Scan a file or directory
Scan a specific file or directory on an endpoint for malware.
Body Required
-
agent_type string
Values are
endpoint
,sentinel_one
, orcrowdstrike
. -
alert_ids array[string]
A string that is not empty and does not contain only whitespace
At least
1
element. Minimum length of each is1
. Format of each should match the following pattern:^(?! *$).+$
. -
case_ids array[string]
Case IDs to be updated (cannot contain empty strings)
At least
1
element. Minimum length of each is1
. -
comment string
Optional comment
-
List of endpoint IDs (cannot contain empty strings)
At least
1
element. Minimum length of each is1
. -
Additional properties are allowed.
POST /api/endpoint/action/scan
curl \
-X POST https://localhost:5601/api/endpoint/action/scan \
-H "Content-Type: application/json; Elastic-Api-Version=2023-10-31"
Request examples
{
"agent_type": "endpoint",
"alert_ids": [
"string"
],
"case_ids": [
"string"
],
"comment": "string",
"endpoint_ids": [
"string"
],
"parameters": {
"path": "string"
}
}
Response examples (200)
{}