AllowedFileDetails
Details of the file allowed in the data center.
Properties
Name of the file. This is an array because a file is uniquely identified by the hash but name is a string that is user customizable.
Timestamp in milliseconds since epoch
md5 hash of the file.
Number of times this file was inspected in the data center.
Score of the file in the range from 0 to 100 for known verdicts. Score -1 indicates the verdict is UNINSPECTED because file is allowlisted. Any score outside the range of -1 to 100 will mean that verdict is UNKNOWN.
sha1 hash of the file
sha256 hash of the file.
This property describes the behavior of the file at runtime. Meanings are described below BENIGN: This is a benign file with no malicious code TRUSTED: This is a TRUSTED file based on the behaviour of the file HIGHLY_TRUSTED: This is a file from a highly trusted source like for e.g microsft published the file SUSPICIOUS: This file contains suspicious code and on execution can turn out to be malware MALICIOUS: This file is a malicious file containing malware or bad code that can harm the system UNKNOWN: This file is not known and hence its behavior is UNKNOWN at this point in time. UNINSPECTED: This file is marked as allowlisted and hence the verdict is UNINSPECTED.
Possible values are: BENIGN , TRUSTED , HIGHLY_TRUSTED , SUSPICIOUS , MALICIOUS , UNKNOWN , UNINSPECTED
JSON Example
{
"file_name": [
"string"
],
"last_inspected": 0,
"md5": "string",
"number_of_hits": 0,
"score": 0,
"sha1": "string",
"sha256": "string",
"verdict": "BENIGN"
}
Property Of
InlineAllowedFileDetailsList1
