Get Quarantine State Information

Request Parameters

Parameter

Description

Mandatory

from

Start date of the requested period, during which objects were moved to Quarantine.

If not set, then the current month statistics is returned.

no

id

ID of station on which Quarantine state is requested

yes

page

Page number to be returned in a response, in paged view (can be used to display information about a large number of objects in Quarantine).

The default value is 1.

no

per-page

Number of objects in Quarantine per page, in paged view (can be used to display information about a large number of objects in Quarantine).

The default value is 100.

no

till

End date of the requested period, during which objects were moved to Quarantine.

If not set, then the current month statistics is returned.

no

 

Request Example

https://192.168.1.1:9081/api/stations/quarantine-objects.ds?id=1002&page=2&per-page=1

XML and JSON response structure examples are described below.

 

XML Response Structure

<drweb-es-api api_version="4.3.0" timestamp="1587587019" server="192.168.1.1" srv_version="12.00.0.201909260" status="true">
 <station-quarantine items="1" period_from="1585688400" period_till="1587589199">
   <item>
     <created-time>1587553404</created-time>

     <component>2</component>

     <file size="125440">C:\Users\tests\Virs\Win32.PariteC:\Users\Administrator\Desktop\sendmessage 111\sendmessage\sendmessage\adware._xe</file>

     <hash>F20ED9A269BF10E2E9F119979478890C8AA5E6A3F6CD83B2020F27C01991EDF7</hash>

     <owner>win7-pro-x64-ru\Administrator:win7-pro-x64-ru\None</owner>

     <virus-info>Adware.Dudu</virus-info>

     <object>Fc45be5fbe1f9f0b64f9a58fa898b73d913ad494aabb4aa9341c96737600fa44</object>

     <q-time>20200422110324000</q-time>
     <infection-type>5</infection-type>
   </item>
 </station-quarantine>

 <pages total="6" current="2" objects-per-page="1"/>
</drweb-es-api>

 

Description of XML Response Parameters

The <station-quarantine /> element contains information about all objects in Quarantine on a station.

The <station-quarantine /> element attributes:

Attribute

Description

items

Number of objects in Quarantine displayed per page

period_from

Start date of the requested period, during which objects were moved to Quarantine

period_till

End date of the requested period, during which objects were moved to Quarantine

The <item /> element contains information about a specific object in Quarantine.

The <created-time /> element value is the time when an object was added to Quarantine at the Dr.Web Server.

The <component /> element value is a code of component that moved an object to Quarantine:

0—unknown component,

1—Dr.Web Scanner,

2—SpIDer Guard,

3—SpIDer Mail,

4—SpIDer Gate,

5—Quarantine Manager,

6—Dr.Web for Kerio,

7—Dr.Web for Microsoft Outlook,

8—Dr.Web for IBM Lotus Domino,

9—Dr.Web for Qbik WinGate,

10—Dr.Web for ISA Server,

11—Antirootkit module.

The <file /> element contains information about a specific file in Quarantine.

The <file /> element attribute:

Attribute

Description

size

Size of a file in Quarantine

The <file /> element value is the original name of a file before it was moved to Quarantine.

The <hash /> element value is an object hash code in the SHA-256 format.

The <owner /> element value is the file owner name.

The <virus-info /> element value is the name of malware object according to the Doctor Web company classification.

The <object /> element value is an object ID after it was moved to Quarantine.

The <q-time /> element value is the time when an object was moved to Quarantine on a station.

The <infection-type /> element value is an infection type:

1—known infection,

2—known infection modification,

4—unknown infection,

5—adware,

6—dialer,

7—joke,

8—riskware,

9—hacktool.

The <pages /> element contains information about the paged view.

The <pages /> element attributes:

Attribute

Description

total

Total number of pages

current

Current page number

objects-per-page

Max number of objects in Quarantine displayed per page

 

JSON Response Structure

{ "head": {
  "status": true,

  "timestamp": 1587592440,

  "api": {
    "version": 40300,
    "versionString": 4.3.0},

  "server": {
    "name": "192.168.1.1",

    "version": "12.00.0.201909260",
    "uuid": "d43ec7c0-846c-11ea-56fb-d8e582d45004"}},

"data": {
  "period_from": 1585688400,

  "period_till": 1587675599,

  "items": {
    "total": 1,

    "list": [
      {"created_time": 1587553404,

        "component_code": 2,

        "file": "C:\\Users\\Administrator\\Desktop\\sendmessage 111\\sendmessage\\sendmessage\\adware._xe",

        "file_size": 125440,

        "hash": "F20ED9A269BF10E2E9F119979478890C8AA5E6A3F6CD83B2020F27C01991EDF7",

        "owner": "win7-pro-x64-ru\\Administrator:win7-pro-x64-ru\\None",

        "virus_info": "Adware.Dudu",

        "object": "Fc45be5fbe1f9f0b64f9a58fa898b73d913ad494aabb4aa9341c96737600fa44",

        "q_time": 20200422110324000,
        "infection_type": 5}]},

  "pages": {
    "total": 6,

    "current": 2,
    "objects_per_page": 1}}}

 

Description of JSON Response Parameters

The data block contains information about all objects in Quarantine on a station.

The data block elements:

Field name

Description

period_from

Start date of the requested period, during which objects were moved to Quarantine

period_till

End date of the requested period, during which objects were moved to Quarantine

items

Block containing information about objects in Quarantine

The items block elements:

Field name

Description

total

Number of objects in Quarantine displayed per page

list

Array with information about every object in Quarantine

Every object in the list array contains information about a specific object in Quarantine.

Elements in the list array:

Field name

Description

created_time

The time when an object was added to Quarantine at the Dr.Web Server

component_code

Code of a component that moved an object to Quarantine:

0—unknown component,

1—Dr.Web Scanner,

2—SpIDer Guard,

3—SpIDer Mail,

4—SpIDer Gate,

5—Quarantine Manager,

6—Dr.Web for Kerio,

7—Dr.Web for Microsoft Outlook,

8—Dr.Web for IBM Lotus Domino,

9—Dr.Web for Qbik WinGate,

10—Dr.Web for ISA Server,

11—Antirootkit module.

file

Original file name and full file path before it was moved to Quarantine

file_size

Size of a file in Quarantine

hash

Object hash code in the SHA-256 format

owner

Name of a file owner

virus_info

Name of malware object according to the Doctor Web company classification

object

Object ID after it was moved to Quarantine

q_time

Time when an object was moved to Quarantine on a station

infection_type

Infection type:

1—known infection,

2—known infection modification,

4—unknown infection,

5—adware,

6—dialer,

7—joke,

8—riskware,

9—hacktool.

The pages block contains information about the paged view.

The pages block elements:

Field name

Description

current

Current page number

objects_per_page

Max number of objects in Quarantine displayed per page

total

Total number of pages