If a scan POST request is successfully processed, the response body contains a JSON object with the following fields:
{ "object": "%SCAN_OBJECT%", "scanResult": "%SCAN_RESULT%", "detectionName": "%DETECTED_OBJECT%", "containsOfficeMacro": "%IS_MACRO_CONTAINED%", "subObjectsScanResults": [ { "object": "%SCAN_FILE%", "scanResult": "%SCAN_RESULT%", "detectionName": "%DETECTED_OBJECT%", "containsOfficeMacro": "%IS_MACRO_CONTAINED%" }, … { "object": "%SCAN_FILE%", "scanResult": "%SCAN_RESULT%", "detectionName": "%DETECTED_OBJECT%", "containsOfficeMacro": "%IS_MACRO_CONTAINED%" } ] } |
where:
object
contains the full path to the scanned file (if a request is made to /api/v3.0/scanfile
) or to a "memory"
string (if a request is made to /api/v3.0/scanmemory
).scanResult
is the scan result and can have the following values:CLEAN
DETECTED
DISINFECTED
DELETED
NON_SCANNED
SERVER_ERROR
detectionName
is the name of the detected malicious object in the Kaspersky Lab classification system.containsOfficeMacro
is the binary flag that has a value of true
if a macro was detected in the object and false
otherwise.subObjectsScanResults
is an array of scan results for each sub-object nested in the object that was scanned. This field with all of its sub-fields is only included in the response body if the scanned object contains nested sub-objects.subObjectsScanResults/object
is the path to the nested sub-object. Note that the path to the sub-object is separated from the path to its parent object by a double slash (//
), for example:/home/user/archive.tar//folder/subobject
subObjectsScanResults/scanResult
is the scan result for the nested sub-object.subObjectsScanResults/detectionName
is the name of the detected malicious object in the Kaspersky Lab classification system.subObjectsScanResults/containsOfficeMacro
is the binary flag that has a value of true
if a macro was detected in the nested sub-object and false
otherwise.If a POST scan request is processed with an error, the response body contains a JSON object with a single error
field:
{ "error": "%ERROR_MESSAGE%" } |
where error
contains the description of the error that occurred during the request processing.