KSC Open API
Kaspersky Security Center API description
SrvView List of files from quarantine, backup, and unprocessed network lists

Views for quarantine, backup, and unprocessed network lists have the same format.

View name for Quarantine network list: "Quarantine"
View name for Backup network list: "Backup"
View name for unprocessed files network list: "TIF"

List of view attributes is presented below.

NameTypeDescriptionRemarks
"nId"paramIntItem ID from the database.Unique for one Administration Server.
"strListProductName"paramStringInternal name of the product that has a network list.Supported from KSC 13.
"strListProductVersion"paramStringInternal version of the product that has a network list.Supported from KSC 13.
"strId"paramStringItem string ID on the host. 
"strHostDisplayName"paramStringHost display name. 
"nGroup"paramIntID of administration group where the host is located.Host may be moved by changing the value of this attribute.
"strHostName"paramStringHost name. A unique server-generated string. 
"KLVSRV_ID"paramIntVirtual server ID.Read-only.
"KLVSRV_DN"paramStringVirtual server display name.

 

"taskName"paramStringName of the action that is executed over the item.Empty if no action is executed.
"taskError"paramStringDescription of the error of the action that is executed over the item.

Empty if no action is executed or if no error occurs.

"ObjName"paramStringName of the object in the list. 
"szRestorePath"paramStringRestore path for the object.

May be empty if the object is not restored.

"szDescription"paramStringInformation field. For example, name of the file container. 
"szFileTitle"paramStringName of the file without path. 
"szUser"paramStringName of the user who put the object to the list.Attribute should be non-empty if "iObjStatus" is equal to 4.
"VirusName"paramStringName of the suspected virus.

 

"iObjStatus"paramIntItem status. Uses one of the following constants:
  • 1 - Item references an infected object
  • 2 - Item references a warning
  • 3 - Item references an unknown or malicious application
  • 4 - A local user put the item into to the list by hand
  • 5 - Item references a harmless object that earlier had been considered to be suspicious
  • 6 - Item references an object that has been cured
  • 7 - Item references a clean object
  • 8 - Item references a password-protected object
  • 9 - Item references a deleted object
  • 10 - SC must send to Kaspersky the object referenced by the item (Advanced Protection Service, "the file is wanted by AMR")

 

"QBStoreTime"paramDateTimeTime when the item has been put to the list, in UTC.May be absent.
"QBObjSize"paramIntFile (object) size in bytes.May be absent.
"SentToKLDate"paramDateTimeTime when object has been sent to Kaspersky.May be absent.
"QBLastCheckBaseDate"paramDateTimeTime when object has been checked last time.

May be absent.


See also:
List of supported srvviews