This article provides the steps necessary to write and run a simple PowerShell script
that queries the Red Canary API.
Estimated procedure time: 10 minutes.
Prerequisites
Before you run any code, make sure you have the following:
- Your API key. If you don't have your API key, or you need to reset an old key, see Reset your API key in the Red Canary Help Center.
- The latest recommended version of PowerShell. To download PowerShell, see Install PowerShell on Windows, Linux, and macOS in the Microsoft docs.
Create your PowerShell script
Create a PowerShell script called example.ps1
, which fetches a list of endpoints from a subdomain.
- In your working directory, create a new file called
example.ps1
, and then copy the following code into it.
# Create a GET request and save the response.
$response = Invoke-WebRequest https://<subdomain>.my.redcanary.co/openapi/v3/endpoints `
-Headers @{'X-Api-Key' = '<API key>'} `
-Method GET
# Print the body of the response.
$response.Content - In
example.ps1
, replace<subdomain>
with the Red Canary subdomain you want to query. - In
example.ps1
, replace<API key>
with your API key. - Save
example.ps1
.
Run the example
Open PowerShell, and run your example.
.\example.ps1
The script should print a JSON object containing the first page of endpoints associated with the subdomain.
Note: You might need to change PowerShell's execution policy to RemoteSigned
to run your script. For more information, see Change the execution policy in the Microsoft docs.
Customize your request with parameters
You can use HTTP parameters to customize the results of your request. Visit the Red Canary API docs for a list of supported parameters for each API endpoint.
Example: Limit the number of endpoints returned
Limit the number of endpoints returned by example.ps1
using the per_page
parameter.
- Open
example.ps1
, and edit the response to include the-Body
parameter.
$response = Invoke-WebRequest https://<subdomain>.my.redcanary.co/openapi/v3/endpoints `
This sets the number of requested endpoints to one.
-Headers @{'X-Api-Key' = '<API key>'} `
-Method GET `
-Body @{'per_page' = '1'} - Save
example.ps1
, and then run the example. The program should print a JSON object containing exactly one endpoint.
Comments
0 comments
Please sign in to leave a comment.