[KSC OpenAPI Query]

@rshumsky Could you help with this one?

[KSC OpenAPI Query]

Is there anyway that we can include a variable for the "KLHST_WKS_HOSTNAME" to the alerts generated by the KSC? 

If that were possible we could get straight to the endpoint in question without having to drill-down by making quite so many calls and server-side array queries. It would also avoid any ambiguity where endpoint hostnames can occur more than once across different sites/groups.

[KSC 11 OpenAPI usage problems]

Is there anyway that we can include a variable for the "KLHST_WKS_HOSTNAME" to the alerts from the KSC? If that were possible we could get straight to the endpoint in question without having to drill-down by making quite so many calls and server-side array queries. It would also avoid any ambiguity where endpoint hostnames can occur more than once across different sites/groups.

[KSC 11 OpenAPI usage problems]

Is there no way to close an already open session when you are done with it? I am used to opening a session, passing some commands then closing or deleting that session. if not we could try using the token authentication method, but the documentation for the APi is not the best and the layout can be a little confusing at times.

[KSC 11 OpenAPI usage problems]

Thanks for the reply rshumsky . Unfortunately we are having problems establishing a session again to the API using the basic authentication method. This works fine for roughly 24 hours then following that whenever we try to start a session again we receive a 403 forbidden response with a message "authentication header unexpected". If we try a new account this will work again, but by tomorrow we will receive the same message.

[KSC 11 OpenAPI usage problems]

rshumsky Could you help with this?

[KSC 11 OpenAPI usage problems]

Can anyone shed some light on the proper syntax/format to use in a cURL command that will return results to the strAccessor wstring? We are trying to query the FindGroups and FindHosts methods of the HostGroup class so that we can return hostnames to work with (KLHST_WKS_HOSTNAME) but not having any luck. As an example, the data field we are passing to FindGroups is currently -d '{wstrFilter: "", vecFieldsToReturn: ["id", "name"], lMaxLifeTime: 60}'

[KSC 11 OpenAPI login problem]

rshumsky Thanks for your assistance with this one. It appears that our documentation was incorrect and the web console was installed using a different port! Have changed the port and now can authenticate.

[KSC 11 OpenAPI login problem]

Thanks rshumsky , We have already tried it without the internal field but with no internal field specified we receive a message stating that the authentication header is invalid. If we keep the internal field and set it to 0, we receive the same message.

[KSC 11 OpenAPI login problem]

We are having the same problem using cURL on windows for testing and cannot login. We have tried many variants and also receive an authentication failure message. The current command we are using is curl -X POST https://hostname:13299/api/v1.0/login -H "Authorization: KSCBasic user="username", pass="password", internal="1"" -H "Content-Type: application/json" -H "Content-Length: 2" -d "{}" -k -v The user account is a full local admin on the server and can login to the MMC console. Username and password have been Base64 encoded. We have also tried using Postman and receive the same error message.

[KES Mac 11 - Update Task and Network Agent Problems]

Hi guys, Thanks for replying. I have managed to work around this now and for the affected machines have run a shell script to uninstall the agent through our RMM system followed by another to install it and all seems to be fine now. For some reason installing from the dmg seemed to cause an issue on some machines, For these ones, extracting the contents of the dmg and installing using the shell script with a few changes seems to be fine.

[KES Mac 11 - Update Task and Network Agent Problems]

Dear Community, dear KL-Team, following fact: the new KES 11 for macOS is not executed correctly in our environment. Update tasks can neither be started remotely nor via the GUI. An Incident is already opened (INC000010353734 and INC000010487018), there is actually no really progress here however. The corresponding trace files can be found here. Via Kaspersky Security Center I can see that the KES is running, but the agent is displayed as inactive. I believe that the error is due to an incorrect adoption of the policy. After running the klnagchk -sendhb locally I get the following error message:

Hey Intrusus, Were you able to get anywhere with this? We have exactly the same problem with the Network Agent on all of our Mac installations. We have not yet deployed KES, just the agent itself. These appear to install without issue but never check in to the KSC. Running klnagchk on the machines gives us exactly the same error as above - 1128 the product was not installed correctly.