Get Station Information

Request Parameters

Parameter	Description	Mandatory
bases	If this parameter value is yes, then the response will contain information about virus databases used on a station. Valid values: yes \| no. By default: no.	no
components	If this parameter value is yes, then the response will contain information about station components. Valid values: yes \| no. By default: no.	no
group-membership	If this parameter value is yes, then the response will contain information about groups, which include a station. Valid values: yes \| no. By default: no.	no
id	Station ID	yes
installed-components	If this parameter value is yes, then the response will contain information about anti-virus components installed on a station. Valid values: yes \| no. By default: no.	no
keys	If this parameter value is yes, then the response will contain information about station license keys. Valid values: yes \| no. By default: no.	no
modules	If this parameter value is yes, then the response will contain information about anti-virus modules installed on a station. Valid values: yes \| no. By default: no.	no
rights	If this parameter value is yes, then the response will contain information about station privileges. Valid values: yes \| no. By default: no.	no
running-components	If this parameter value is yes, then the response will contain information about anti-virus components currently running on a station. Valid values: yes \| no. By default: no.	no

Request Example

https://192.168.1.1:9081/api/stations/info.ds?id=1002&bases=yes&components=yes&group-membership=yes&installed-components=yes&keys=yes&machines=yes&modules=yes&rights=yes&running-components=yes

XML and JSON response structure examples are described below.

XML Response Structure

<drweb-es-api api_version="4.3.0" timestamp="1589394736" server="192.168.1.1" srv_version="13.00.0.202005090" status="true">
<stations total="1">
<station id="1002" name="win10-1909-pro-x86-ru" created="1589384744" modified="1589388720" parent_id="20e27d73-d21d-b211-a788-85419c46f0e6" parent_name="Everyone" password="123456" state="1">
<lastseenat>1589388597</lastseenat>

<os code="33754631">Windows 10 Pro</os>

<department>Test_office></department>

<street>Test_avenue</street>

<floor>Floor_1002</floor>

<province>Test_region</province>

<![CDATA[; Dr.Web (R) Public key file
; Do not edit! 1459895a-a115-4a66-93e7-a31fb717e9bd

; ***EOF***]]>
</public_key>
</connection>

</modules>

</bases>

<installed-components total="11">
<component code="144" name="Preventive protection" installed="1589374270" path="C:\Program Files\DrWeb" server=""/>

</installed-components>

<running-components total="7">
<component code="14" name="SpIDer Mail for Windows" params="" started="1589388720" type="8" user="NT AUTHORITY\SYSTEM"/>

</running-components>
<rights inherited="true" inherited_group_id="20e27d73-d21d-b211-a788-85419c46f0e6" inherited_group_name="Everyone">
<right code="1" name="Run Dr.Web Scanner for Windows" value="1"/>

</rights>

</components>

<group-membership total="2">
<group id="20e27d73-d21d-b211-a788-85419c46f0e6" inherited_group_name="Everyone" type="1" />
<group id="f5bf5a82-5d5b-11ea-b603-f832e48ba98f" inherited_group_name="Windows 10 Pro" type="4" />
</group-membership>

The following elements will not be included in the response document about a remote station:

<os />—operating system on station,

<running-components />—currently running components,

<installed-components />—installed components,

<components />—components to install,

<bases />—virus databases,

<packages />—installation packages,

<connection /> and <public_key />—connection information and public encryption key,

<rights />—access privileges (see Appendix A1. Station Privilege Codes),

<modules />—modules,

<group-membership />—membership in groups.

Description of XML Response Parameters

The <stations /> element contains information about all stations specified in the request.

The <stations /> element attribute:

Attribute	Description
total	Total number of stations in a response

•The <station /> element contains parameters of a specific station.

The <station /> element attributes:

Attribute	Description
id	Station ID
name	Station name
created	Station creation date
modified	Last modification time
parent_id	Station parent group ID
parent_name	Station parent group name
password	Password to access the Dr.Web Server
state	Station state code (see Appendix D. Returned Station State Codes)

▫The <firstlogin /> element contains the date of the very first connection of a station to the Dr.Web Server.

▫The <firstdownload /> element contains the date when the anti-virus package (Dr.Web Agent) was downloaded for the first time.

▫The <expires /> element contains client access expiration date. The 0 value means unlimited access.

▫The <blocking /> element contains information about a station blocking in following nested elements: <begin />—blocking period start date, <end />—blocking period end date.

▫The <user-id /> element contains a user ID.

▫The <lastseenat /> element contains the date when a station connected to the Dr.Web Server the last time.

▫The <lastseenfrom /> element contains address and port from which a station connected to the Dr.Web Server last time.

▫The <os /> element contains information about operating system currently installed on a station.

The <os /> element attribute:

Attribute	Description
code	Operating system code

The <os /> element value is the operating system name.

▫Nested elements of the <station /> element with station information:

Element	Description
<department />	Department
<description />	Description
<country />	Country
<street />	Street
<room />	Room
<city />	City
<floor />	Floor
<longitude />	Longitude
<latitude />	Latitude
<organization />	Organization
<province />	Province
<email />	Email address

▫The <connection /> element contains Dr.Web Server connection parameters.

The <connection /> element attributes:

Attribute	Description
port	Port number for connecting to the Dr.Web Server
server	DNS name or IP address of the Dr.Web Server

▪The <public_key /> element contains information about the Dr.Web Server’s public encryption key and the key itself.

The <public_key /> element attributes:

Attribute	Description
url	Address of the Dr.Web Server’s public key location
uuid	Public key ID

The <public_key /> element value is the public key content.

▫The <packages /> element contains links to installation packages created at this Dr.Web Server for various processor designs and operating systems.

▪The <package /> element contains a link to a specific anti-virus package.

The <package /> element attributes:

Attribute

Description

arch

Processor designs the package can be installed on:

•all—operating systems of any bitness,

•x86—32-bit operating systems,

•x86_64—64-bit operating systems

Operating system the package can be installed on

url

Web address to download the package (Dr.Web Agent)

▫The <modules /> element contains information about all program modules.

The <modules /> element attribute:

Attribute	Description
total	Total number of modules

▪The <module /> element contains information about a specific module.

The <module /> element attributes:

Attribute	Description
name	File name
version	Module version
created	Module creation date
modified	Module last modified date
hash	Module checksum
file_size	File size (bytes)
file_owner	Name of a file owner

▫The <bases /> element contains information about all virus databases installed on a station.

The <bases /> element attribute:

Attribute	Description
total	Total number of virus databases

▪The <base /> element contains information about a specific virus database.

The <base /> element attributes:

Attribute	Description
file_name	Virus database file name
version	Virus database version
created	Virus database creation date
viruses	Number of virus records in a database

▫The <keys /> element contains information about license keys of a station.

The <keys /> element attributes:

Attribute	Description
inherited	If its value is set to true, it means that the keys were inherited from a parent group, and if set to false—that the keys were configured individually.
inherited_group_id	ID of a parent group from which the key parameters have been inherited. If the inherited attribute is false, this attribute’s value will be empty.
inherited_group_name	Name of a parent group from which the key parameters have been inherited. If the inherited attribute is false, this attribute’s value will be empty.

▪The <key /> element contains information about a specific license key.

The <key /> element attribute:

Attribute	Description
id	Key ID

▫The <installed-components /> element contains information about all installed components.

The <installed-components /> element attribute:

Attribute	Description
total	Total number of installed components

▪The <component /> element of the <installed-components /> element contains information about a specific installed component.

The <component /> element attributes:

Attribute	Description
code	Digital code of a component (see Appendix B2. Component Codes)
name	Name of a component (see Appendix B2. Component Codes)
installed	Component installation time
path	Component installation path
server	Dr.Web Server address from which a component was installed

▫The <running-components /> element contains information about all components running at the time of the request.

The <running-components /> element attribute:

Attribute	Description
total	Total number of running components

▪The <component /> element of the <running-components /> element contains information about a specific running component.

The <component /> element attributes:

Attribute	Description
code	Digital code of a component (see Appendix B2. Component Codes)
name	Name of a component (see Appendix B2. Component Codes)
params	Component start parameters
started	Component start time
type	Component starting method: 1—started manually, 2—started on schedule, 4—started by a user, 8—started as a system process.
user	Station user on whose behalf a component was launched

▫The <rights /> element contains information about all privileges of a station.

The <rights /> element attributes:

Attribute	Description
inherited	If true, it means that the privileges were inherited from a parent group, if false—permissions were specified individually.
inherited_group_id	ID of a parent group the privileges were inherited from. If the inherited attribute is false, this attribute’s value will be empty.
inherited_group_name	Name of a parent group the privileges were inherited from. If the inherited attribute is false, this attribute’s value will be empty.

▪The <right /> element contains information about a specific privilege.

The <right /> element attributes:

Attribute

Description

code

Digital code of a privilege (see Appendix A1. Station Privilege Codes)

name

Privilege name (see Appendix A1. Station Privilege Codes)

value

Privilege status:

0—this privilege was denied,

1—the right was granted.

▫The <components /> element contains information about all components.

The <components /> element attributes:

Attribute	Description
total	Total number of components
inherited	If the value is true, it means that the components were inherited from a parent group, and if false—that the component parameters were configured individually.
inherited_group_id	ID of a parent group the component parameters were inherited from. If the inherited attribute is false, this attribute’s value will be empty.
inherited_group_name	Name of a parent group the component parameters were inherited from. If the inherited attribute is false, this attribute’s value will be empty.

▪The <component /> element of the <components /> element contains information about a specific component.

The <component /> element attributes:

Attribute

Description

code

Digital code of a component (see Appendix B2. Component Codes)

name

Name of a component (see Appendix B2. Component Codes)

status

Component status:

2—the component must be installed,

1—the component can be installed

0—the component does not need to be installed.

▫The <group-membership /> element contains information about all groups a station is the member of.

The <group-membership /> element attribute:

Attribute	Description
total	Total number of groups a station is the member of

▪The <group /> element contains information about a specific group.

The <group /> element attributes:

Attribute

Description

Group ID

name

Group name

type

Group type:

0—user group,

1—base and default group,

2—group containing the online stations,

3—group containing the offline stations,

4—group containing stations grouped by operating system,

5—group containing stations grouped by network protocol,

6—group containing stations with uninstalled Dr.Web Agent,

7—group containing stations with expired access to the Dr.Web Server,

10—pseudogroup,

13—group containing Dr.Web Proxy servers for connecting Agents and neighbor Dr.Web Servers.

▫The <acl> element contains access control lists specifying restrictions on network addresses from which Dr.Web Agent may access the Dr.Web Server.

The <acl> element attribute:

Attribute

Description

priority

Determines list usage priority:

•allowed—allowed address list has a higher priority: addresses included in both lists or not included in any of them will be allowed;

•disallowed—denied address list has a higher priority: addresses included in both lists or not included in any of them will be denied.

▪The <allowed /> and <disallowed /> elements determine lists of addresses, which are allowed or forbidden to access the Dr.Web Server.
Both elements can include nested elements of <address />. A specific address needs to be specified for each.

The <address /> element attributes:

Attribute	Description
net_proto	Network protocol
net_mask	Network mask

JSON Response Structure

{ "head": {
"status": true,

"timestamp": 1589398833,

"api": {
"version": 40300,
"versionString": 4.3.0},

"server": {
"name": "192.168.1.1",

"version": "13.00.0.202005090",
"uuid": "b35d999d-9212-481d-af8c-8551c4113383"}},

"data": {
"total": 1,

"list": [
{"id": "1002",

"name": "win10-1909-pro-x86-ru",

"parent_id": "20e27d73-d21d-b211-a788-85419c46f0e6",

"parent_name": "Everyone",

"password": "123456",

"state": 1,

"firstlogin": 1589384893,

"firstdownload": 1589384749,

"last_seen_time": 1589388597,

"last_seen_addr": "tcp://10.20.0.245:49687",

"connection": {
"port": 2193,

"public_key": {
"file": "; [^] Dr.Web (R) Public key file\n
; Do not edit!\n
1459895a-a115-4a66-93e7-a31fb717e9bd\n
...
; ***EOF***\n",

"id": "1459895a-a115-4a66-93e7-a31fb717e9bd",
"url": "https://192.168.1.1:9081/install/drwcsd.pub"},
"server": "192.168.1.1"},

"packages": [
{"arch": "all,
"os": "windows","
"url": "https://192.168.1.1:9081/download/download.ds?os=windows&id=1002"}],

"department": "Test_office",

"description": "Test_1002",

"country": "RU",

"street": "Test_avenue",

"room": "Room_1002",

"city": "Test_town",

"floor": "Floor_1002",

"longitude": 2222220,

"latitude": 3333330,

"organization": "Test_Inc",

"province": "Test_region",

"email": "Test_mail",

"components": {
"inherited": true,

"inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6",

"inherited_group_name": "Everyone",

"list": [
{"code": 4,
"name": "Dr.Web Scanner for Windows",
"status": 1},
...]},

"installed_components": [
{"code": 144,
"installed_time": 1589374270,

"name": "Preventive protection",

"path": "C:\\Program Files\\DrWeb",

"server": ""},
...],

"running_components": [
{"code": 14,

"name": "SpIDer Mail for Windows",

"params": "",

"pid": "14",

"started_time": 1589388720,

"type": 8,

"user": "NT AUTHORITY\\SYSTEM"},
...],

"modules": [
{"created_time": 1589374257,

"description": "Dr.Web Virus-Finding Engine",

"file_name": "drweb32.dll",

"file_owner": "BUILTIN\\Administrators:WIN10-1909-PRO-\\None @WIN10-1909-PRO-",

"file_size": 4672776,
"hash": "2e6df87878901996d4fa258705ec5524",

"modified_time": 1589374257,

"version": "7.00.46.03050"},
...],

"bases": [
{"created_time": 1589385656,

"file_name": "dwp11000.vdb",

"version": "1100",

"viruses": 739},
...],

"group_membership": [
{"id": "20e27d73-d21d-b211-a788-85419c46f0e6",

"name": "Everyone",

"type": 1}
{"id": "f5bf5a82-5d5b-11ea-b603-f832e48ba98f",

"name": "Windows 10 Pro",

"type": 4}],

"keys": {
"inherited": true,

"inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6",

"inherited_group_name": "Everyone",

"list": [
"daa669be6fdbca01"]},

"permissions": {
"inherited": true,

"inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6",

"inherited_group_name": "Everyone",

"list": [
{"name": "Run Dr.Web Scanner for Windows",
"right": 1,
"value": 1},
...]},

"acl": {
"priority": "allow",

"allowed": [{
"net_mask": "32",
"net_address": "192.168.1.1"}],

"disallowed": [{
"net_mask": "32",
"net_address": "192.168.1.2"}]},

"os_code": 33754631,

"os_name": "Windows 10 Pro",

"created_time": 1589384744,
"modified_time": 1589388720}]}}

Description of JSON Response Parameters

The data block contains information about all stations specified in the request.

The data block elements:

Field name	Description
total	Total number of stations in a response
list	Array of parameters for each station

•Each object of the list array contains parameters of a specific station.

Elements in the list array:

Field name	Description
id	Station ID
name	Station name
parent_id	Station parent group ID
parent_name	Station parent group name
password	Password to access the Dr.Web Server
state	Current state of a station (see Appendix D. Returned Station State Codes)
firstlogin	Date of the very first connection of a station to the Dr.Web Server
firstdownload	Date when the anti-virus package (Dr.Web Agent) was downloaded for the first time
last_seen_time	Time when a station connected to the Dr.Web Server the last time
last_seen_addr	Address from which a station connected to the Dr.Web Server the last time
connection	Block containing Dr.Web Server connection parameters
packages	Array of links to installation packages created at this Dr.Web Server for various processor designs and operating systems
department	Department
description	Description
country	Country
street	Street
room	Room
city	City
floor	Floor
longitude	Longitude
latitude	Latitude
organization	Organization
province	Province
email	Email address
components	Block containing information about all components
installed_components	Array of parameters for each installed component
running_components	Array of parameters for each component running at the time of the request
modules	Array of parameters for each program module
bases	Array of parameters for each virus database
group_membership	Array containing information about all groups a station is the member of
keys	Block of parameters for each license key of a station
permissions	Block of parameters for each privilege of a group
acl	Block containing access control lists. These lists specify restrictions on network addresses from which the Agent may access the Dr.Web Server
os_code	Operating system code
os_name	Operating system name
created_time	Station creation date
modified_time	Last modification time

▫The connection block elements:

Field name	Description
port	Port number for connecting to the Dr.Web Server
public_key	Block containing information about public encryption key
server	DNS name or IP address of the Dr.Web Server

▪The public_key block elements:

Field name	Description
file	Public key content
id	Public key ID
url	Address of the Dr.Web Server’s public key location

▫Elements in the packages array:

Field name

Description

arch

Processor designs the package can be installed on:

•all—operating systems of any bitness,

•x86—32-bit operating systems,

•x86_64—64-bit operating systems

Operating system the package can be installed on

url

Web address to download the package (Dr.Web Agent)

▫The components block elements:

Field name	Description
inherited	If the value is true, it means that the components were inherited from a parent group, and if false—that the component parameters were configured individually.
inherited_group_id	ID of a parent group the component parameters were inherited from. This element will not be present as long as the inherited element is false.
inherited_group_name	Name of a parent group the component parameters were inherited from. This element will not be present as long as the inherited element is false.
list	Array of parameters for each component

▪Elements in the list array:

Field name

Description

code

Digital code of a component (see Appendix B2. Component Codes)

name

Name of a component (see Appendix B2. Component Codes)

status

Component status:

2—the component must be installed,

1—the component can be installed

0—the component does not need to be installed.

▫Elements in the installed-components array:

Field name	Description
code	Digital code of a component (see Appendix B2. Component Codes)
installed_time	Component installation time
name	Name of a component (see Appendix B2. Component Codes)
path	Component installation path
server	Address of the Dr.Web Server the component was installed from

▫Elements in the running-components array:

Field name	Description
code	Digital code of a component (see Appendix B2. Component Codes)
name	Name of a component (see Appendix B2. Component Codes)
params	Component start parameters
pid	Process ID on a station
started_time	Component start time
type	Component starting method: 1—started manually, 2—started on schedule, 4—started by a user, 8—started as a system process.
user	Station user on whose behalf a component was launched

▫Elements in the modules array:

Field name	Description
created_time	Module creation date
description	Module name
file_name	File name
file_owner	Name of a file owner
file_size	File size (bytes)
hash	Module checksum
modified_time	Module last modified date
version	Module version

▫Elements in the bases array:

Field name	Description
created	Virus database creation date
file_name	Virus database file name
version	Virus database version
viruses	Number of virus records in a database

▫Elements in the group-membership array:

Field name

Description

Group ID

name

Group name

type

Group type:

0—user group,

1—base and default group,

2—group containing the online stations,

3—group containing the offline stations,

4—group containing stations grouped by operating system,

5—group containing stations grouped by network protocol,

6—group containing stations with uninstalled Dr.Web Agent,

7—group containing stations with expired access to the Dr.Web Server,

10—pseudogroup,

13—group containing Dr.Web Proxy servers for connecting Agents and neighbor Dr.Web Servers.

▫The keys block elements:

Field name	Description
inherited	If the value is true, it means that the keys were inherited from a parent group, and if false—that the keys were configured individually.
inherited_group_id	ID of a parent group from which the key parameters have been inherited. This element will not be present as long as the inherited element is false.
inherited_group_name	Name of a parent group the key parameters were inherited from. This element will not be present as long as the inherited element is false.
list	Array of key IDs.

▪Elements in the list array:

Field name	Description
id	Key ID

▫The permissions block elements:

Field name	Description
inherited	If true, it means that the privileges were inherited from a parent group, if false—permissions were specified individually.
inherited_group_id	ID of a parent group the privileges were inherited from. This element will not be present as long as the inherited element is false.
inherited_group_name	ID of a parent group the privileges were inherited from. This element will not be present as long as the inherited element is false.
list	Array of parameters for each privilege of a station

▪Elements in the list array:

Field name

Description

name

Privilege name (see Appendix A1. Station Privilege Codes)

right

Digital code of a privilege (see Appendix A1. Station Privilege Codes)

value

Privilege status:

0—this privilege was denied,

1—the privilege was granted.

▫The acl block elements:

Field name

Description

priority

Determines list priority:

•allowed—allowed address list has a higher priority: addresses included in both lists or not included in any of them will be allowed.

•disallowed—denied address list has a higher priority: addresses included in both lists or not included in any of them will be denied.

allowed

Array of addresses allowed to access the Dr.Web Server

disallowed

Array of addresses not allowed to access the Dr.Web Server

▪The allowed and disallowed array elements:

Field name	Description
net_mask	Network mask
net_address	Network address