ON PREMISES SOLUTIONS

getDetonationDetails

The method returns the details of a submission, including a URL pointing to the HTML report.

Parameters

Parameter

Type

Optional

Description

submissionId

String

No

The ID of the submission for which the detonation details should be retrieved.

Return value

This method returns an Object containing the details of a completed detonation. The object has the following structure:

  • detailsReportUrl - a String containing the URL from where the HTML report is available for download.

  • score - an Integer in the range 0-100 representing the severity of the threat, if any.

  • verdict - an Integer having one of the following values:

    • 0, if clean.

    • 1, if infected.

    • 2, if unsupported.

  • mitreTags - an Array of Objects with the following structure:

    • category a String holding the MITRE category.

    • techniques an Array of Strings holding the MITRE techniques.

Example

Request:

  {
     "id": "787b5e36-89a8-4353-88b9-6b7a32e9c87f",
     "jsonrpc": "2.0",
     "method": "getDetonationDetails",
     "params": {
        "submissionId": "sp02_1547807011_936_e5"
     }
  }   

Response:

  {
     "id": "787b5e36-89a8-4353-88b9-6b7a32e9c87f",
     "jsonrpc": "2.0",
     "result": {
        "detailsReportUrl":"https://10.10.20.1:443/api/v1/report?report_id=asd",
        "score": 30,
        "verdict": 0,
        "mitreTags": [
           {
               "category": "Defense Evasion",
               "techniques": [
                  "Modify Registry",
               ]
           },
           {
               "category": "Persistence",
               "techniques": [
                  ".bash_profile and .bashrc",
                  "Account Manipulation",
               ]
           },
        ]
     }
  }