-
Notifications
You must be signed in to change notification settings - Fork 4
EngineResponseSchema
Amy Bowersox edited this page Apr 30, 2020
·
2 revisions
This schema should be used to format the return value from your engine object's analyze method. It contains the following properties:
-
iocs:(type:list) - A list of Indicators of Compromise returned by the analysis engine. Each item in this list is adictthat must follow the Indicator of Compromise schema. If no IOCs are present, an empty list should be returned here. -
engine_name:(type:str) - The name of the analysis engine generating this response. -
binary_hash:(type:str) - The hash value of the item that was analyzed. Always 64 characters in length. Should be copied from thesha256:element of the binary metadata. -
success:(type:bool) - A value ofTrueif the analysis succeeded,Falseif it did not.
Copyright © 2020 VMware Inc., All Rights Reserved.
Information here is current as of Carbon Black Cloud Binary Toolkit 1.0.0