Title
Create new category
Edit page index title
Edit category
Edit link
Report Schema
Here you will find an explanation of the JSON report schema
allowed
file_paths: JSON array of files with Allowed result
Example:
av_info: JSON object containing objects describing the scanning engines used
key is the name of AV engine
def_time: timestamp of the last time the engine was updated
eng_id: string used to identify the engine
Example:
blocked
file_paths: JSON array of file paths with Blocked result
cdr
file_paths: JSON array of files with Zero-Day Protection results
coo
file_paths: JSON array of files blocked due to Country Of Origin
copy_info: optional, displays when Kiosk is in Transfer - USB or Transfer - Vault Mode
total_failures: count of how many files failed to transfer
total_processed: count of sanitized and redacted files successfully transferred
total_unprocessed: count of files transferred that were not sanitized or redacted
cve: JSON object containing objects that describe Vulnerability findings
key is the name of the CVE ID from the National Vulnerability Database
access_complexity: a CVSS access-complexity descriptor
access_vector: a CVSS access-vector descriptor
authentication: a CVSS authentication descriptor
description: a text description of the specific vulnerability
file_paths: JSON array of files with this CVE result
impact: JSON object describing impact description
availability: a CVSS availability impact descriptor
confidentiality: a CVSS confidentiality impact descriptor
integrity: a CVSS integrity impact descriptor
last_modified_time: last modified time for this CVE
published_time: last published time for this CVE
severity: String description of Severity level:
LOWMODERATEIMPORTANTCRITICALNOT_AVAILABLEUNKNOWN
severity_index: 5 point scale numerical description of Severity level with 5 being greatest and 0 being unknown
Example:
end_time: scan end timestamp
infected
file_paths: JSON array of infected file paths
name: name for this specific report made from internal instance ID, date, and time
paths: JSON array of mount points for scanned media
result_set: JSON object containing objects for individual file results
key is the full path to the file
av_info: JSON object containing objects describing results from scanning engine
key is AV name
scan_result_i: (internal use only)
threat_found: optional, only included if engine returns an infected result
engine_result: result from the scanning engine
cdr_info: null or a JSON object describing Zero-Day scan results for this file
description: string with CDR engine result
details: JSON array containing objects describing actions taken by the CDR engine (optional, could be empty)
action: string for action taken by CDR engine
object_name: string for type of object sanitized
sanitized_file_info: JSON object with information about the available sanitized file
file_size: size of sanitized file
sha256: sha256 hash of the sanitized file
coo_info: null or JSON object containing Country Of Origin information
company_name: name of company that created this file
country_of_origin: location where this file was created
violates_policy: boolean for whether or not this file violates the policy set in the Kiosk settings
cve_info: JSON array containing the CVE IDs of all CVEs found in this file
dlp_info: JSON object containing Data Loss Prevention engine results
hits: null or object containing DLP hit details
ssn: (optional) object describing Social Security Number hits
display_name: display name for this type of hit
hits: JSON array of objects describing each SSN hit
ccn: (optional) object describing Credit Card Number hits
display_name: display name for this type of hit
hits: JSON array of objects describing each CCN hit
extraction_info: JSON object containing information about any files extracted from this file. This will be empty for any non-archive file
file_info: JSON object containing details about this file
display_name: display name for this file
file_size: size of file
file_type: technical name for type of file
file_type_description: simple name for type of file
md5: MD5 hash of file
sha1: SHA1 hash of file
sha256: SHA256 hash of file
primary_result: the overall scan result determined from all engine results
Example:
rootkit_allowed
file_paths: JSON array of scanned boot sector files with Allowed result
rootkit_blocked
file_paths: JSON array of scanned boot sector files with Blocked result
session_type: type of session, "scan" for Scan mode, "copy" for Transfer - USB mode, "vault" for Transfer - Vault mode
session_error (optional): a string with an error message. Only included in report if there was an issue that stopped the session without user interaction
skipped
file_paths: JSON array of paths for any files that skipped scanning
start_time: scan start time
total_result_count: total count of all files scanned
user_question_answer: JSON array containing objects for questions and answers
key is text of the question
answer: users' answer to the question
uuid: (internal use only)
version: (internal use only)
vault_guest: (optional when Vault Transfer Mode is enabled) Guest ID to log into Vault to retrieve transferred files
vault_guest_qr_base64: (optional when Vault Transfer Mode is enabled, internal use only)
Example: