seen in the last 20 minutes
Get-SophosCentralEndpoint -LastSeenAfter '-P3DT4H5M0S'
List all endpoints seen in the last 3 days 4 hours 5 minutes and 0 seconds
Find endpoints by health status. The following values are allowed: bad, good, suspicious, unknown
Type: String[]
Parameter Sets: (All)
Aliases:
Required: False
Position: 1
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseFind endpoints by type. The following values are allowed: computer, server, securityVm
Type: String[]
Parameter Sets: (All)
Aliases:
Required: False
Position: 2
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseFind endpoints by whether Tamper Protection is turned on.
Type: Boolean
Parameter Sets: (All)
Aliases:
Required: False
Position: 3
Default value: False
Accept pipeline input: False
Accept wildcard characters: FalseFind endpoints by lockdown status.
Type: String[]
Parameter Sets: (All)
Aliases:
Required: False
Position: 4
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseFind endpoints by isolation status.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 5
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseFind endpoints where the hostname contains the given string. Only the first 10 characters of the given string are matched.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 6
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseFind endpoints by IP addresses.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 7
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseFind endpoints by MAC Addresses. Can be in EUI-48 or EUI-64 format, case insensitive, colon, hyphen or dot separated, or with no separator e.g. 01:23:45:67:89:AB, 01-23-45-67-89-ab, 0123.4567.89ab, 0123456789ab, 01:23:45:67:89:ab:cd:ef.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 8
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseFind endpoints last seen before this. Accepts either [datetime] or a string in the ISO 8601 Duration format (https://en.wikipedia.org/wiki/ISO_8601#Durations)
Type: Object
Parameter Sets: (All)
Aliases:
Required: False
Position: 9
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseFind endpoints last seen after this. Accepts either [datetime] or a string in the ISO 8601 Duration format (https://en.wikipedia.org/wiki/ISO_8601#Durations)
Type: Object
Parameter Sets: (All)
Aliases:
Required: False
Position: 10
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseFind endpoints with the specified IDs.
Type: String[]
Parameter Sets: (All)
Aliases:
Required: False
Position: 11
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseThis cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
https://developer.sophos.com/docs/endpoint-v1/1/routes/endpoints/get