Get File Inspection Events

Get File Inspection Events

Get list of file inspection events.

Request
URI
GET
https://api.example.com/napp/api/v1/malware-prevention/events
COPY
Query Parameters
integer
start_time
Required

Use this request param for specifiying starting time of a timeline. Value has to be specified in milliseconds since epoch.

integer
end_time
Required

Use this request param for specifiying ending time of a timeline. Value has to be specified in milliseconds since epoch.

string of array
sha256
Optional

Use this request param for specifying sha256 hash to filter. If this parameter is passed multiple times, OR condition will be assumed.

string of array
sha1
Optional

Use this request param for specifying sha1 hash to filter. If this parameter is passed multiple times, OR condition will be assumed.

string of array
md5
Optional

Use this request param for specifying md5 hash to filter. If this parameter is passed multiple times, OR condition will be assumed.

string of array
verdict
Optional

Use this request param for specifying verdict to filter. If this parameter is passed multiple times, OR condition will be assumed.

boolean
allow_listed
Optional

Used for specifying filter of allow listed files. By default, this parameter will be considered null and no filtering on allow_listed value will be applied.

string
sort_by
Optional

Field by which records are sorted. Only inspection_time based sorting is supported. Please specify the order of sorted data using sort_ascending parameter.

boolean
sort_ascending
Optional

If records need to be sorted in ascending order.

string
cursor
Optional

Opaque cursor to be used for getting next page of records (supplied by current result page).

integer
page_size
Optional

Maximum number of results to return in this page (server may return fewer).

boolean
exclude_details
Optional

Use this request param for excluding details so that only inspection timestamp, verdict and allow_listed fields will be returned in response. page_size query parameter will NOT be honoured if this property is set to true and will be overwritten with 10000 as page_size.


Authentication
This operation uses the following authentication methods.
Responses
200

Successful Operation

Returns FileInspectionEventsListResult of type(s) application/json
This response body class contains all of the following: ListResult , InlineFileInspectionEventsListResult1
{
    "_self": {},
    "_links": [
        {
            "href": "string",
            "action": "string",
            "rel": "string"
        }
    ],
    "_schema": "string",
    "result_count": 0,
    "sort_by": "string",
    "sort_ascending": false,
    "cursor": "string",
    "results": [
        {
            "inspection_time": 0,
            "server": {
                "vm_id": "string",
                "ip_address": "string",
                "fqdn": "string"
            },
            "client": {
                "vm_id": "string",
                "ip_address": "string",
                "fqdn": "string"
            },
            "sha256": "string",
            "sha1": "string",
            "md5": "string",
            "file_name": "string",
            "inspection_status": "string",
            "threat_score": 0,
            "verdict": "string",
            "error_message": "string",
            "error_code": "string",
            "is_blocked": false,
            "allow_listed": false,
            "transport_node_type": "string",
            "transport_node_id": "string"
        }
    ]
}