Exporting all file execution results
The following procedure tells you how to export all file execution results.
Kaspersky Sandbox, Kaspersky Threat Attribution Engine, and Similarity investigation results are exported separately.
To export all file execution results:
- On the Threat Analysis (
) page of Kaspersky Threat Intelligence Portal, do one of the following:- In the History table, click the download button (
) in the row that contains a file execution result that you want to export. - In the History table, click the View details → Sandbox / Attribution / Similarity in the row that contains a file execution result that you want to export, and then click the Export all results button on the page that opens.
- In the History table, click the download button (
- In the drop-down list, select the file format for exporting execution results:
- For Kaspersky Sandbox:
- CSV archive (.zip).
- JSON archive (.zip).
- PCAP (.pcap)—archive (.zip) containing JSON files and the network.pcap file.
- STIX (.stix).
- Debug report (.zip), if it is available. Debug report is provided as a password-protected .zip archive. Use the password infected to unpack the archive.
- For Kaspersky Threat Attribution Engine:
- JSON.
- STIX.
- YARA.
- For Similarity:
- JSON archive (.zip).
- STIX (.stix).
- CSV archive (.zip).
- For Kaspersky Sandbox:
The file with execution results for the executed object are saved. Preparing a file with all investigation results for downloading may take several minutes.