post
/public_api/v1/quarantine/status
Retrieve the quarantine status for a specified files.
Required license: Cortex XDR Prevent, Cortex XDR Pro per Endpoint, or Cortex XDR Pro per GB
CURL
curl -X POST \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
"https://api-yourfqdn/public_api/v1/quarantine/status" \
-d '{
"request_data" : {
"files" : [ {
"file_path" : "file_path",
"file_hash" : "file_hash",
"endpoint_id" : "endpoint_id"
}, {
"file_path" : "file_path",
"file_hash" : "file_hash",
"endpoint_id" : "endpoint_id"
} ]
}
}'
Response
{
"reply": [
{
"endpoint_id": "<endpoint ID>",
"file_path": "C:\\<file path>\\test_x64.msi",
"file_hash": "<hash value>",
"status": false
}
]
}
Request
Body
optional
Example:
{"request_data":{"files":[{"endpoint_id":"","file_path":"C:\\\\test_x64.msi","file_hash":""}]}}
request_data
required
files
required
Array
Array of endpoint IDs, filepaths, and file hash.
endpoint_id
optional
String
Endpoint ID
file_path
optional
String
File hash. Must be a valid SHA256.
file_hash
optional
String
File path.
Responses