Utilizing SEP API, this task can be easily scripted and automated (
https://apidocs.symantec.com/home/SAEP).
PowerShell Example:
$global:getAppDevControl = @()
$Method = "GET"
$Url = "https://"+$global:SEPM+":8446/sepm/api/v1/policies/summary/adc"
$global:ContentType = 'application/json'
$global:getAppDevControl = (Invoke-RestMethod -Uri $Url -Method $Method -Headers $global:Header -ContentType $global:ContentType).content
The API docs will walk you through configuring the API header with your bearer token, which is returned during authorization. Configure $global:SEPM as your SEPM IP address.
After, you can dig in to policy details by cycling through the $global:getAppDevControl object id's.
$global:getAppDevControl | ForEach-Object {
Write-Host "Policy Name: " + $_.name
$global:policyDetailID = $_.id
$Url = "https://"+$global:SEPM+":8446/sepm/api/v1/policies/adc/"+$global:policyDetailID
$global:policyConfig = (Invoke-RestMethod -Uri $Url -Method $Method -Headers $global:Header -ContentType $global:ContentType)
#Output
Write-Host $global:policyConfig
}
You can cycle through any nested objects the same way, as needed.
Original Message:
Sent: 11-25-2020 03:12 PM
From: Steve A
Subject: SEPM 14 Export ADC Policy Human Readable
How do I export or otherwise obtain our current Application and Device Control policy settings, or, more specifically, the Device Control portion of it in human readable form? I need to audit our "Blocked Devices" and "Devices Excluded from Blocking" settings in a format that allows for advanced functionality such as "find."
SEPM 14.2 RU2 MP1
build 5569
14.2.5569.2100