|
KSC Open API
Kaspersky Security Center API description
|
|
KSC Open API
Kaspersky Security Center API description
|
View contains a list of execution file instances from AppControl on the hosts.
View name: "ACHostExeFilesSrvViewName"
List of view attributes is presented below.
| Name | Type | Description | Remarks |
|---|---|---|---|
| "FILE_ID" | paramInt | File ID from database. | unique inside one Administration Server |
| "FILE_NAME" | paramString | File name. | Get from file VersionInfo. |
| "FILE_NONEMPTY_NAME" | paramString | Non-empty file name. | Usually it is equal to "FILE_NAME". If it is empty, a file name from a file instance is used. |
| "FILE_HASH_MD5" | paramBinary | MD5 hash of a file. | |
| "FILE_HASH_SHA256" | paramBinary | SHA256 hash of a file. |
|
| "FILE_TYPE" | paramInt | "File type". Uses one of the following constants:
|
|
| "FILE_HIPS_ID" | paramInt | HIPS file ID. |
|
| "FILE_VERSION" | paramInt | File version. | Get from the VersionInfo file. |
| "FILE_VERSIONRAW" | paramString | File version in a raw form. | Get from the VersionInfo file. |
| "PRODUCT_NAME" | paramString | Product name. | Get from the VersionInfo file. |
| "PRODUCT_VERSION" | paramInt | Product version. | Get from the VersionInfo file. |
| "PRODUCT_VERSIONRAW" | paramString | Product version in a raw form. | Get from the VersionInfo file. |
| "ORGANIZATION_NAME" | paramString | Organization name. | Get from the VersionInfo file. |
| "TRUSTED_GROUP" | paramInt | "Trusted group". Uses one of the following constants:
| The minimal value is used for all the file instances. |
| "KL_CATEGORY_DN" | paramString | Display name of the file's Kaspersky category. | |
| "KL_CATEGORY_ID" | paramBinary | GUID of the file's Kaspersky category. | If the file has multiple Kaspersky categories, then the special value L"0000000000000000A3BDDED20FBE7F76 is used. |
| "CATEGORY_DN" | paramString | Display name of the file category. Category can be KL or custom. | search-only attribute |
| "CATEGORY_ID" | paramBinary | GUID of the file category. Category can be KL or custom. | search-only attribute. |
| "KL_CATEGORIZED" | paramBool | This field should be used only in query filters.
| Search-only. |
| "CUSTOM_CATEGORIZED" | paramBool | This field should be used only in query filters.
| Search-only. |
| "HOST_ID" | paramInt | Host ID from database. | Unique for one Administration Server. |
| "HOST_NAME" | paramString | Host name, a unique server-generated string (see KLHST_WKS_HOSTNAME attribute). Empty string if no Network Agent is installed. | Read-only. |
| "HOST_DISPLAY_NAME" | paramString | Host display name. | |
| "HST_FILE_ID" | paramString | File instance ID on the host. | |
| "HST_FILE_BIN_ID" | paramBinary | File instance ID on the host. | Binary presentation of the "HST_FILE_ID". |
| "FILE_PATH" | paramString | Full path for the instance of the file on host. | |
| "HST_FIRST_APPEAR" | paramDateTime | Time when instance of the file has been added into database, in UTC. | |
| "FIRST_START_TIME" | paramDateTime | Time of the file first start on the host. | |
| "LAST_START_TIME" | paramDateTime | Time of the file last start on the host. | |
| "LAUNCH_COUNT" | paramInt | The file launch count on the host. |
|
| "strListProductName" | paramString | Internal name of the product that has a network list. | Supported from KSC 13. |
| "strListProductVersion" | paramString | Internal version of the product that has a network list. | Supported from KSC 13. |
| "CERT_ID" | paramBinary | ID of the certificate. | |
| "CERT_SERIAL" | paramBinary | Serial number of the certificate. | |
| "CERT_THUMBPRINT" | paramBinary | Thumbprint of the certificate. | |
| "CERT_PUBLICKEY" | paramBinary | Public key of the certificate. | |
| "CERT_ISSUER" | paramString | Issue of the certificate. | |
| "CERT_SUBJECT" | paramString | Subject of the certificate. | |
| "CERT_VALIDFROM" | paramDateTime | Indicates when the certificate becomes valid. | |
| "CERT_VALIDTO" | paramDateTime | Indicates when the certificate expires. |
