Quarantine List

Base URL

https://{SERVER}/api/?apikey={yourAPIkey}&service=mav_quarantine_list

Description

List Managed Antivirus quarantined threats on the specified device.

Parameters

Required parameters

Add required parameters immediately after the base URL.

https://{SERVER}/api/?apikey={yourAPIkey}&service=mav_quarantine_list&required_parameters={parameter-value}

Parameter	Description	Type	Options	Default
deviceid	The deviceid must be a valid device id.	integer	0

Optional parameters

Add optional parameters after the required parameters in the base URL.

https://{SERVER}/api/?apikey={yourAPIkey}&service=mav_quarantine_list&required_parameters={parameter-value}&optional_parameters={parameter-value}

Parameter	Description	Type	Options	Default
describe	Optional. Returns a description of the entered call, the available parameters, an example of its output, and returned fields with descriptions.	boolean	true	0
v	Managed Antivirus engine version 1 VIPRE engine 2 Bitdefender engine From Dashboard 2019.08.13 this call defaults to version 2 (Bitdefender).	integer	1 2	2

Determine parameter values

Use the following associated service calls to determine parameter values.

Parameter	Call	URL Format
deviceid	list_devices_at_client	`https://{SERVER}/api/?apikey=yourAPIkey&service=list_devices_at_client&clientid=CLIENTID&devicetype=server`
	list_servers	`https://{SERVER}/api/?apikey=yourAPIkey&service=list_servers&siteid=SITEID`
	list_workstations	`https://{SERVER}/api/?apikey=yourAPIkey&service=list_workstations&siteid=SITEID`
siteid	list_sites	`https://{SERVER}/api/?apikey=yourAPIkey&service=list_sites&clientid=CLIENTID`
clientid	list_clients	`https://{SERVER}/api/?apikey=yourAPIkey&service=list_clients`

Examples

List quarantined threats on a device

https://{SERVER}/api/?apikey={yourAPIkey}&service=mav_quarantine_list&deviceid=DEVICEID&v=VERSION

Example response

<?xml version="1.0"?>
<quarantines>
  <quarantine>
    <quarantineguid>{5CCB948F-6F4D-4AEF-93F8-78A8C2D50DE2}</quarantineguid>
    <statusid>1</statusid>
    <group>0</group>
    <quarantineStatus>Quarantined</quarantineStatus>
    <eventDate>2011-05-18 12:30:49</eventDate>
    <threatName>EICAR (v)</threatName>
    <traces>1</traces>
    <eventtype>Deep scan</eventtype>
  </quarantine>
</quarantines>

Returned fields

Field	Type	Can Be Empty	Description
quarantineguid	integer	no	Unique identifier of an instance in quarantine. the same as the quarantine_id field above. The value returned can however be passed into the 'guids' parameter of the mav_quarantine_release or mav_quarantine_remove services.
statusid	integer	no	Numeric representation of quarantine status: 1 - Quarantined 2 - Release pending 3 - Released 4 - Delete Pending 5 - Deleted 6 - Reported 7 - Failed to quarantine 8 - Failed to release from quarantine 9 - Failed to delete from quarantine Values 1 to 5 inclusive may be returned for either the VIPRE or Bitdefender engines. Values 6 to 9 inclusive are only applicable to VIPRE engine.
group	integer	no	Action group identifier: 0 - Item is presently quarantined (quarantined / pending removal or release / removal or release failed) 1 - Item is not presently quarantined (released / deleted / failed to quarantine / reported)
quarantineStatus	string	no	Text representation of quarantine status. One of: VIPRE or Bitdefender Engines -Quarantined -Release pending -Released -Delete pending -Deleted VIPRE Engine Only -Reported -Failed to quarantine -Failed to release from quarantine -Failed to delete from quarantine
eventDate	datetime	no	Date and time quarantine event recorded.
threatName	string	yes	Name of the recorded threat
traces	integer	no	Number of recorded traces Note: For Bitdefender there is only ever one trace per quarantine item so this will always contain the value 1.
eventtype	string	yes	Description of the scan event type: VIPRE Engine -Quick Scan -Deep Scan -Unquarantine -Quarantine deleted -Quarantine event -Agent threat update -Agent software update -Active protection -Custom scan -System event For Bitdefender this field is not always populated, if it is the value will be one of: Bitdefender Engine -Active Protection -Quick -Deep -Custom -Behavioral -IDS -Device
engine	string	no	Managed Antivirus engine where this data originates from, either VIPRE or Bitdefender (field only present where v>1)