Get Station Information

Request Parameters

Parameter

Description

Mandatory

bases

If this parameter value is yes, then the response will contain information about virus databases used on a station.

Valid values: yes | no. By default: no.

no

components

If this parameter value is yes, then the response will contain information about station components.

Valid values: yes | no. By default: no.

no

group-membership

If this parameter value is yes, then the response will contain information about groups, which include a station.

Valid values: yes | no. By default: no.

no

id

Station ID

yes

installed-components

If this parameter value is yes, then the response will contain information about anti-virus components installed on a station.

Valid values: yes | no. By default: no.

no

keys

If this parameter value is yes, then the response will contain information about station license keys.

Valid values: yes | no. By default: no.

no

modules

If this parameter value is yes, then the response will contain information about anti-virus modules installed on a station.

Valid values: yes | no. By default: no.

no

rights

If this parameter value is yes, then the response will contain information about station privileges.

Valid values: yes | no. By default: no.

no

running-components

If this parameter value is yes, then the response will contain information about anti-virus components currently running on a station.

Valid values: yes | no. By default: no.

no

 

Request Example

https://192.168.1.1:9081/api/stations/info.ds?id=1002&bases=yes&components=yes&group-membership=yes&installed-components=yes&keys=yes&machines=yes&modules=yes&rights=yes&running-components=yes

XML and JSON response structure examples are described below.

 

XML Response Structure

<drweb-es-api api_version="4.3.0" timestamp="1589394736" server="192.168.1.1" srv_version="12.00.0.201909260" status="true">
  <stations total="1">
    <station id="1002" name="win10-1909-pro-x86-ru" created="1589384744" modified="1589388720" parent_id="20e27d73-d21d-b211-a788-85419c46f0e6" parent_name="Everyone" password="123456" state="1">
        <lastseenat>1589388597</lastseenat>

        <lastseenfrom>tcp://10.20.0.245:49687</lastseenfrom>

        <os code="33754631">Windows 10 Pro</os>

        <department>Test_office></department>

        <description>Test_1002></description>

        <country>RU</country>

        <street>Test_avenue</street>

        <room>Room_1002></room>

        <city>Test_town</city>

        <floor>Floor_1002</floor>

        <longitude>2222220</longitude>

        <latitude>3333330</latitude>

        <organization>Test_Inc</organization>

        <province>Test_region</province>

        <email>Test_mail</email>

        <connection port="2193" server="192.168.1.1">
          <public_key url="https://192.168.1.1:9081/install/drwcsd.pub" uuid="1459895a-a115-4a66-93e7-a31fb717e9bd">

              <![CDATA[; Dr.Web (R) Public key file
              ; Do not edit! 1459895a-a115-4a66-93e7-a31fb717e9bd
              <!-- The key skipped in documentation. -->
              ; ***EOF***]]>
          </public_key>
        </connection>

        <packages>
          <package arch="all" os="windows" url="https://192.168.1.1:9081/download/download.ds?os=windows&amp;id=1002"/>
        </packages>

        <modules total="31">
           <module name="drweb32.dll" version="7.00.46.03050" created="1589374257" modified="1589374257" hash="2e6df87878901996d4fa258705ec5524" file_size="4672776" file_owner="BUILTIN\Administrators:WIN10-1909-PRO-\None @ WIN10-1909-PRO-"/>

           <!-- etc. Skipped in documentation -->
        </modules>

        <bases total="192">

          <base file_name="dwp11000.vdb" version="1100" created="1589385656" viruses="739"/>

           <!-- etc. Skipped in documentation -->
        </bases>

        <keys inherited="true" inherited_group_id="20e27d73-d21d-b211-a788-85419c46f0e6" inherited_group_name="Everyone">
          <key id="daa111be1fdbca01"/>
        </keys>

        <installed-components total="11">
           <component code="144" name="Preventive protection" installed="1589374270" path="C:\Program Files\DrWeb" server=""/>

          <!-- etc. Skipped in documentation -->
        </installed-components>

        <running-components total="7">
           <component code="14" name="SpIDer Mail for Windows" params="" started="1589388720" type="8" user="NT AUTHORITY\SYSTEM"/>

          <!-- etc. Skipped in documentation -->
        </running-components>
        <rights inherited="true" inherited_group_id="20e27d73-d21d-b211-a788-85419c46f0e6" inherited_group_name="Everyone">
           <right code="1" name="Run Dr.Web Scanner for Windows" value="1"/>

          <!-- etc. Skipped in documentation -->
        </rights>

        <components total="11" inherited="true" inherited_group_id="20e27d73-d21d-b211-a788-85419c46f0e6" inherited_group_name="Everyone">
           <component code="4" name="Dr.Web Scanner for Windows" status="1"/>

          <!-- etc. Skipped in documentation -->
        </components>

        <group-membership total="2">
          <group id="20e27d73-d21d-b211-a788-85419c46f0e6" inherited_group_name="Everyone" type="1" />
          <group id="f5bf5a82-5d5b-11ea-b603-f832e48ba98f" inherited_group_name="Windows 10 Pro" type="4" />
        </group-membership>

        <acl priority="allow">
          <allowed>
              <address net_proto="tcp" net_mask="32">192.168.1.1</address>
          </allowed>

          <disallowed>
              <address net_proto="tcp" net_mask="32">192.168.1.2</address>
          </disallowed>
        </acl>
    </station>
  </stations>
</drweb-es-api>

The following elements will not be included in the response document about a remote station:

<os />—operating system on station,

<running-components />—currently running components,

<installed-components />—installed components,

<components />—components to install,

<bases />—virus databases,

<packages />—installation packages,

<connection /> and <public_key />—connection information and public encryption key,

<rights />—access privileges (see Appendix A1. Station Privilege Codes),

<modules />—modules,

<group-membership />—membership in groups.

 

Description of XML Response Parameters

The <stations /> element contains information about all stations specified in the request.

The <stations /> element attribute:

Attribute

Description

total

Total number of stations in a response

The <station /> element contains parameters of a specific station.

The <station /> element attributes:

Attribute

Description

id

Station ID

name

Station name

created

Station creation date

modified

Last modification time

parent_id

Station parent group ID

parent_name

Station parent group name

password

Password to access the Dr.Web Server

state

Station state code (see Appendix D. Returned Station State Codes)

The <firstlogin /> element contains the date of the very first connection of a station to the Dr.Web Server.

The <firstdownload /> element contains the date when the anti-virus package (Dr.Web Agent) was downloaded for the first time.

The <expires /> element contains client access expiration date.  The 0 value means unlimited access.

The <blocking /> element contains information about a station blocking in following nested elements: <begin />—blocking period start date, <end />—blocking period end date.

The <user-id /> element contains a user ID.

The <lastseenat /> element contains the date when a station connected to the Dr.Web Server the last time.

The <lastseenfrom /> element contains address and port from which a station connected to the Dr.Web Server last time.

The <os /> element contains information about operating system currently installed on a station.

The <os /> element attribute:

Attribute

Description

code

Operating system code

The <os /> element value is the operating system name.

Nested elements of the <station /> element with station information:

Element

Description

<department />

Department

<description />

Description

<country />

Country

<street />

Street

<room />

Room

<city />

City

<floor />

Floor

<longitude />

Longitude

<latitude />

Latitude

<organization />

Organization

<province />

Province

<email />

Email address

The <connection /> element contains Dr.Web Server connection parameters.

The <connection /> element attributes:

Attribute

Description

port

Port number for connecting to the Dr.Web Server

server

DNS name or IP address of the Dr.Web Server

The <public_key /> element contains information about the Dr.Web Server’s public encryption key and the key itself.

The <public_key /> element attributes:

Attribute

Description

url

Address of the Dr.Web Server’s public key location

uuid

Public key ID

The <public_key /> element value is the public key content.

The <packages /> element contains links to installation packages created at this Dr.Web Server for various processor designs and operating systems.

The <package /> element contains a link to a specific anti-virus package.

The <package /> element attributes:

Attribute

Description

arch

Processor designs the package can be installed on:

all—operating systems of any bitness,

x86—32-bit operating systems,

x86_64—64-bit operating systems

os

Operating system the package can be installed on

url

Web address to download the package (Dr.Web Agent)

The <modules /> element contains information about all program modules.

The <modules /> element attribute:

Attribute

Description

total

Total number of modules

The <module /> element contains information about a specific module.

The <module /> element attributes:

Attribute

Description

name

File name

version

Module version

created

Module creation date

modified

Module last modified date

hash

Module checksum

file_size

File size (bytes)

file_owner

Name of a file owner

The <bases /> element contains information about all virus databases installed on a station.

The <bases /> element attribute:

Attribute

Description

total

Total number of virus databases

The <base /> element contains information about a specific virus database.

The <base /> element attributes:

Attribute

Description

file_name

Virus database file name

version

Virus database version

created

Virus database creation date

viruses

Number of virus records in a database

The <keys /> element contains information about license keys of a station.

The <keys /> element attributes:

Attribute

Description

inherited

If its value is set to true, it means that the keys were inherited from a parent group, and if set to false—that the keys were configured individually.

inherited_group_id

ID of a parent group from which the key parameters have been inherited.
If the inherited attribute is false, this attribute’s value will be empty.

inherited_group_name

Name of a parent group from which the key parameters have been inherited.
If the inherited attribute is false, this attribute’s value will be empty.

The <key /> element contains information about a specific license key.

The <key /> element attribute:

Attribute

Description

id

Key ID

The <installed-components /> element contains information about all installed components.

The <installed-components /> element attribute:

Attribute

Description

total

Total number of installed components

The <component /> element of the <installed-components /> element contains information about a specific installed component.

The <component /> element attributes:

Attribute

Description

code

Digital code of a component (see Appendix B2. Component Codes)

name

Name of a component (see Appendix B2. Component Codes)

installed

Component installation time

path

Component installation path

server

Dr.Web Server address from which a component was installed

The <running-components /> element contains information about all components running at the time of the request.

The <running-components /> element attribute:

Attribute

Description

total

Total number of running components

The <component /> element of the <running-components /> element contains information about a specific running component.

The <component /> element attributes:

Attribute

Description

code

Digital code of a component (see Appendix B2. Component Codes)

name

Name of a component (see Appendix B2. Component Codes)

params

Component start parameters

started

Component start time

type

Component starting method:

1—started manually,

2—started on schedule,

4—started by a user,

8—started as a system process.

user

Station user on whose behalf a component was launched

The <rights /> element contains information about all privileges of a station.

The <rights /> element attributes:

Attribute

Description

inherited

If true, it means that the privileges were inherited from a parent group, if false—permissions were specified individually.

inherited_group_id

ID of a parent group the privileges were inherited from.
If the inherited attribute is false, this attribute’s value will be empty.

inherited_group_name

Name of a parent group the privileges were inherited from.
If the inherited attribute is false, this attribute’s value will be empty.

The <right /> element contains information about a specific privilege.

The <right /> element attributes:

Attribute

Description

code

Digital code of a privilege (see Appendix A1. Station Privilege Codes)

name

Privilege name (see Appendix A1. Station Privilege Codes)

value

Privilege status:

0—this privilege was denied,

1—the right was granted.

The <components /> element contains information about all components.

The <components /> element attributes:

Attribute

Description

total

Total number of components

inherited

If the value is true, it means that the components were inherited from a parent group, and if false—that the component parameters were configured individually.

inherited_group_id

ID of a parent group the component parameters were inherited from.
If the inherited attribute is false, this attribute’s value will be empty.

inherited_group_name

Name of a parent group the component parameters were inherited from.
If the inherited attribute is false, this attribute’s value will be empty.

The <component /> element of the <components /> element contains information about a specific component.

The <component /> element attributes:

Attribute

Description

code

Digital code of a component (see Appendix B2. Component Codes)

name

Name of a component (see Appendix B2. Component Codes)

status

Component status:

2—the component must be installed,

1—the component can be installed

0—the component does not need to be installed.

The <group-membership /> element contains information about all groups a station is the member of.

The <group-membership /> element attribute:

Attribute

Description

total

Total number of groups a station is the member of

The <group /> element contains information about a specific group.

The <group /> element attributes:

Attribute

Description

id

Group ID

name

Group name

type

Group type:

0—user group,

1—base and default group,

2—group containing the online stations,

3—group containing the offline stations,

4—group containing stations grouped by operating system,

5—group containing stations grouped by network protocol,

6—group containing stations with uninstalled Dr.Web Agent,

7—group containing stations with expired access to the Dr.Web Server,

10—pseudogroup,

13—group containing Dr.Web Proxy servers for connecting Agents and neighbor Dr.Web Servers.

The <acl> element contains access control lists specifying restrictions on network addresses from which Dr.Web Agent may access the Dr.Web Server.

The <acl> element attribute:

Attribute

Description

priority

Determines list usage priority:

allowed—allowed address list has a higher priority: addresses included in both lists or not included in any of them will be allowed;

disallowed—denied address list has a higher priority: addresses included in both lists or not included in any of them will be denied.

The <allowed /> and <disallowed /> elements determine lists of addresses, which are allowed or forbidden to access the Dr.Web Server.
Both elements can include nested elements of <address />. A specific address needs to be specified for each.

The <address /> element attributes:

Attribute

Description

net_proto

Network protocol

net_mask

Network mask

 

JSON Response Structure

{ "head": {
    "status": true,

    "timestamp": 1589398833,

    "api": {
      "version": 40300,
      "versionString": 4.3.0},

    "server": {
      "name": "192.168.1.1",

      "version": "12.00.0.201909260",
      "uuid": "b35d999d-9212-481d-af8c-8551c4113383"}},

"data": {
    "total": 1,

    "list": [
       {"id": "1002",

        "name": "win10-1909-pro-x86-ru",

        "parent_id": "20e27d73-d21d-b211-a788-85419c46f0e6",

        "parent_name": "Everyone",

        "password": "123456",

        "state": 1,

        "firstlogin": 1589384893,

        "firstdownload": 1589384749,

        "last_seen_time": 1589388597,

        "last_seen_addr": "tcp://10.20.0.245:49687",

        "connection": {
          "port": 2193,

          "public_key": {
              "file": "; [^] Dr.Web (R) Public key file\n
                       ; Do not edit!\n
                       1459895a-a115-4a66-93e7-a31fb717e9bd\n
                       ...
                       ; ***EOF***\n",

              "id": "1459895a-a115-4a66-93e7-a31fb717e9bd",
              "url": "https://192.168.1.1:9081/install/drwcsd.pub"},
          "server": "192.168.1.1"},

        "packages": [
          {"arch": "all,
            "os": "windows","
            "url": "https://192.168.1.1:9081/download/download.ds?os=windows&id=1002"}],

        "department": "Test_office",

        "description": "Test_1002",

        "country": "RU",

        "street": "Test_avenue",

        "room": "Room_1002",

        "city": "Test_town",

        "floor": "Floor_1002",

        "longitude": 2222220,

        "latitude": 3333330,

        "organization": "Test_Inc",

        "province": "Test_region",

        "email": "Test_mail",

        "components": {
          "inherited": true,

          "inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6",

          "inherited_group_name": "Everyone",

          "list": [
              {"code": 4,
              "name": "Dr.Web Scanner for Windows",
              "status": 1},
              ...]},

        "installed_components": [
          {"code": 144,
            "installed_time": 1589374270,

            "name": "Preventive protection",

            "path": "C:\\Program Files\\DrWeb",

            "server": ""},
           ...],

        "running_components": [
          {"code": 14,

            "name": "SpIDer Mail for Windows",

            "params": "",

            "pid": "14",

            "started_time": 1589388720,

            "type": 8,

            "user": "NT AUTHORITY\\SYSTEM"},
           ...],

        "modules": [
          {"created_time": 1589374257,

            "description": "Dr.Web Virus-Finding Engine",

            "file_name": "drweb32.dll",

            "file_owner": "BUILTIN\\Administrators:WIN10-1909-PRO-\\None @WIN10-1909-PRO-",

            "file_size": 4672776,
            "hash": "2e6df87878901996d4fa258705ec5524",

            "modified_time": 1589374257,

            "version": "7.00.46.03050"},
           ...],

        "bases": [
          {"created_time": 1589385656,

            "file_name": "dwp11000.vdb",

            "version": "1100",

            "viruses": 739},
           ...],

        "group_membership": [
          {"id": "20e27d73-d21d-b211-a788-85419c46f0e6",

            "name": "Everyone",

            "type": 1}
          {"id": "f5bf5a82-5d5b-11ea-b603-f832e48ba98f",

            "name": "Windows 10 Pro",

            "type": 4}],

        "keys": {
          "inherited": true,

          "inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6",

          "inherited_group_name": "Everyone",

          "list": [
              "daa669be6fdbca01"]},

        "permissions": {
          "inherited": true,

          "inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6",

          "inherited_group_name": "Everyone",

          "list": [
              {"name": "Run Dr.Web Scanner for Windows",
              "right": 1,
              "value": 1},
              ...]},

        "acl": {
          "priority": "allow",

          "allowed": [{
              "net_mask": "32",
              "net_address": "192.168.1.1"}],

          "disallowed": [{
              "net_mask": "32",
              "net_address": "192.168.1.2"}]},

        "os_code": 33754631,

        "os_name": "Windows 10 Pro",

        "created_time": 1589384744,
        "modified_time": 1589388720}]}}

 

Description of JSON Response Parameters

The data block contains information about all stations specified in the request.

The data block elements:

Field name

Description

total

Total number of stations in a response

list

Array of parameters for each station

Each object of the list array contains parameters of a specific station.

Elements in the list array:

Field name

Description

id

Station ID

name

Station name

parent_id

Station parent group ID

parent_name

Station parent group name

password

Password to access the Dr.Web Server

state

Current state of a station (see Appendix D. Returned Station State Codes)

firstlogin

Date of the very first connection of a station to the Dr.Web Server

firstdownload

Date when the anti-virus package (Dr.Web Agent) was downloaded for the first time

last_seen_time

Time when a station connected to the Dr.Web Server the last time

last_seen_addr

Address from which a station connected to the Dr.Web Server the last time

connection

Block containing Dr.Web Server connection parameters

packages

Array of links to installation packages created at this Dr.Web Server for various processor designs and operating systems

department

Department

description

Description

country

Country

street

Street

room

Room

city

City

floor

Floor

longitude

Longitude

latitude

Latitude

organization

Organization

province

Province

email

Email address

components

Block containing information about all components

installed_components

Array of parameters for each installed component

running_components

Array of parameters for each component running at the time of the request

modules

Array of parameters for each program module

bases

Array of parameters for each virus database

group_membership

Array containing information about all groups a station is the member of

keys

Block of parameters for each license key of a station

permissions

Block of parameters for each privilege of a group

acl

Block containing access control lists. These lists specify restrictions on network addresses from which the Agent may access the Dr.Web Server

os_code

Operating system code

os_name

Operating system name

created_time

Station creation date

modified_time

Last modification time

The connection block elements:

Field name

Description

port

Port number for connecting to the Dr.Web Server

public_key

Block containing information about public encryption key

server

DNS name or IP address of the Dr.Web Server

The public_key block elements:

Field name

Description

file

Public key content

id

Public key ID

url

Address of the Dr.Web Server’s public key location

Elements in the packages array:

Field name

Description

arch

Processor designs the package can be installed on:

all—operating systems of any bitness,

x86—32-bit operating systems,

x86_64—64-bit operating systems

os

Operating system the package can be installed on

url

Web address to download the package (Dr.Web Agent)

The components block elements:

Field name

Description

inherited

If the value is true, it means that the components were inherited from a parent group, and if false—that the component parameters were configured individually.

inherited_group_id

ID of a parent group the component parameters were inherited from.
This element will not be present as long as the inherited element is false.

inherited_group_name

Name of a parent group the component parameters were inherited from.
This element will not be present as long as the inherited element is false.

list

Array of parameters for each component

Elements in the list array:

Field name

Description

code

Digital code of a component (see Appendix B2. Component Codes)

name

Name of a component (see Appendix B2. Component Codes)

status

Component status:

2—the component must be installed,

1—the component can be installed

0—the component does not need to be installed.

Elements in the installed-components array:

Field name

Description

code

Digital code of a component (see Appendix B2. Component Codes)

installed_time

Component installation time

name

Name of a component (see Appendix B2. Component Codes)

path

Component installation path

server

Address of the Dr.Web Server the component was installed from

Elements in the running-components array:

Field name

Description

code

Digital code of a component (see Appendix B2. Component Codes)

name

Name of a component (see Appendix B2. Component Codes)

params

Component start parameters

pid

Process ID on a station

started_time

Component start time

type

Component starting method:

1—started manually,

2—started on schedule,

4—started by a user,

8—started as a system process.

user

Station user on whose behalf a component was launched

Elements in the modules array:

Field name

Description

created_time

Module creation date

description

Module name

file_name

File name

file_owner

Name of a file owner

file_size

File size (bytes)

hash

Module checksum

modified_time

Module last modified date

version

Module version

Elements in the bases array:

Field name

Description

created

Virus database creation date

file_name

Virus database file name

version

Virus database version

viruses

Number of virus records in a database

Elements in the group-membership array:

Field name

Description

id

Group ID

name

Group name

type

Group type:

0—user group,

1—base and default group,

2—group containing the online stations,

3—group containing the offline stations,

4—group containing stations grouped by operating system,

5—group containing stations grouped by network protocol,

6—group containing stations with uninstalled Dr.Web Agent,

7—group containing stations with expired access to the Dr.Web Server,

10—pseudogroup,

13—group containing Dr.Web Proxy servers for connecting Agents and neighbor Dr.Web Servers.

The keys block elements:

Field name

Description

inherited

If the value is true, it means that the keys were inherited from a parent group, and if false—that the keys were configured individually.

inherited_group_id

ID of a parent group from which the key parameters have been inherited.
This element will not be present as long as the inherited element is false.

inherited_group_name

Name of a parent group the key parameters were inherited from.
This element will not be present as long as the inherited element is false.

list

Array of key IDs.

Elements in the list array:

Field name

Description

id

Key ID

The permissions block elements:

Field name

Description

inherited

If true, it means that the privileges were inherited from a parent group, if false—permissions were specified individually.

inherited_group_id

ID of a parent group the privileges were inherited from.
This element will not be present as long as the inherited element is false.

inherited_group_name

ID of a parent group the privileges were inherited from.
This element will not be present as long as the inherited element is false.

list

Array of parameters for each privilege of a station

Elements in the list array:

Field name

Description

name

Privilege name (see Appendix A1. Station Privilege Codes)

right

Digital code of a privilege (see Appendix A1. Station Privilege Codes)

value

Privilege status:

0—this privilege was denied,

1—the privilege was granted.

The acl block elements:

Field name

Description

priority

Determines list priority:

allowed—allowed address list has a higher priority: addresses included in both lists or not included in any of them will be allowed.

disallowed—denied address list has a higher priority: addresses included in both lists or not included in any of them will be denied.

allowed

Array of addresses allowed to access the Dr.Web Server

disallowed

Array of addresses not allowed to access the Dr.Web Server

The allowed and disallowed array elements:

Field name

Description

net_mask

Network mask

net_address

Network address