InlineInspectedFileDetails1

InlineInspectedFileDetails1
InlineInspectedFileDetails1

Details of a particular inspected file.

JSON Example
{
    "file_name": [
        "string"
    ],
    "analysed_in_cloud": false,
    "is_blocked": false,
    "file_type": "string",
    "file_type_details": "string",
    "submitted_by": "string",
    "analyst_task_uuid": "string",
    "protocol": "string",
    "workloads_affected_count": 0,
    "last_client": {
        "vm_id": "string",
        "ip_address": "string",
        "fqdn": "string"
    },
    "last_server": {
        "vm_id": "string",
        "ip_address": "string",
        "fqdn": "string"
    },
    "transport_node_type": "string",
    "transport_node_id": "string",
    "first_inspected": 0
}
array of string
file_name
Optional

Array of file names observed for this file hash. This list is sorted based on corresponding inspection time. Last observed file name will appear first in this list.

boolean
analysed_in_cloud
Optional

Specifies whether this file is analysed in cloud. If true, the file is present in the allow-list.

boolean
is_blocked
Optional

Conveys if the file is blocked by malware prevention service.

string
file_type
Optional

Type of the file.

string
file_type_details
Optional

Detailed information about the type of file.

string
submitted_by
Optional

Identifier of the last user who submitted this file for inspection.

string
analyst_task_uuid
Optional

Task UUID assigned by Lastline Analyst service.

protocol
Optional

Protocol through which file is downloaded.

Possible values are : INVALID, HTTP, HTTPS, FTP, SMB,
integer
workloads_affected_count
Optional

Number of workload VMs on which this file is observed.

last_client
Optional

Details about virtual machine.

last_server
Optional

Details about virtual machine.

transport_node_type
Optional

Type of transport node by which file is downloaded.

Possible values are : HOST, GATEWAY, INVALID,
string
transport_node_id
Optional

ID of the transport node on which this file is detected. Transport nodes are hypervisor hosts or NSX Edges that participated in the NSX-T topology.

first_inspected
Optional

Timestamp in milliseconds since epoch