Views:

Scanning a file Parent topic

To scan a file, upload it to the S3 bucket to scan:

Procedure

  1. In AWS, go to ServicesS3 and find your S3 bucket to scan.
  2. On the Overview tab, select Upload to add your file to the bucket.

What to do next

You can now view the tags within the AWS environment.
You can also view scan results in CloudWatch and be notified of scan results through SNS.

Viewing tags Parent topic

File Security Storage adds AWS tags to the files it scans. The tags contain a short description of the scan results, and start with the prefix fss-*. If ScanResultTagFormat is Separated tags or Merged tag, you'll only see thefss-* tags pertaining to the latest scan; tags from past scans are not kept. Additionally, all non-fss-* tags are preserved. If ScanResultTagFormat is No tag, File Security Storage will not add or remove any tags on the files.
To view the tags added by File Security Storage:
  1. In AWS, go to ServicesS3 and find your S3 bucket to scan.
  2. Under Overview, select a file that has been scanned.
  3. Select Properties.
  4. Select the Tags box.
    The tags added by File Security Storage should appear. If ScanResultTagFormat is Separated tags, the tags are:
    • fss-error-message: Appears if the fss-scan-result tag value is failure. Shows error message text.
    • fss-scan-date: Shows the date and time in UTC that the file was scanned.
    • fss-scan-result: Shows the scan result. Possible values are:
      • no issues found: Indicates that no malware was detected.
      • malicious: Indicates that known malware was detected.
      • failure: Indicates that the scan failed. (A failure does not necessarily mean that File Security Storage failed.)
    • fss-scan-detail-code: Appears if fss-scan-result is not failure. Shows status code that indicate the details of the scan.
      • 0: Scan completed without any more details.
      • 100~199: Some scans are skipped due to existing parameters. Contact support if you need assistance.
    • fss-scan-detail-message: Appears if fss-scan-result is not failure. Shows the status code message corresponding to fss-scan-detail-code.
    • fss-scanned: Indicates whether the file was scanned by File Security Storage. Possible values are true and false.
    If ScanResultTagFormat is Merged tag, the tag is:
    • fss-tags: Combines all the tags tagged with Separated tags into one string. Each tag's key and value are concatenated by =; all tags' key and value pairs are concatenated by +. For example, 
      fss-scanned=true+fss-scan-date=2022/04/16 10:44:13+fss-scan-result=no issues
              found+fss-scan-detail-code=0+fss-scan-detail-message=
      .
    If you don't see these tags and ScanResultTagFormat is not No tag, it means the file has not been scanned.