Skip to main content

createSubmitToSandboxAnalyzerTask

Use this method to create a Sandbox Analyzer task and submit up to 5 files for analysis. The task pulls the files that need to be analyzed from a target endpoint, along with any other files that need to be invloved in the process.

Important

This method is compatible only with Windows edpoints.

Parameters

Parameter	Description	Included in request	Type	Values
`targetId`	The endpoint id from which the task will be launched and where the files to be submitted are located.	Mandatory	String	No additional requirements. Example "targetId": "5d7244b10ea1de153817c072"
`samplePaths`	The paths to the files you want to submit for analysis.	Mandatory	Array of Strings	The Array can contain between 1 and 5 Strings. The values must have a valid path format and can have up to 1024 characters. Example "samplePaths": [ "C:\\first-script.ps1", "C:\\executable.exe", "C:\\text-file.txt" ]
`commandLines`	This array contains multiple Strings that allow you customize how each file is processed in Sandbox Analyzer. Each string consists of two elements: The paths to the scripts that contain the instructions on how to process the file. The path of the file you want to apply the instructions to.	Optional	Array of Strings	The Array can contain between 1 and 10 Strings. Both the paths included must have a valid format. Each string can have up to 4096 characters. Example "commandLines": [ "C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe C:\\first-script.ps1", "C:\\executable.exe -v --dry delete-all", "runas /user:Administrator C:\Program Files\Notepad++\notepad++.exe C:\\text1.txt" ]
`taskName`	The name you want to apply to the task.	Optional	String	The string can have up to 512 characters. Default value: `Submit to Sandbox Analyzer YYYY-MM-DD`. Example "taskName": "Submit to Sandbox Task Example"

Return value

Attribute	Type	Description
`result`	String	If successful, returns the ID of the resulting task.

Error messages

Code	Message	Details
-32602	Invalid params	"details": "No applicable targets were found."
		"details": "Target's company does not have a license that includes Sandbox Analyzer feature."
		"details": "Target operating system not supported."
		"details": "You must specify at least one sample path."
		"details": "The maximum number of 5 paths has been exceeded."
		"details": "The path must have a maximum of 1024 characters."
		"details": "Invalid path format."
		"details": "The command line must have a maximum of 4096 characters."
		"details": "The maximum number of 10 command lines has been exceeded."
		"details": "The task name must have a maximum of 512 characters."

Examples

Request

{
    "params": {
        "targetId": "5d7244b10ea1de153817c072",
        "samplePaths": [
            "C:\\first-script.ps1",
            "C:\\executable.exe",
            "C:\\text-file.txt"
            "C:\\text-file2.txt"
        ],
        "commandLines": [
            "C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe C:\\first-script.ps1", 
            "C:\\executable.exe -v --dry delete-all",
            "runas /user:Administrator C:\Program Files\Notepad++\notepad++.exe C:\\text1.txt"
        ],
        "taskName": "Submit to Sandbox Task Example"
    },
    "jsonrpc": "2.0",
    "method": "createSubmitToSandboxAnalyzerTask",
    "id": "787b5e36-89a8-4353-88b9-6b7a32e9c87f"
}

Response

{
    "id": "787b5e36-89a8-4353-88b9-6b7a32e9c87f",
    "jsonrpc":"2.0",
    "result": "6560a95884f89d6eca0b61b1"
}

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.