Get downloaded file task report (Sandbox)

Expand all | Collapse all

The /sandbox/tasks/file_from_url/{task ID}/report/data endpoint is used to obtain the execution task results in Kaspersky Sandbox.

For Windows execution environments, new section values are added to differentiate results for specific Android and Windows sections with the same section names. Certain values are still available for the backward compatibility with previous API versions.

Request

Request method: GET

Endpoint: https://tip.kaspersky.com/api/sandbox/tasks/file_from_url/{task_id}/report/data

Query parameters:

Expected parameters

Parameter

Description

task_id

Object execution task ID.

section

Array of values separated by commas. Specifies JSON objects to include to the report.

Sections available both for Windows and Android environments:

  • all—All available JSON files and folders with images and screenshots are added to the report (default value).
  • categories—The categories.json file is added to the report.
  • detection-names—The detection-names.json file is added to the report.
  • downloaded-files-list (obsolete, left for compatibility) or transferred-files—The downloaded-files.json file is added to the report.
  • download-url-properties—The download-url-properties.json file is added to the report. Available only if the file was downloaded from a web address.
  • dropped-files or dropped-files-list (obsolete, left for compatibility)—The dropped-files.json file is added to the report.
  • pcap—The network-traffic.pcap file is added to the report.
  • publications—The publications.json file is added to the report.
  • sample-download-info—The sample-download-info.json file is added to the report. Available only if the file was downloaded from a web address.
  • screenshots—The folder with screenshots is added to the report.
  • traffic-report—The network-traffic.json file is added to the report.
  • triggered-network-rules—The triggered-network-rules.json file is added to the report.

     

Sections available for Windows environments only:

  • container-files—The sample-content.json file is added to the report.
  • file-operations—The file-operations.json file is added to the report.
  • loaded-pe—The loaded-pe-images.json file is added to the report.
  • mitre-matrix—The matrix.json file is added to the report.
  • process-operations—The process-operations.json file is added to the report.
  • registry-operations—The registry-operations.json file is added to the report.
  • suspicious-activities (obsolete, left for compatibility) or suspicious-activities-windows—The suspicious-activities.json file is added to the report.
  • synchronize-operations—The synchronize-operations.json file is added to the report.

     

Sections available for Android environments only:

  • bundle-images—The folder with bundle images is added to the report.
  • bundle-items—The static-bundle.json file is added to the report.
  • components—The static-component.json file is added to the report.
  • dumps—The dumps.json file is added to the report.
  • manifest—The manifest.zip file is added to the report.
  • modules—The static-modules.json file is added to the report.
  • permissions—The static-permissions.json file is added to the report.
  • suspicious-activities-android—The suspicious-activities-android.json file is added to the report.

For more detail about an object execution results in JSON format, refer to section Exporting execution results to JSON archive.

Request example:

To get task results as a byte stream for the downloaded and executed files:

curl -u <user name> --cert <full path to the certificate on your computer> -X GET 'https://tip.kaspersky.com/api/sandbox/tasks/file_from_url/<task ID>/report/data?section=all' -o result.zip

Responses

200 OK

400 Bad Request

401 Unauthorized

403 Forbidden

404 Not Found

451 Unavailable For Legal Reasons

Page top