malware malicious list:
return_type: MaliciousListAgentResponse
help: Show the list of malicious files
type: dict
cli:
users:
- root
schema:
since:
type: integer
coerce: int
default: 0
help: Show files found after this unix timestamp.
to:
type: integer
coerce: int
default_setter: now
help: Show files found before this unix timestamp.
limit:
type: integer
coerce: int
default: 50
help: Page size
offset:
type: integer
coerce: int
default: 0
help: Page offset
search:
type: string
nullable: true
help: |
Search by file path and owner username.
by_scan_id:
type: string
nullable: true
help: |
Search by scan id.
Can be obtained via `malware on-demand list` or `malware on-demand list-user`.
user:
type: string
nullable: true
help: |
Admins can filter results by user.
Users can only see their own files.
by_status:
type: list
schema:
type: string
nullable: true
help: |
Filter by status.
Possible values: `found`, `cleanup_pending`, `cleanup_started`, `cleanup_done`, `cleanup_removed`, `cleanup_requires_myimunify_protection`, `cleanup_restore_pending`, `cleanup_restore_started`, `restore_from_backup_started`, `restored_from_backup`.
ids:
type: list
schema:
type: integer
coerce: int
nullable: true
help: |
List specific files by ID.
IDs be obtained via `malware malicious list`.
Conflicts with other filters and `order_by`.
order_by:
type: list
schema:
type: order_by
coerce: order_by
nullable: true
help: |
List of fields to order by, each followed by a `+` (ascending) or `-` (descending).
E.g. `["status+","scanid.started-"]` would order by `status` ascending and `scanid.started` descending.
malware malicious remove-from-list:
type: dict
cli:
users:
- root
schema:
ids:
type: list
schema:
type: integer
coerce: int
required: true
positional: true
help: |
List of file IDs to remove.
IDs be obtained via `malware malicious list`.
items:
rename: ids
help: DEPRECATED
user:
type: string
nullable: true
help: (internal)
help: Remove entries from the list of malicious files without removing the files
malware malicious move-to-ignore:
help: Move files to ignore list
type: dict
# why not SucceededFailedAgentResponse
return_type: NumberAgentResponse
cli:
users:
- root
schema:
ids:
type: list
schema:
type: integer
coerce: int
required: true
positional: true
help: |
List of file IDs to move.
IDs be obtained via `malware malicious list`.
items:
rename: ids
help: DEPRECATED
user:
type: string
nullable: true
help: (internal)
# 2 more actions, request and response formats are the same as in others above
# initiate cleanup of selected files
# it would be nice to wait until cleanup is done here, and only then return the response
# user won't send more then 100 files from UI at once anyway
malware malicious cleanup:
help: Cleanup malicious files
type: dict
return_type: NullAgentResponse
cli:
users:
- root
schema:
ids:
type: list
schema:
type: integer
coerce: int
required: true
positional: true
help: |
List of file IDs to cleanup.
IDs be obtained via `malware malicious list`.
items:
rename: ids
help: DEPRECATED
user:
type: string
nullable: true
help: (internal)
standard_only:
type: boolean
help: (internal)
# restore original copy that was created before cleanup attempt
malware malicious restore-original:
help: Restore the original copy that was created before a cleanup attempt
type: dict
return_type: SucceededFailedAgentResponse
cli:
users:
- root
schema:
ids:
type: list
schema:
type: integer
coerce: int
required: true
positional: true
help: |
List of file IDs to restore.
IDs be obtained via `malware malicious list`.
items:
rename: ids
help: DEPRECATED
user:
type: string
nullable: true
help: (internal)
# does not accept any params, initiates cleanup of all files
# no need to wait until cleanup is done
# return response as soon as the status of files in `malware malicious list` is changed to `cleanup_in_progress`
malware malicious cleanup-all:
help: Cleanup all malicious files
type: dict
return_type: NullAgentResponse
cli:
users:
- root
schema:
user:
type: string
nullable: true
help: (internal)
standard_only:
type: boolean
help: (internal)
malware cleanup status:
help: Show the status of running cleanup
type: dict
cli:
users:
- root
malware user cleanup:
help: Cleanup all files of a specific user
type: dict
return_type: NullAgentResponse
cli:
users:
- root
schema:
user:
type: list
schema:
type: string
required: true
positional: true
help: |
Admins can cleanup files of any user.
Users can only cleanup their own files.
standard_only:
type: boolean
help: (internal)
malware user restore-original:
help: Restore the original (infected) copy of all cleaned files of a specific user
type: dict
return_type: SucceededFailedAgentResponse
# why? ui do not use it
cli:
users:
- root
schema:
user:
type: list
schema:
type: string
required: true
positional: true
help: |
Admins can restore files of any user.
Users can only restore their own files.
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| history.pickle | File | 1.05 KB | 0644 |
|
| history.yaml | File | 1.17 KB | 0644 |
|
| ignore.pickle | File | 2.41 KB | 0644 |
|
| ignore.yaml | File | 2.74 KB | 0644 |
|
| malicious.pickle | File | 4.74 KB | 0644 |
|
| malicious.yaml | File | 5.92 KB | 0644 |
|
| malware-rebuild-patterns.pickle | File | 270 B | 0644 |
|
| malware-rebuild-patterns.yaml | File | 261 B | 0644 |
|
| malware-rescan-files.pickle | File | 183 B | 0644 |
|
| malware-rescan-files.yaml | File | 181 B | 0644 |
|
| malware-send-files.pickle | File | 236 B | 0644 |
|
| malware-send-files.yaml | File | 244 B | 0644 |
|
| on-demand-queue.pickle | File | 2.2 KB | 0644 |
|
| on-demand-queue.yaml | File | 2.57 KB | 0644 |
|
| on-demand-user.pickle | File | 1.49 KB | 0644 |
|
| on-demand-user.yaml | File | 1.59 KB | 0644 |
|
| on-demand.pickle | File | 3.14 KB | 0644 |
|
| on-demand.yaml | File | 3.56 KB | 0644 |
|
| read.pickle | File | 482 B | 0644 |
|
| read.yaml | File | 526 B | 0644 |
|
| submit.pickle | File | 802 B | 0644 |
|
| submit.yaml | File | 915 B | 0644 |
|
| suspicious.pickle | File | 694 B | 0644 |
|
| suspicious.yaml | File | 828 B | 0644 |
|
| user.pickle | File | 1.7 KB | 0644 |
|
| user.yaml | File | 1.93 KB | 0644 |
|