Get the Quarantine State

Request Parameters

Parameter

Description

Mandatory

from

The start of requested period, during which objects are moved to Quarantine

no

id

Identifier of a station to get information on Quarantine objects on this station

yes

page

Number of the page which must be returned in response in paged view (may be used to display information about the large number of stations)

no

per-page

Number of stations per one page in paged view (may be used to display information about the large number of stations)

no

till

The end of requested period, during which objects are moved to Quarantine

no

 

Request Example

http://192.168.1.1:9080/api/stations/quarantine-objects.ds?id=2091ada3-ed5e-e611-3392-f0b9022a5484&from=20190531&till=20190614&page=2&per-page=2

XML and JSON response structure examples are described below.

 

XML Response

<drweb-es-api api_version="4.3.0" timestamp="1560513442" server="192.168.1.1" srv_version="12.00.0.201909260" status="true">
 <group-quarantine items="100" period_from="1559314800" period_till="1560524399">
   <item>
     <created-time>1560513439</created-time>

     <component>7</component>

     <file size="860362">C:\Users\tests\Virs\Win32.Parite.2\postcard.gif.ex#</file>

     <hash>gOD2zZJlSOzAq5mwHe7LRRlFRO9ngUSd</hash>

     <owner>tests-pc\tests:tests-pc\None</owner>

     <virus-info>IRC.Flood</virus-info>

     <object>8f7b2c47-8e9b-11e9-5812-dcfdccec8a94</object>

     <q-time>20190614115718980</q-time>
     <infection-type>1</infection-type>
   </item>

   <item>
     <created-time>1560513436</created-time>

     <component>11</component>

     <file size="578560">C:\Users\tests\Virs\Adware.Look2me\Installer2.exe</file>

     <hash>fGeq6EB6ERXxzl70fJ19iJOISHNyPU9F</hash>

     <owner>tests-pc\tests:tests-pc\None</owner>

     <virus-info>Adware.Look2me.282</virus-info>

     <object>9edc4361-9f0c-22d0-6b86-edaeddfd9b05</object>

     <q-time>20190614115716149</q-time>

     <infection-type>5</infection-type>
   </item>
 </group-quarantine>

 <pages total="50" current="2" objects-per-page="2"/>
</drweb-es-api>

 

Description of XML Response Parameters

The <group-quarantine /> element contains information on objects in the Quarantine on specified station.

The <group-quarantine /> element attributes:

Attribute

Description

items

Total number of objects in Quarantine on specified station

period_from

The start of requested period, during which objects are moved to Quarantine

period_till

The end of requested period, during which objects are moved to Quarantine

The <item /> element contains information on specific object in the Quarantine.

The <created-time /> element value contains the time when the object was added to the Quarantine at the Server.

The <component /> element contains the code of components which moved the object to the Quarantine:

0—unknown component,

1—Dr.Web Scanner,

2—SpIDer Guard,

3—SpIDer Mail,

4—SpIDer Gate,

5—Quarantine Manager,

6—Dr.Web for Kerio,

7—Dr.Web for Microsoft Outlook,

8—Dr.Web for IBM Lotus Domino,

9—Dr.Web for Qbik WinGate,

10—Dr.Web for ISA Server,

11—Antirootkit module.

The <file /> element contains information on specific file in the Quarantine.

The <file /> element attribute:

Attribute

Description

size

Size of the file in the Quarantine

The <file /> element value contains the full path to the file before moving to the Quarantine.

The <hash /> element value contains the object hash code in the SHA256 format.

The <owner /> element value contains the name of the file owner.

The <virus-info /> element value contains the name of malware object according to the Doctor Web company classification.

The <object /> element value contains the identifier of the object in the Quarantine.

The <q-time /> element value contains the time when the object was added to the Quarantine at the station.

The <infection-type /> element value contains an infection type:

1—known infection,

2—known infection modification,

4—unknown infection,

5—adware,

6—dialer,

7—joke,

8—riskware,

9—hacktool.

The <pages /> element contains information on paged view of Quarantine state.

The <pages /> element attributes:

Attribute

Description

total

Total number of pages with information on Quarantine state in paged view

current

Number of the current page

objects-per-page

Objects count on one page

 

JSON Response

{ "head": {
  "status": true,

  "timestamp": 1560513463,

  "api": {
    "version": 40300,
    "versionString": 4.3.0},

  "server": {
    "name": "192.168.1.1",

    "version": "12.00.0.201909260",
    "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}},

"data": {
  "period_from": 1559314800,

  "period_till": 1560524399,

  "items": {
    "total": 100,

    "list": [
      {"component_code": 7,

        "created_time": 1560513439,

        "file": "C:\\Users\\tests\\Virs\\Win32.Parite.2\\postcard.gif.ex#",

        "file_size": 860362,

        "hash": "gOD2zZJlSOzAq5mwHe7LRRlFRO9ngUSd",

        "object": "8f7b2c47-8e9b-11e9-5812-dcfdccec8a94",

        "owner": "tests-pc\\tests:tests-pc\\None",

        "q_time": 20190614115718980,
        "virus_info": "IRC.Flood"},

      {"component_code": 11,
        "created_time": 1560513436,

        "file": "C:\\Users\\tests\\Virs\\Adware.Look2me\\Installer2.exe",

        "file_size": 578560,

        "hash": "fGeq6EB6ERXxzl70fJ19iJOISHNyPU9F",

        "object": "9edc4361-9f0c-22d0-6b86-edaeddfd9b05",

        "owner": "tests-pc\\tests:tests-pc\\None",

        "q_time": 20190614115716149,
        "virus_info": "Adware.Look2me.282"}]},

  "pages": {
    "current": 2,

    "objects_per_page": 2,
    "total": 50}}}

 

Description of JSON Response Parameters

The data block contains general information on the request and the blocks with information on objects in the Quarantine.

The data block elements:

Field name

Description

period_from

The start of requested period, during which objects are moved to Quarantine

period_till

The end of requested period, during which objects are moved to Quarantine

The items block contains information on objects in the Quarantine on specified station.

The items block elements:

Field name

Description

total

Total number of objects in Quarantine on specified station

The list array contains information on specific objects in the Quarantine.

Elements in the list array:

Field name

Description

component_code

The code of components which moved the object to the Quarantine:

0—unknown component,

1—Dr.Web Scanner,

2—SpIDer Guard,

3—SpIDer Mail,

4—SpIDer Gate,

5—Quarantine Manager,

6—Dr.Web for Kerio,

7—Dr.Web for Microsoft Outlook,

8—Dr.Web for IBM Lotus Domino,

9—Dr.Web for Qbik WinGate,

10—Dr.Web for ISA Server,

11—Antirootkit module.

created_time

The time when the object was added to the Quarantine at the Server

file

Full path to the file before moving to the Quarantine

file_size

Size of the file in the Quarantine

hash

The object hash code in the SHA256 format

object

Identifier of the object in the Quarantine

owner

Name of the file owner

q_time

Time when the object was added to the Quarantine at the station

virus_info

Name of malware object according to the Doctor Web company classification

The pages block contains information on the number of displayed objects.

The pages block elements:

Field name

Description

current

Number of the current page

objects_per_page

Number of records on one page

total

Total number of pages