Retrieves a list of YARA files that have been uploaded to the Apex Central server.
HTTP Request
GET /WebApp/IOCBackend/YARAResource/FilingCabinet HTTP/1.1
Parameters
-
To list all uploaded files, do not specify any parameters.
-
To customize the list or filter the list to files that match specified values, use the following parameters.
|
Name |
Type |
Description |
Value |
|---|---|---|---|
|
Optional Parameters |
|||
|
FileHashIDList |
String |
Filters the list to uploaded files with the specified file hash IDs Note:
|
Default value: [] |
|
FuzzyMatchString |
String |
Filters the list to uploaded files that contain matching strings in the "File Name", "Title", and "Source Context" fields Note:
|
Default value: "" |
|
PageSize |
Integer |
Filters the list to the specified number of uploaded files per page |
Default value: 10 |
|
PageNumber |
Integer |
Filters the list to uploaded files that appear on the specified page number on the tab |
Default value: 1 |
|
SortingColumn |
Integer |
Sorts the list by the specified table column |
Default value: 3
|
|
SortingDirection |
Integer |
Sorts the list in the specified direction |
Default value: 2
|
HTTP Request Example
GET /WebApp/IOCBackend/YARAResource/FilingCabinet HTTP/1.1
HTTP Request Body
Specify a JSON object containing the following HTTP header and request body:
-
HTTP header:
Important:-
This API only supports the following Content-Type.
-
The authorization header is only required for external HTTP requests.
Field Name
Value
Content-Type
application/json;charset=utf-8
Authorization
Bearer {Generated JWT authentication token}
-
-
Request body:
?param= { "FileHashIDList": ["2A15F09D5C2779DEE7D42BE0F7959688E5329A16", "5E0129FD99A0A698F8D12A467182DCA263AE4377"], "FuzzyMatchString":"taleret.yara", "PageSize": 10, "PageNumber": 2, "SortingColumn": 3, "SortingDirection": 1 }
Response
If successful, this method returns an HTTP status code of "200", result code of "1", and a response body with the following structure:
{
"Data":
"FilingCabinet":
[
{
"FileHashID":
"2A15F09D5C2779DEE7D42BE0F7959688E5329A16",
"FileName": "cryptolocker.yara",
"ShortDescription":
"cryptolocker detection (experimental)",
"FileAddedDatetime": "2019-04-29 15:28",
"UploadedFrom": 2
"UploadedBy": "Tony_Stark",
"ExtractingStatus": 0
},
{
"FileHashID":
"5E0129FD99A0A698F8D12A467182DCA263AE4377",
"FileName": "mhadi campaign (apt).yara",
"ShortDescription": "mhadi campaign (apt)",
"FileAddedDatetime": "2019-04-21 11:35",
"UploadedFrom": 1
"UploadedBy": "CyberSponse",
"ExtractingStatus": 1
}
],
"TotalIOCCount": 30
},
"FeatureCtrl":
{
"mode": "0"
},
"Meta":
{
"Result": 1,
"ErrorCode": 0,
"ErrorMsg": "Success"
},
"PermissionCtrl":
{
"permission": "255",
"elements": "null"
},
"SystemCtrl": {
"TmcmSoDist_Role": "edge"
}
}
Where:
|
Name |
Type |
Description |
Value |
|---|---|---|---|
|
FileHashID |
String |
The file hash ID of the uploaded file |
Example: "2A15F09D5C2779DEE7D42BE0F7959688E5329A16" |
|
FileName |
String |
The file name of the uploaded file |
Example: "cryptolocker.yara" |
|
Title |
String |
The short description of the uploaded file |
Example: "cryptolocker detection (experimental)" |
|
FileAddedDatetime |
DateTime |
The date and time for when the file was uploaded |
Example: "2019-04-29 15:28" |
|
UploadedFrom |
Integer |
The Source of the uploaded file |
|
|
UploadedBy |
String |
The name of the user account that uploaded the file |
Example: "Tony_Stark" |
|
ExtractingStatus |
Integer |
The suspicious object extraction status of the uploaded file |
|
|
TotalIOCCount |
Integer |
The total number of objects extracted from the uploaded file |
Example: 30 |
If unsuccessful, this method returns an HTTP status code of "400", result code of "0", and one of the following error codes:
|
HTTP Status Code |
Error Code |
Description |
|---|---|---|
|
400 |
7 |
Incorrect parameter |
|
11 |
Incorrect input |
For more information about API responses and descriptions of response codes, see the following topics: