Get Quarantine Status

post /public_api/v1/quarantine/status

Retrieve the quarantine status for a specified files.

Required license: Cortex XDR Prevent, Cortex XDR Pro per Endpoint, or Cortex XDR Pro per GB

CURL

  curl -X POST \

-H "Accept: application/json" \
 -H "Content-Type: application/json" \
"https://api-yourfqdn/public_api/v1/quarantine/status" \
 -d '{
  "request_data" : {
    "files" : [ {
      "file_path" : "file_path",
      "file_hash" : "file_hash",
      "endpoint_id" : "endpoint_id"
    }, {
      "file_path" : "file_path",
      "file_hash" : "file_hash",
      "endpoint_id" : "endpoint_id"
    } ]
  }
}'
  

Response

                {
    "reply": [
        {
            "endpoint_id": "<endpoint ID>",
            "file_path": "C:\\<file path>\\test_x64.msi",
            "file_hash": "<hash value>",
            "status": false
        }
    ]
}
              

Request

Body

optional

Example: {"request_data":{"files":[{"endpoint_id":"","file_path":"C:\\\\test_x64.msi","file_hash":""}]}}

request_data

required

files

required

Array

Array of endpoint IDs, filepaths, and file hash.

endpoint_id

optional

String

Endpoint ID

file_path

optional

String

File hash. Must be a valid SHA256.

file_hash

optional

String

File path.

Responses

Successful response

Body

optional

Array

endpoint_id

optional

String

Endpoint ID.

file_path

optional

String

File path.

file_hash

optional

String

File hash.

status

optional

Boolean

The file's status. True: The file is quarantined. False: The file is not quarantined.

Bad Request. Got an invalid JSON.

Body

The query result upon error.

err_code

optional

String

HTTP response code.

err_msg

optional

String

Error message.

Example: {"line": 1, "column": 19, "message": "no viable alternative at input '|alter2'"}

err_extra

optional

String

Additional information describing the error.

Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.

Body

The query result upon error.

err_code

optional

String

HTTP response code.

err_msg

optional

String

Error message.

Example: {"line": 1, "column": 19, "message": "no viable alternative at input '|alter2'"}

err_extra

optional

String

Additional information describing the error.

Unauthorized access. User does not have the required license type to run this API.

Body

The query result upon error.

err_code

optional

String

HTTP response code.

err_msg

optional

String

Error message.

Example: {"line": 1, "column": 19, "message": "no viable alternative at input '|alter2'"}

err_extra

optional

String

Additional information describing the error.

Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.

Body

The query result upon error.

err_code

optional

String

HTTP response code.

err_msg

optional

String

Error message.

Example: {"line": 1, "column": 19, "message": "no viable alternative at input '|alter2'"}

err_extra

optional

String

Additional information describing the error.

Internal server error. A unified status for API communication type errors.

Body

The query result upon error.

err_code

optional

String

HTTP response code.

err_msg

optional

String

Error message.

Example: {"line": 1, "column": 19, "message": "no viable alternative at input '|alter2'"}

err_extra

optional

String

Additional information describing the error.