I am currently working on extracting intrusion prevention rules from every computer under my Deep Security Manager, from which I will be using this data for an excel sheet.
So far, I have use the below API call to get a list of intrusion prevention rules for every computer that I have. However, the API call does not return the following pieces of data (see image, pointed with Red Arrow):
- Microsoft Vulnerability Code
- Status of scheduled task
- Categpry of applied Intrusion Prevention Rule
I wish to obtain similar looking result to the Intrusion Prevention table in the attached image above/below, but from the API call provided. enter image description here Link to API documentation : https://automation.deepsecurity.trendmicro.com/article/20_0/api-reference/tag/Intrusion-Prevention-Rules#operation/listIntrusionPreventionRules
Is this possible at all?
I've tried the following code (small snippet due to confidentiality of codebase):
try:
intrusion_prevention_response = intrusion_prevention_search_handle.list_intrusion_prevention_rules_on_computer(computer.id, api_version, overrides=False)
except ApiException as e :
print("An exception occurred when calling ComputerIntrusionPreventionRuleDetailsApi.describe_intrusion_prevention_rule_on_computer: %s\n" % e)
But there is no way to access the following fields from the response of this API call
- Microsoft Vulnerability Code, eg. intrusion_prevention_response[0].microsoft_vulnerability_code for example
- Status of scheduled task, eg. intrusion_prevention_response[0].scheduled_task_status
- Category of applied Intrusion Prevention Rule, eg. intrusion_prevention_response[0].category
