List Managed Antivirus Threats

Base URL

https://{SERVER}/api/?apikey={yourAPIkey}&service=list_mav_threats

Description

Lists the most recently found occurrence of each different threat found on a device scanned with Managed Antivirus (MAV).

Parameters

Required parameters

Add required parameters immediately after the base URL.

https://{SERVER}/api/?apikey={yourAPIkey}&service=list_mav_threats&required_parameters={parameter-value}

Parameter	Description	Type	Options	Default
deviceid	The deviceid must be a valid device id.	integer	0	0

Optional parameters

Add optional parameters after the required parameters in the base URL.

https://{SERVER}/api/?apikey={yourAPIkey}&service=list_mav_threats&required_parameters={parameter-value}&optional_parameters={parameter-value}

Parameter	Description	Type	Options	Default
describe	Optional. Returns a description of the entered call, the available parameters, an example of its output, and returned fields with descriptions.	boolean	true	0
v	Managed Antivirus engine version 1 VIPRE engine 2 Bitdefender engine From Dashboard 2019.08.13 this call defaults to version 2 (Bitdefender).	integer	1 2	2

Determine parameter values

Use the following associated service calls to determine parameter values.

Parameter	Call	URL Format
deviceid	list_devices_at_client	`https://{SERVER}/api/?apikey=yourAPIkey&service=list_devices_at_client&clientid=CLIENTID&devicetype=server`
	list_servers	`https://{SERVER}/api/?apikey=yourAPIkey&service=list_servers&siteid=SITEID`
	list_workstations	`https://{SERVER}/api/?apikey=yourAPIkey&service=list_workstations&siteid=SITEID`
siteid	list_sites	`https://{SERVER}/api/?apikey=yourAPIkey&service=list_sites&clientid=CLIENTID`
clientid	list_clients	`https://{SERVER}/api/?apikey=yourAPIkey&service=list_clients`

Examples

List managed antivirus threats

https://{SERVER}/api/?apikey={yourAPIkey}&service=list_mav_threats&deviceid=DEVICEID&v=VERSION

Example response

<?xml version="1.0" ?>
<example>
  <result created="2024-10-09T10:55:41+01:00" host="SERVER" status="OK">
    <threat>
      <name>[name of threat]</name>
      <category>[category of threat]</category>
      <last_event>[date and time of last scan which detected this threat]</last_event>
      <last_status>[one of: QUARANTINED, RELEASE_PENDING, RELEASED, DELETE_PENDING, DELETED, REPORTED, FAILED_TO_QUARANTINE, FAILED_TO_RELEASE, FAILED_TO_DELETE]</last_status>
      <last_scan_type>[one of: QUICK, DEEP, ACTIVE, CUSTOM]</last_scan_type>
      <last_trace_count>[number of traces of the threat found during last scan which detected this threat]</last_trace_count>
    </threat>
    [...more threat entries if they exist...]
  </result>
</example>

Returned fields

Field	Type	Can Be Empty	Description
name	string	no	Name of threat
category	string	no	Category of threat. The threat category names can differ between the VIPRE and Bitdefender engines.
last_event	integer	yes	For the VIPRE engine, the UTC end date and time of last scan which detected this threat. For the Bitdefender engine, the end date and time of the last scan with detected this threat, or if applicable the date and time of the last quarantine action.
last_status	string	no	Status of the threat on the device, one of: VIPRE Engine -Quarantined -Release pending -Released -Delete pending -Deleted -Reported -Failed to Quarantine -Failed to release -Failed to delete Bitdefender Engine -Ignored -Detected -Deleted -Blocked -Quarantined -Cleaned -QuarantineRestored -QuarantineDeleted
last_scan_type	string	yes	Scan type, one of: VIPRE Engine -Quick Scan -Deep Scan -Active scan -Custom scan Bitdefender Engine -Active Protection -Quick -Deep -Custom -Behavioral -IDS -Device
last_trace_count	integer	yes	Number of traces of the threat found during last scan which detected this threat
engine	string	yes	Managed Antivirus engine where this data originates from, either VIPRE or Bitdefender (field only present where v>1)