Malware Prevention API Operations Index

Malware Prevention API Operations Index

All available Malware Prevention API Operations

Malware Prevention
GET
Get File Inspection Events

Get list of file inspection events.

GET
Get Inspected Files

Get list of inspected files. This API will return maximum 10,000 unique inspected files for any specified time window of start_time and end_time. Pagination is supported in the specified time window upto 10,000 inspected files. If page_size and cursor combination passed is referring to more than 10,000 inspected files, this API will throw an error. And this API will return only basic information about the inspected files. Please use /inspected-files/details API for getting full details of an inspected file and corresponding number of workloads_affected count, once the file hash is known from this API response. Usage of malware_class and malware_family filter together may result in inaccurate response.

GET
Get Inspected File Details

Get details of a particular inspected file including number of inspections and workloads_affected count for the specified time window. Atleast one of sha256, sha1 or md5 file hash is a required paramater. Query parameter verdict is optional and if passed, last observed inspection_time is identified based on matching events by verdict. Note that counts for the file are aggregated independent of verdict parameter passed here and correspond to all events observed for this file.

GET
Get Allow List

Get list of files allowed in data center for execution or viewing. If empty value of sha256 is passed, it will be ignored and the api will return all allow-listed files.

POST
Add To Allow List

This API is used to add a list of files to allow-list.

DELETE
Delete Allow List

This API is used to delete a file from allow-list, identified by sha256 hash for the file.

POST
Auto Complete Search

This API will provide auto-complete functionality for the filters provided on Potential Malware screen. This API will return the records matching the pattern string entered for the specific filter. If the user does not enter any value, then this API will return all unique records. This API will return maximum 10,000 unique records for any specified filter. Pagination is supported in the window upto 10,000 records.

GET
Get Service Definition

Get service definition for Malware Prevention. This API returns the service id, display name and all the deployment specs for the service.

POST
Register Svm

User needs to download the OVA from official VMware site, host the OVA somewhere. User needs to provide the path/URL where OVF is hosted, name of the deployment spec and svm version. This API internally creates the Service Definition for Malware Prevention, registers the solution configuration and creates Extended solution config. If the Malware prevention service definition already exists, this will add a new deployment specification to the existing definition.

DELETE
Delete Deployment Spec

This API deletes the deployment spec with the specified name for Malware Prevention service.

Caution: Do not use DELETE API in the following situations:

  • The NSX Distributed Malware Prevention service definition has only a single deployment specification.
  • The deployment specification is used in any of the service deployments.
In these two situations, DELETE API fails.
GET
Query Search

Full text search API.

GET
Get Malware Prevention Rbac Permissions

This API returns RBAC permissions of all NSX Malware Prevention APIs.

GET
Get Malware Prevention Usage Details

Get feature usage details of Malware Prevention.