dr.web web api for enterprise security suite€¦ · doctor web customers can be found among home...

Administrator Manual

Web API for Enterprise Security Suite

© Doctor Web, 2019. All rights reserved

This document is the property of Doctor Web. No part of this document may be reproduced,

published or transmitted in any form or by any means for any purpose other than the

purchaser's personal use without proper attribution.

Trademarks

Dr.Web, SpIDer Mail, SpIDer Guard, CureIt!, CureNet!, AV-Desk, KATANA and the Dr.WEB logo

are trademarks and registered trademarks of Doctor Web in Russia and/or other countries.

Other trademarks, registered trademarks and company names used in this document are

property of their respective owners.

Disclaimer

In no event shall Doctor Web and its resellers or distributors be liable for errors or omissions, or

any loss of profit or any other damage caused or alleged to be caused directly or indirectly by

this document, the use of or inability to use information contained in this document.

Dr.Web Web API for Enterprise Security Suite

Version 12.0


10/28/2019

Doctor Web Head Office

2-12A, 3rd str. Yamskogo polya

Moscow, Russia

125040

Website: https://www.drweb.com/

Phone: +7 (495) 789-45-87

Refer to the official website for regional and international office information.

https://www.drweb.com/

Doctor Web

Doctor Web develops and distributes Dr.Web information security solutions which provide

efficient protection from malicious software and spam.

Doctor Web customers can be found among home users from all over the world and in

government enterprises, small companies and nationwide corporations.

Dr.Web antivirus solutions are well known since 1992 for continuing excellence in malware

detection and compliance with international information security standards.

State certificates and awards received by the Dr.Web solutions, as well as the globally

widespread use of our products are the best evidence of exceptional trust to the company

products.

We thank all our customers for their support and devotion to the Dr.Web products!


4

Table of Contents

Introduction 7

1. Integration of Dr.Web Web API for Enterprise Security Suite with

third-party software via the Web API 8

2. General Structure of Response Documents 9

Response in XML format 9

Response in JSON format 10

3. Stations Handling 13

Create a New Station 14

Change Station Parameters 17

Delete a Station 20

Restore a Station 22

Get Station Information 24

Get Station Statistics 43

Get statistics on performed actions 49

Get Stations List by a State 52

Get State of Specified Station 57

Get States of Stations 59

Send a Message to a Station 62

Remote Launch of Stations Scanning 64

Update Components by Stations 68

Reboot Station 70

Get the Quarantine State 72

Get Newbies Information 78

Get Installing Components List 81

Get Installed Components List 85

Get Running Components List 89

Get Modules List 93

Get Virus Databases List 96

Get Station Location Data 99

Get Information about Products on a Station 102

4. Groups Handling 107

Add a New Group 108

Change Group Parameters 109


5

Delete Group 111

Get Groups List 113

Get Group Information 116

Get Group Statistics 125

Get statistics on performed actions 131

Send a Message to Stations of a Group 135

Launch of Scanning on Stations of a Group 137

Update Components on Stations of a Group 141

Reboot Stations of a Group 143

Get the List of Stations of a Group 145

Get the Quarantine State 149

Get Location Data of Stations of a Group 155

Get Installing Components List for a Group 158

5. Server Handling 163

Server Information 164

Repository Status 170

Get Repository Update Information 174

Get Server statistics on detected threats 176

Run a Job 181

Get Server Encryption Public Keys 184

Search for Stations and Groups 186

Get Information about License Keys 190

Get Server Statistics on Stations Scan 192

Get Server Statistics on Resources Usage 202

6. Administators Handling 215

Adding Administrator 215

Changing Administrator Parameters 218

Deleting Administrator 220

Administrator Information 222

Administrators List 225

7. Quarantine Handling 229

Restore Objects from Quarantine 229

Rescan Objects from Quarantine 232

Delete Objects from Quarantine 234

Appendix A. Rights 237


6

Appendix B. Components 242

B1. Installing Components 242

B2. Component Codes 243

Appendix C. Returned error codes 247

Appendix D. Returned Station State Codes 252


7Introduction

Introduction

About Manual

This Manual is intended to introduce technical features on integration of Dr.Web Web API for

Enterprise Security Suite with third-party software via the Web API.

Conventions

The following symbols and text conventions are used in this guide:

Convention Comment

Important note or instruction.

Warning about possible errors or important notes to which you should pay

special attention.

Anti-virus network A new term or an accent on a term in descriptions.

<IP-address> Placeholders.

Save Names of buttons, windows, menu items and other program interface elements.

CTRL Keyboard keys names.

C:\Windows\ Names of files and folders, code examples.

Appendix A Cross-references on the document chapters or internal hyperlinks to web pages.

Abbreviations

The following abbreviation will be used in the Manual without further interpretation:

· OS—operating system.


81. Integration of Dr.Web Web API for Enterprise Security Suite with third-party software via theWeb API

1. Integration of Dr.Web Web API for Enterprise Security Suite

with third-party software via the Web API

Application

Integrating the Dr.Web Web API for Enterprise Security Suite with third-party software via the

Web API provides the functions for operation of transactions with accounts and for automation

of managing the service users. For example, with the Web API, you can create dynamic pages to

receive requests from users and send them installation files.

Authentication

The HTTP(S) protocol is used to interact with the Dr.Web Server. Web API accepts HTTP

requests and replies with XML (by default) or JSON document. To get access to the Web API,

the Basic HTTP authentication is used (in compliance with RFC 2617 standard). Contrary to RFC

2617 and related standards, the HTTP(S) server does not request credentials (i.e., Dr.Web Web

API for Enterprise Security Suite administrator account name and its password) from the client.

http://www.ietf.org/rfc/rfc2617.txt

92. General Structure of Response Documents

2. General Structure of Response Documents

Response to the URL request may be given in two formats: XML or JSON. For further

information:

· Response in XML format

· Response in JSON format

Response in XML format

To receive a response in the XML format, send a request in the following format:

http://<host>:9080/api/<obj ect>/<script>.ds?<parameters>

or

http://<host>:9081/api/<obj ect>/<script>.ds?<parameters>

where:

<host>—IP address or DNS name of a computer with the Server installed

<obj ect>—managing object: station, group, Server, administrator, Quarantine.

Available scripts and their parameters are described in the following sections:

· Stations Handling

· Groups Handling

· Server Handling

· Administrators Handling

· Quarantine Handling

The ‘-’ character in the script name can be replaced with ‘_’. For example, responses to

requests using the scripts installed-components.ds and

installed_components.ds will be the same.

As a response, you receive an xml document with the following content:

<drweb-es-api api_version="4.3.0" timestamp="1550867853" server="192.168.1.1"

srv_version="12.00.0.201909260" status="true"> 

</drweb-es-api>


102. General Structure of Response DocumentsResponse in XML format

Attributes of the <drweb-es-api /> root element

Attribute Description

api_version Current Web API version

timestamp GMT time of server (Unix timestamp format)

server Server domain name or IP address

srv_version Full version of Dr.Web Web API for Enterprise Security Suite

status Request status. Request status: true—a request has been processed

successfully, false—an error occurred, a request has not been processed.

If an error occurred during operation (status=’false’), then the <error/> element

containing an error code and description will be included in the XML body. An error is

described in the < message/> element while an error code is in the <errno/> element.


srv_version="12.00.0.201909260" status="false">

<error>

<errno>36</errno>

<message>Unable to remove group '411dac63-2a3e-4ce8-af4f-1fbeb94242ef': You cannot

remove the system group</message>

</error>

</drweb-es-api>

Error codes are given in the Returned error codes section.

Date and time in all elements of Web API 4.3.0 scripts are returned in the Unix timestamp

format.

Response in JSON format

To receive a response in the JSON format, add the format=json attribute to the request like

the following:

http://<host>:9080/api/<obj ect>/<script>.ds?<parameters>&format=json

or

http://<host>:9081/api/<obj ect>/<script>.ds?<parameters>&format=json

where:

<host>—IP address or DNS name of a computer with the Server installed

<obj ect>—managing object: station, group, Server, administrator, Quarantine.


112. General Structure of Response DocumentsResponse in JSON format

Available scripts and their parameters are described in the following sections:

· Stations Handling

· Groups Handling

· Server Handling

· Administrators Handling

· Quarantine Handling

The ‘-’ character in the script name can be replaced with ‘_’. For example, responses to

requests using the scripts installed-components.ds and

installed_components.ds will be the same.

You can receive a JSON response for any URL request that is supported by the Web API 4.3.0.

JSON document contains the following elements:

· the head block—service information.

· the data block—response data. Content depends on executing operation.

Elements of the head block:

Field name Description

status Request status. Request status: true—a request has been processed

successfully, false—an error occurred, a request has not been

processed.

timestamp GMT time of server (Unix timestamp format)

version in the api block Current Web API version

versionString in the api block Current Web API version in strings format

name in the server block Server domain name or IP address

version in the server block Full version of Dr.Web Web API for Enterprise Security Suite

uuid in the server block Server identifier

If an error occurred during operation("status": false), then the error block containing an

error text and code will be included in the JSON body. An error is described in the message field

while an error code is in the code field.


122. General Structure of Response DocumentsResponse in JSON format

{ "head": { "status": false, "timestamp": 1550867853, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "error": { "code": 11, "message": "Necessary parameters are not specified in your request: 'name'"}}}

Error codes are given in the Returned error codes section.

Date and time in all elements of Web API 4.3.0 scripts are returned in the Unix timestamp

format.


133. Stations Handling


URL requests

http://<host>:9080/api/stations/<script>.ds?

or

https://<host>:9081/api/stations/<script>.ds?

Available scripts

Script Description

add.ds Create a new station

bases.ds Get virus databases list

change.ds Change station parameters

components.ds Get installing components list

delete.ds Delete a station

geo.ds Get Station Location Data

infections-chart.ds Get statistics on performed actions

info.ds Get station information

installed-components.ds Get installed components list

list-by-state.ds Get stations list by a state

modules.ds Get modules list

newbies-info.ds Get newbies information

products.ds Get information about products on a station

quarantine-objects.ds Get the state of station Quarantine

reboot.ds Reboot station

restore.ds Restore a station

running-components.ds Get running components list



Script Description

send-message.ds Send a Message to a Station

start-scanner.ds Remote Launch of Stations Scanning

state.ds Get state of specified station

states.ds Get states of stations

statistics.ds Get station statistics

update-components.ds Update components by stations

Create a New Station

Request Parameters

Parameter Description Note

acl-allow Allowed addresses Required parameters: no.

Can be defined several times in the request.acl-disallow Forbidden addresses

acl-priority Priority which is given to

allowed or forbidden addresses

Required parameter: no.

Values: allow, deny. Default is allow

city City Required parameter: no

country Country Required parameter: no.

Specified in the ISO format: RU, UA, etc.

department Department Required parameter: no

description Description Required parameter: no

email Station email Required parameter: no

floor Floor Required parameter: no

group Groups Required parameter: no


153. Stations HandlingCreate a New Station


id Station identifier Required parameter: no.

If not set, a parameter will be generated

automatically.

latitude Latitude Required parameters: no.

The parameters are specified in the decimal format

(for example, 38.898556, -77.037852).longitude Longitude

name Station name Required parameter: no

organization Organization Required parameter: no

parent-group Parent group Required parameter: no

password Password Required parameter: no

province Province Required parameter: no

room Room Required parameter: no

street Street Required parameter: no

Specification format for the acl-allow and acl-disallow parameters:

<protocol>/<address>/<mask>, where:

Parameter Description Mandatory Default value

<address> IP address or domain name yes

<mask> network mask no 255.255.255.255 (/32)

<protocol> TCP/IP (including IPv6) protocol no TCP/IP

Request Example

http://192.168.1.1:9080/api/stations/add.ds?id=1001&password=123456&name=station1234&description=description&country=RU&room=room123&street=Test_avenue&city=Test_town&floor=floor123&province=Test_region&department=department123&organization=organization123&latitude=-77.037852&longitude=38.898556&parent-group=1&group=1&[email protected]&acl-allow=192.168.1.1&acl-disallow=192.168.1.2&acl-priority=allow

XML and JSON response structure examples are described below.


163. Stations HandlingCreate a New Station

XML Response


srv_version="12.00.0.201909260" status="true"> <station id="1001"/>

</drweb-es-api>

Description of XML Response Parameters

The <station /> element contains information about the created station.

The <station /> element attribute:


id Identifier of created station

JSON Response

{ "head": { "status": true, "timestamp": 1393491700, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "7209d122-3b23-4134-94a9-0c1c645e21f3"}}, "data": { "id": "1001"}}

Description of JSON Response Parameters

The data block contains information about the created station.

The data block element:


id Identifier of created station


173. Stations HandlingChange Station Parameters

Change Station Parameters

Request Parameters


acl-priority Priority which is given to the fist

of allowed or forbidden

addresses

Values: allow, deny.

Default is allow

add-acl-allow Add address to the list of

allowedParameters can be defined several times in

the requestadd-acl-disallow Add address to the list of

forbidden

add-group Add a group

city City

delete-acl-allow Delete address from the list of

allowedParameters can be defined several times in

the requestdelete-acl-disallow Delete address from the list of

forbidden

delete-group Delete a group

department Department

description Description

email Change the station email

floor Floor

id Station identifier Required parameter: yes

latitude Latitude

longitude Longitude

organization Organization

parent-group Parent group

password Password

province Province

room Room




street Street

If you set an empty value for the password parameter in a request, password will be

changed.

Specification format for add-acl-allow, add-acl-disallow, delete-acl-allow and

delete-acl-disallow parameters is: <protocol>/<address>/<mask>, where:

Parameter Description Mandatory Default value

<address> IP address or domain name yes

<mask> network mask no 255.255.255.255 (/32)

<protocol> TCP/IP (including IPv6) protocol no TCP/IP

In the request with delete-acl-allow and delete-acl-disallow parameters, the

network prefix must be specified. For example:

http://192.168.1.1:9080/api/stations/change.ds?id=1002&delete-acl-allow=192.168.10.34/32&delete-acl-disallow=192.168.10.1/32

If the current primary group is set in the delete-group parameter, this group will not be

deleted from the groups list (parameter is ignored).

If the current primary group is set in the delete-group parameter while primary group

changing is performed (the parent-group parameter is set), the primary group will be

changed and the old group will be deleted from the groups list.

Request Example

http://192.168.1.1:9080/api/stations/change.ds?id=1002&password=passwd&name=station1002&description=description




XML Response


srv_version="12.00.0.201909260" status="true"> <station id="1002"/>

</drweb-es-api>


The <station /> element contains information about the modified station.

The <stations /> element attribute:


id Identifier of changed station

JSON Response

{ "head": { "status": true, "timestamp": 1555740761, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "50171907-d21d-b211-b3fd-cc152f024d8c"}}, "data": { "id": "1002"}}


The data block contains information about the changed station.



id Identifier of changed station


203. Stations HandlingDelete a Station

Delete a Station

Request Parameters

Parameter Description Obligatory

id Station identifier.

The parameter can be defined in the request as many times as

you like to delete multiple stations at a time.

yes

Request Example

http://192.168.1.1:9080/api/stations/delete.ds?id=1000&id=1001


XML Response


srv_version="12.00.0.201909260" status="true"> <stations total="2">

<station id="1000"/>

<station id="1001"/>

</stations>

</drweb-es-api>


The <stations /> element contains information about all deleted stations.



total Total number of stations

· The <station /> element contains information about a specific deleted station.



id Station identifier


213. Stations HandlingDelete a Station

JSON Response

{ "head": { "status": true, "timestamp": 1555743219, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "50171907-d21d-b211-b3fd-cc152f024d8c"}}, "data": { "stations": { "total": 2, "list": [ {"id": "1000"}, {"id": "1001"}]}}}


The data block contains information on all removed stations.




· The list array contains information on each specific removed station.

Elements in the list array:




223. Stations HandlingRestore a Station

Restore a Station

Request Parameters

Parameter Description Mandatory

group Group identifier.

This parameter can be defined in the request several times to

add the station to several groups at a time.

no


The parameter can be defined in the request as many times as

you like to restore multiple stations at a time.

If there is no deleted station with this identifier, the identifier will

be returned in the fail block of the response document.

yes

parent-group Primary group identifier.

If the parameter is not set, then the station is restored with the

same parent group that it had before the deletion.

no

Request Example

http://192.168.1.1:9080/api/stations/restore.ds?id=1000&id=1001&id=1002


XML Response


srv_version="12.00.0.201909260" status="true"> <success total="2">

<station>1000</station>


</success>

<fail total="1">


</fail>

</drweb-es-api>




· The <success /> element contains information about all restored stations.

The <success /> element attribute:



ъ The <station /> element contains an identifier of a restored station.

· The <fail /> element contains information about all the nonexistent identifiers of deleted

stations, if such identifiers were specified in the request.

The <fail /> element attribute:


total Total number of station identifiers

ъ The <station /> element contains nonexistent identifier of a deleted station specified in

the request.

JSON Response

{ "head": { "status": true, "timestamp": 1557453053, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "6d63ec4f-68f7-40ad-a389-8a57a042d3ed"}}, "data": { "success": { "total": 2, "list": [ "1000", "1001"]}, "fail": { "total": 1, "list": [ "1002"]}}}


· The success block contains information about all restored stations.



The success block elements:



list The array contains identifiers of restored stations.

· The fail block contains information about all the nonexistent identifiers of deleted stations,

if such identifiers were specified in the request.

The fail block elements:


total Total number of station identifiers

list The array contains nonexistent identifiers of deleted stations specified in the

request.

Get Station Information

Request Parameters

Parameter Description Valid values Note

bases If this parameter value is yes, then

response will contain information on

antivirus databases which are used at the

station.

yes | no Required parameter:

no.

The default value isno

components If this parameter value is yes, then

response will contain information on station

components.


no.


group-

membership

If this parameter value is yes, then

response will contain information on groups

in which the station is included.


no.


id Station identifier – Required parameter:

yes


253. Stations HandlingGet Station Information


installed-

components



antivirus components installed at the station.


no.


keys If this parameter value is yes, then


license keys.


no.


modules If this parameter value is yes, then


antivirus modules installed at the station.


no.


rights If this parameter value is yes, then


rights.


no.


running-

components



antivirus components currently running at

the station.


no.


Request Example

http://192.168.1.1:9080/api/stations/info.ds?id=1002&components=yes&installed-components=yes&running-components=yes&rights=yes&group-membership=yes&modules=yes&keys=yes


XML Response



<station id="1002" name="station1234" created="1489056584" modified="1545821125"

parent_id="1000" parent_name="Everyone" password="123456" state="0"> <lastseenat>0</lastseenat>

<lastseenfrom></lastseenfrom>

<os code="0">unknown</os>

<department>Test_office></department>

<description>Test_1002></description>

<country>RU</country>

<street>Test_avenue</street>

<room>Room_1002></room>

<city>Test_town</city>

<floor>Floor_1002</floor>

<longitude>2222220</longitude>

<latitude>3333330</latitude>

<organization>Test_Inc</organization>

<province>Test_region</province>

<email>Test_mail</email>

<connection port="2193" server=ubuntu1804-amd64">

<public_key url="http://ubuntu1804-amd64:9080/install/drwcsd.pub"

uuid="f001bf9c-7149-40db-b104-0227ae882b66"><![CDATA[; Dr.Web (R) Public key file

; Do not edit! f001bf9c-7149-40db-b104-0227ae882b66



; ***EOF***]]>

</public_key>

</connection>

<packages>

<package arch="all" os="windows" url="http://ubuntu1804-

amd64:9080/download/download.ds?os=windows&id=1002"/> </packages>

<modules total="32">

<module name="drweb32.dll" version="7.00.34.11020" created="1555412121"

modified="1555412121" hash="6fbd6151c4a67f7439130282efb7e981" file_size="4572424"file_owner="BUILTIN\Administrators:DRWEB\Domain Users @ MT"/> 

</modules>

<bases total="0"> </bases>

<keys inherited="true" inherited_group_id="20e27d73-d21d-b211-a788-

85419c46f0e6" inherited_group_name="Everyone"> <key id="daa111be1fdbca01" />

</keys>

<installed-components total="11">

<component code="144" name="Dr.Web Preventive Protection"

installed="1559729080" path="C:\Program Files\DrWeb" server="MT"/> 

</installed-components>

<running-components total="8">

<component code="14" name="SpIDer Mail for Windows workstations" params=""

started="1561525662" type="8" user="NT AUTHORITY\SYSTEM"/>



</running-components>

<rights inherited="true" inherited_group_id="20e27d73-d21d-b211-a788-

85419c46f0e6" inherited_group_name="Everyone"> <right code="1" name="Run Dr.Web Scanner for Windows" value="1"/>


</rights>

<components total="6" inherited="true" inherited_group_id="20e27d73-d21d-b211-

a788-85419c46f0e6" inherited_group_name="Everyone"> <component code="4" name="Dr.Web Scanner for Windows" status="1"/>


</components>



<group-membership total="0"> </group-membership>

<acl priority="allow">

<allowed>

<address net_proto="tcp" net_mask="32">192.168.1.1</address>

</allowed>

<disallowed>

<address net_proto="tcp" net_mask="32">192.168.1.2</address>

</disallowed>

</acl>

</station>

</stations>

</drweb-es-api>

When returning the information on deleted stations, the response document does not

contain the following blocks:

<os />—operating system on station,

<running-components />—currently running components,

<installed-components />—installed components,

<components />—installing components,

<bases/>—virus databases,

<packages/>—installation packages,

<connection /> and </public_key>—connection information and public encryption key,

<rights />—permissions (see the Permissions section),

<modules />—modules,

<group-membership />—membership in groups.


The <stations /> element contains information about all stations.




· The <station /> element contains information on a specific station.

The <station /> element attributes:


id Station ID

name Station name

created Station creation date




modified Last modification time

parent_id Station parent group ID

parent_name Station parent group name

password Password for access to the Server

state The current state of the station (see Returned station state codes)

ъ The <lastseenat /> element contains a date of the last connection to the Server by a

specified station.

ъ The <lastseenfrom /> element contains address and port from which the station connected

to the Server last time.

ъ The <os /> element contains information about the operating system currently installed on

the station.

The <os /> element attribute:


code Operating system code

The <os /> element value is an operating system name.

ъ Nested elements of the <station /> element:

Element Description

<department /> Department

<description /> Description

<country /> Country

<street /> Street

<room /> Room

<city /> City

<floor /> Floor

<longitude /> Longitude

<latitude /> Latitude

<organization /> Organization



Element Description

<province /> Province

<email /> Email address

ъ The <connection /> element contains Server connection parameters.

The <connection /> element attributes:


port Port number for connecting to the Server

server DNS name or IP address of the Server

§ The <public_key /> element contains information on the Server public encryption key

and the key itself.

The <public_key /> element attributes:


url Address of a public key location on the Server

uuid Identifier of the public key

ъ The <packages /> element contains links on installation packages created at this Server for

different architectures and operating systems.

§ The <package /> element contains the link on the specific antivirus package.

The <package /> element attributes:


arch Architecture on which the package can be installed:

· all—operating systems with any bitness,

· x86—32-bit operating systems,

· x86_64—64-bit operating systems

os Operating system on which the package can be installed

url Web resource for the package (Dr.Web Agent) downloading

ъ The <modules /> element contains information about all program modules.

The <modules /> element attribute:


total Total number of modules



§ The <module /> element contains information about a specific program module.

The <module /> element attributes:


name File name

version Module version

created Module creation date in the UNIX timestamp format

modified Module last modified date in the UNIX timestamp format

hash Module checksum

file_size File size (bytes)

file_owner Name of a file owner

ъ The <bases /> element contains information about all virus databases installed on a

station.

The <bases /> element attribute:


total Total number of virus databases

§ The <base /> element contains information about a specific virus database.

The <base /> element attributes:


file_name Virus database file name

version Database version

created Database creation date in the UNIX timestamp format

viruses The number of virus records in the database

ъ The <keys /> element contains information about license keys of the station.

The <keys /> element attributes:


inherited If its value is set to true, then the keys are inherited from a parent group,

and if set to false—then the keys are configured individually.

inherited_group_id ID of a parent group from which the key parameters have been inherited. If

the inherited attribute is set to false, then this attribute value will be

none.




inherited_group_name Name of a parent group from which the key parameters have been

inherited. If the inherited attribute is set to false, then this attribute

value will be none.

§ The <key /> element contains information on a specific license key.

The <key /> element attribute:


id Identifier of a key

ъ The <installed-components /> element contains information about all installed

components.

The <installed-components /> element attribute:


total Total number of installed components

§ The <component /> element of the <installed-components /> element contains

information about a specific installed component.

The <component /> element attributes:


code Digital code of the component (see the Component codes section)

name Name of the component (see the Component codes section)

installed Date of the component installation in the UNIX timestamp format

path Component installation path

server Address of the Server from which the component was installed

ъ The <running-components /> element contains information about all components running

at the time of the request.

The <running-components /> element attribute:


total Total number of running components

§ The <component /> element of the <running-components /> element contains information

about a specific running component.







params Component start parameters

started Component start time in the UNIX timestamp format

type Type of the component (see the Component codes section)

user Station user on behalf of which the component was launched

ъ The <rights /> element contains information about all rights of a station.

The <rights /> element attributes:


inherited If true, then permissions are inherited from a parent group, false—

permissions are personally specified.

inherited_group_id ID of a parent group from which the rights have been inherited. If the

inherited attribute is set to false, then this attribute value will be

none.

inherited_group_name Name of a parent group from which the rights have been inherited. If the


none.

§ The <right /> element contains information about a specific element of rights.

The <right /> element attributes:


code Digital code of an element of rights (see the Rights section)

name Name of element of right (see the Rights section)

value Value of element of right:

0—this right cannot be used,

1—the right is granted.

ъ The <components /> element contains information about all components.



The <components /> element attributes:


inherited If its value is set to true, then components are inherited from a parent

group, and if set to false—then component parameters are configured

individually.

inherited_group_id ID of a parent group from which component parameters have been


value will be none.

inherited_group_name Name of a parent group from which component parameters have been


value will be none.

§ The <component /> element of the <components /> element contains information about a

specific component.





status Component status. May take one of the following values:

2—the component must be installed

1—the component can be installed

0—the component must not be installed.

ъ The <group-membership /> element contains information about all groups to which the

station is the member.

The <group-membership /> element attribute:


total Total number of groups to which the station is the member

§ The <group /> element contains information about a specific group.

The <group /> element attributes:


id Group identifier

name Group name




type Group type. Can take the following values:

0—user group,

1—base and default group,

2—group containing online stations,

3—group containing offline stations,

4—group containing stations grouped by operating system,

5—group containing stations grouped by network protocol,

6—group containing stations with uninstalled Dr.Web Agent,

7—group containing stations with expired access to the Server,

10—pseudogroup,

ъ The <acl> element contains access control lists that specify limitations on network

addresses from which Dr.Web Agent may access the Server.

The <acl> element attribute:


priority Determines lists usage priority:

· allowed—allowed addresses list has a priority: addresses included in both

of lists or not included in none of them are allowed,

· disallowed—denied addresses list has a priority: addresses included in

both of lists or not included in none of them are denied.

The <allowed /> and <disallowed /> element determines addresses lists from which the asses

to the Server is allowed or denied correspondingly.

JSON Response

{ "head": { "status": true, "timestamp": 1558522038, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "total": 1, "list": [ {"id": "1002", "name": "station1234",



"parent_id": "1", "parent_name": "mygr1", "password": "123456", "state": 1, "last_seen_time": 1561642444, "last_seen_addr": "ssl://10.21.0.154:50173",

"connection": { "port": 2193, "public_key": { "file": "; [^] Dr.Web (R) Public key file\n ; Do not edit!\n ... ; ***EOF***\n", "id": "432a295a-ad54-46c0-829c-474341f369dc", "url": "http://ubuntu1804-amd64:9080/install/drwcsd.pub"},

"server": "ubuntu1804-amd64"}, "packages": [ {"arch": "all, "os": "windows"," "url": "http://ubuntu1804-amd64:9080/download/download.ds?

os=windows&id=1002"}],

"department": "Test_office", "description": "Test_1002", "country": "RU", "street": "Test_avenue", "room": "Room_1002", "city": "Test_town", "floor": "Floor_1002", "longitude": 2222220, "latitude": 3333330, "organization": "Test_Inc", "province": "Test_region", "email": "Test_mail", "components": { "inherited": true, "inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6", "inherited_group_name": "Everyone", "list": [ {"code": 4, "name": "Dr.Web Scanner for Windows", "status": 1}, ...]}, "installed_components": [ {"code": 144, "installed_time": 1559729080, "name": "Dr.Web Preventive Protection", "path": "C:\\Program Files\\DrWeb", "server": "MT"}, ...], "running_components": [ {"code": 14, "name": "SpIDer Mail for Windows workstations", "params": "", "pid": "14", "started_time": 1561525662, "type": 8, "user": "NT AUTHORITY\\SYSTEM"}, ...],



"modules": [ {"created_time": 1555412121, "description": "Dr.Web Virus-Finding Engine", "file_name": "drweb32.dll", "file_owner": "BUILTIN\\Administrators:DRWEB\\Domain Users @ MT", "file_size": 4572424, "hash": "6fbd6151c4a67f7439130282efb7e981", "modified_time": 1555412121, "version": "7.00.34.11020"}, ...], "bases": [], "group_membership": [], "keys": { "inherited": true, "inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6", "inherited_group_name": "Everyone", "list": [ "daa669be6fdbca01"]}, "permissions": { "inherited": true, "inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6", "inherited_group_name": "Everyone", "list": [ {"name": "Run Dr.Web Scanner for Windows", "right": 1, "value": 1}, ...]}, "acl": { "priority": "allow", "allowed": [{ "net_mask": "32", "net_address": "192.168.1.1"}], "disallowed": [{ "net_mask": "32", "net_address": "192.168.1.2"}]}, "os_code": 0, "os_name": "unknown", "created_time": 1412665881, "modified_time": 1412665881}]}}


The data block contains information about all stations.

The data block elements:



· The list array contains information about specific stations.





city City

connection Server connection parameters block

country Country

created_time Station creation date

department Department


email Email address

floor Floor


last_seen_addr Address from which the station connected to the Server at the last time

last_seen_time Date of a last connection of a station to the Server

latitude Latitude

longitude Longitude

modified_time Last modification time

name Station name

organization Organization

os_code Operating system code

os_name Operating system name

packages The array of links to installation packages created at this Server for different

architectures and operating systems

parent_id Station parent group ID

parent_name Station parent group name

password Password for access to the Server

province Province

room Room





street Street

ъ The connection block elements:


port Port number for connecting to the Server

public_key The block contains information on the Server public encryption key and the key

itself.

server DNS name or IP address of the Server

§ The public_key block elements:


url Address of a public key location on the Server

uuid Identifier of the public key

ъ Elements in the packages array:







url Web resource for the package (Dr.Web Agent) downloading

· The components block contains information about all components.

The components block elements:




individually.


inherited. If the inherited field value is set to false this value will be

none.






none.

ъ The list array in the components block contains information about a specific component.









· The installed-components array contains information about all installed components.

Elements in the installed-components array:




installed_time Date of the component installation in the UNIX timestamp format


server Address of the Server from which the component was installed

· The running-components array contains information about all components running at the time

of the request.

Elements in the running-components array:




started_time Component start time in the UNIX timestamp format

type Type of the component (see the Component codes section)





pid Process identifier at the station


· The modules array block contains information about all program modules.

Elements in the modules array:


created_time Module creation date in the UNIX timestamp format

file_name File name




modified_time Module last modified date in the UNIX timestamp format

name Module name


· The bases array contains information about all virus databases.

Elements in the bases array:






· The group-membership contains information about all groups to which the station is the

member.

Elements in the group-membership array:


id Group identifier

name Group name





0—user group,






6—group containing stations with uninstalled Agent,


10—pseudogroup,.

· The keys block contains information about license keys of the station.

The keys block elements:


inherited If its value is set to true the keys are inherited from a parent group, and if

set to false—the keys are configured individually.

inherited_group_id ID of a parent group from which the key parameters have been inherited. If

the inherited field value is set to false this value will be none.

inherited_group_name Name of a parent group from which the key parameters have been


none.

ъ The list array in the keys block contains information about a specific key.




· The permissions block contains information about all rights of a group.

The permissions block elements:





inherited field value is set to false, then this attribute value will be

none.






none.

ъ The list array in the permissions contains information about a specific element of rights.




right Digital code of an element of rights (see the Rights section)




· The acl block contains access control lists that specify limitations on network addresses from

which the Agent may access the Server.

The acl block element:


priority Determines lists usage priority:

· allowed—allowed addresses list has a priority: addresses included in both

of lists or not included in none of them are allowed,

· disallowed—denied addresses list has a priority: addresses included in

both of lists or not included in none of them are denied.

The allowed and disallowed values determines addresses lists from which the asses to the

Server is allowed or denied correspondingly.


433. Stations HandlingGet Station Statistics

Get Station Statistics

Request Parameters


id Station identifier – Required parameter: yes.

This parameter can be defined in

the request several times to

request information on several

stations at a time.

from Start date of a period for

which statistical data were

requested

Accepted format:

YYYYMMDD or

YYYYMMDDHHmmss


If the parameter is not set, then

the current month statistics is

returned.

till End date of a period for


requested

Accepted format:

YYYYMMDD or

YYYYMMDDHHmmss




returned.

top-viruses If this parameter value is

yes, then the response

will contain information

about the most common

viruses.

yes | no Required parameter: no.

The default value is yes

virtop The number of viruses in

the virus top

Positive integer Required parameter: no.

The default value is 10.

The parameter will be ignored iftop-viruses=no.

Request Example

http://192.168.1.1:9080/api/stations/statistics.ds?id=146c3a70-b9e4-11e9-6bb5-60b9afbd1dcd&from=1514808000&till=1568213999&virtop=5&top-viruses=yes




XML Response Structure


srv_version="12.00.0.201909260" status="true"> <stations-statistics total="1" period_from="1514808000" period_till="1568213999">

<station id="146c3a70-b9e4-11e9-6bb5-60b9afbd1dcd" name="T-PC">

<infections scanned="93297843" total="52351084">

<cured>11773944</cured>

<moved>11781181</moved>

<renamed>0</renamed>

<deleted>11779308</deleted>

<locked>0</locked>

<errors>46174597</errors>

</infections>

<viruses>

<virus name="IO2V2.KpRKF.LZXzuk1ssY" originator=37" treatment=9">2</virus>

<virus name="125F.FtE6OP7.37688" originator=37" treatment=1025">1</virus>

<virus name="16aE.Il9509.17776" originator=37" treatment=514">1</virus>

<virus name="05z9Y.5jZetG" originator=37" treatment=2049">1</virus>

<virus name="0T5q.C28VO.5360" originator=37" treatment=9">1</virus>

<virus name="11qp.d8SNO6.17481" originator=37" treatment=2049">1</virus>

<virus name="0BUG5y.ekHPE.28147" originator=37" treatment=2049">1</virus>

<virus name="10Qp.lVZE.ELByVcwf6R.43711" originator=37"

treatment=9">1</virus>

<virus name="i5S1.hI2emvT8.76WQs.54360" originator=37"


<virus name="fZVa.QRwL.16169" originator=37" treatment=513">2</virus>

</viruses>

</station>

</stations-statistics>

</drweb-es-api>


The <stations-statistics /> element contains information about all stations.

The <stations-statistics /> element attributes:



period_from Start date of a period for which statistical data were requested

period_till End date of a period for which statistical data were requested

· The <station/> element contains information about a specific station.



id Station ID




name Station name

· The <infections /> element contains statistics on infections detected on the station.

The <infections /> element attributes:


scanned Total number of scanned files

total Total number of infections

The <infections /> element elements:

Element Description

<cured /> Number of cured objects

<moved /> Number of objects that are moved to quarantine

<renamed /> Number of renamed objects

<deleted /> Number of deleted objects

<locked /> Number of blocked objects

<errors /> Number of scan errors

Values of these elements are numbers of objects under corresponding action.

· The <viruses /> element contains statistics on all viruses detected on the station.

ъ The <virus /> element contains information about a specific virus. The <virus /> element

value is the number of objects infected by this virus.

The <virus /> element attributes:


name Virus name

originator Code of a component that found a virus

treatment Code of an action performed with the virus depending on its type



JSON Response Structure

{ "head": { "status": true, "timestamp": 1568207129, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "677a4aa0-b1dc-11e9-7e50-fcf926e3976b"}}, "data": { "period_from": "1514808000", "period_till": "1568213999", "stations": { "total": 1, "list": [ {"id": "146c3a70-b9e4-11e9-6bb5-60b9afbd1dcd", "infections": { "scanned": 93297843, "infected": 52351084, "cured": 11773944, "moved": 11781181, "deleted": 11779308, "renamed": 0, "locked": 0, "errors": 46174597}, "viruses": { "11qp.d8SNO6.17481": 1, "16aE.Il9509.17776": 1, "fZVa.QRwL.16169": 2, "05z9Y.5jZetG": 1, "125F.FtE6OP7.37688": 1, "i5S1.hI2emvT8.76WQs.54360": 2, "0BUG5y.ekHPE.28147": 1, "10Qp.lVZE.ELByVcwf6R.43711": 1, "IO2V2.KpRKF.LZXzuk1ssY": 2, "0T5q.C28VO.5360": 1}, "viruses_info": { "11qp.d8SNO6.17481": { "count": 1, "originator": 37, "stations": 1, "treatment": 2049}, "16aE.Il9509.17776": { "count": 1, "originator": 37, "stations": 1, "treatment": 514}, "fZVa.QRwL.16169": { "count": 2, "originator": 37, "stations": 1, "treatment": 513},



"05z9Y.5jZetG": { "count": 1, "originator": 37, "stations": 1, "treatment": 2049}, "125F.FtE6OP7.37688": { "count": 1, "originator": 37, "stations": 1, "treatment": 1025}, "i5S1.hI2emvT8.76WQs.54360": { "count": 2, "originator": 37, "stations": 1, "treatment": 9}, "0BUG5y.ekHPE.28147": { "count": 1, "originator": 37, "stations": 1, "treatment": 2049}, "10Qp.lVZE.ELByVcwf6R.43711": { "count": 1, "originator": 37, "stations": 1, "treatment": 9}, "IO2V2.KpRKF.LZXzuk1ssY": { "count": 2, "originator": 37, "stations": 1, "treatment": 9}, "0T5q.C28VO.5360": { "count": 1, "originator": 37, "stations": 1, "treatment": 9}}, "name": "T-PC"}]}}}


The data block contains general information about the request and the blocks with statistics

requested.





· The stations block contains information about all stations.

The stations block elements:





ъ The list array contains information about specific stations.



id Station ID

name Station name

§ The infections block contains statistics on infections detected on the station.

The infections elements:


cured Number of cured objects

deleted Number of deleted objects

errors Number of scan errors

infected Number of infected objects

locked Number of blocked objects

moved Number of objects that are moved to quarantine

renamed Number of renamed objects


§ The viruses block contains statistics on all viruses detected on the stations with the

identifiers specified in the request. The fields names correspond to the viruses names,

while the values contain the number of infected objects.

§ The viruses_info block contains statistics on each detected virus.

The viruses_info block elements:


count Number of objects infected by this virus


stations Number of stations infected by a specific virus



493. Stations HandlingGet statistics on performed actions

Get statistics on performed actions

Request Parameters


id Station identifier – Required parameter: yes



requested

Accepted format:

YYYYMMDD or

YYYYMMDDHHmmss




returned.



requested

Accepted format:

YYYYMMDD or

YYYYMMDDHHmmss




returned.

Request Example

http://192.168.1.1:9080/api/stations/infections-chart.ds?id=d071625c-d21d-b211-9bc4-bc02713bf843&from=1559314800&till=1559746799


XML Response


srv_version="12.00.0.201909260" status="true"> <infections-chart total="1" period_from="1559314800" period_till="1559746799">

<item time="1559746799">

<infected>0</infected>

<cured>0</cured>

<moved>0</moved>



<locked>14</locked>

</item>

<item time="1559401199">


<cured>0</cured>

<moved>0</moved>





<locked>0</locked>

</item>

</infections-chart>

</drweb-es-api>


The <infections-chart /> element contains information on all scan launches at a station.

The <infections-chart /> element attributes:





· The <item /> element contains information on actions performed after a specific station scan.

<item /> element attribute:


time Date and time of scan results transfer by Dr.Web Agent

The <item /> element elements:

Element Description

<infected /> Number of infected objects


<moved /> Number of objects moved to quarantine







JSON Response

{ "head": { "status": true, "timestamp": 1559737436, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}}, "data": { "period_from": "1559314800", "period_till": "1559746799", "chart": { "1559746799": { "cured": 0, "deleted": 0, "infected": 0, "locked": 14, "moved": 10, "renamed": 0}, "1559401199": { "cured": 0, "deleted": 0, "infected": 0, "locked": 0, "moved": 10, "renamed": 0}}}}



requested.





· The chart block contains information units on all scan launch results at a station.

The chart block elements:


Date and time of

scan results transfer

by Dr.Web Agent

Statistics on actions performed after a specific station scan:

· infected—number of infected objects,

· cured—number of cured objects,




· moved—number of objects moved to quarantine,

· deleted—number of deleted objects,

· renamed—number of renamed objects,

· locked—number of blocked objects

Get Stations List by a State

Request Parameters


group-id Identifier of a group stations of which will be given

in the response


Response contains information

on all stations of this group

(without nesting).

page Number of displayed pages Required parameter: no.

The default value is 1

per-page Number of records on one page Required parameter: no.

The default value is 100

server-id Identifier of the Server to which stations are

connected

Required parameter: no

state Station status. May take the following values:

· online—stations are online,

· offline—stations are offline,

· activated—stations are activated,

· unactivated—stations are not activated,

· deinstalled—antivirus software in uninstalled

from stations,

· new—new stations, antivirus software is not

installed,

· newbies—newbies,

Required parameter: no


533. Stations HandlingGet Stations List by a State


· with_update_errors—stations with errors of

antivirus software updates,

· deleted—stations are deleted.

The page and per-page parameters operate with the state attribute only.

Request Example

http://192.168.1.1:9080/api/stations/list-by-state.ds?page=1&per-page=3&state=newbies


XML Response


srv_version="12.00.0.201909260" status="true"> <stations>

<newbies total="5">

<station id="1001" name="DRWEB-1001" last_seen_time="1489574768"

last_seen_addr="tcp://192.168.1.2:1921" os="35850247" os_name="Windows 7 Professionalx64" onconnect="0" state="1"/> <station id="1002" name="DRWEB-1002" last_seen_time="1489574584"

last_seen_addr="tcp://192.168.1.2:1038" os="" os_name="" onconnect="2" state="0"/> <station id="1003" name="DRWEB-1003" last_seen_time="1489574768"

last_seen_addr="tcp://192.168.1.2:1189" os="" os_name="" onconnect="0" state="0"/> </newbies>

</stations>

<pages total="2" current="1" objects-per-page="3"/></drweb-es-api>


· The <stations /> element contains information on all stations with requested state. The

nested block names correspond to the requested state.

The attribute of each nested element:


total Total number of stations with the requested status

ъ The <station /> element contains information on a specific station.





id Station ID

name Station name

last_seen_time Time of last connection to the Server

last_seen_addr Network address of last connection of a station to the Server

os Operating system code


onconnect Action that will be performed on the next connection of a station to the Server.

Can take the following values:

0—perform nothing,

1—access to the Server for a newbie will be denied,

2—access to the Server for a newbie will be granted.

state Station status. Can take the following values:

0—station is offline,

1—station is online,

2—access to the Server for a newbie is granted,

3—access to the Server for a newbie is denied.

· The <pages /> element contains information on displayed pages.

The <pages /> element attributes:


total Total number of pages

current Number of displayed pages

objects-per-page Number of records on one page

JSON Response

{ "head": { "status": true, "timestamp": 1558522039, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1",



"version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "pages": { "current": 1, "objects_per_page": 3, "total": 2}, "stations": { "newbies": { "total": 5,

"list": [ {"id": "1001", "last_seen_addr": "tcp://192.168.10.124:1921", "last_seen_time": 1489574768, "name": "DRWEB-1001", "onconnect": 0, "os": 35850247, "os_name": "Windows 7 Professional x64", "state": 1}, {"id": "1002", "last_seen_time": 1489574584, "last_seen_addr": "tcp://192.168.10.124:1038", "name": "DRWEB-1002", "onconnect": 2, "os": 0, "os_name": "unknown", "state": 0}, {"id": "1003", "last_seen_time": 1489574768, "last_seen_addr": "tcp://192.168.10.124:1189", "name": "DRWEB-1003", "onconnect": 0, "os": 0, "os_name": "unknown", "state": 0}]}}}}


· The pages block contains information on the number of displayed objects.

The pages block elements:



objects_per_page Number of records on one page


· The stations block contains information on all stations with requested state, the nested block

names correspond to the requested state.



Elements of each nested block:


total Total number of stations with the requested status





last_seen_addr Network address of last connection of a station to the Server


name Station name

onconnect Action that will be performed on the next connection of a station to the Server.

Can take the following values:






state Station status. Can take the following values:

0—station is offline,

1—station is online,

2—access to the Server for a newbie is granted,

3—access to the Server for a newbie is denied.


573. Stations HandlingGet State of Specified Station

Get State of Specified Station

Request Parameters




request information on several stations with specified state at a

time.

yes

Request Example

http://192.168.1.1:9080/api/stations/state.ds?id=1001&id=1002


XML Response


srv_version="12.00.0.201909260" status="true"> <states>

<state id="1001">online</state>

<state id="1002">offline</state>

</states>

</drweb-es-api>


The <states /> element contains information on all stations with requested identifiers.

· The <state /> element contains information on specific station.

The <state /> element attribute:



The <state /> element value — station status. May take the following values:

ъ online—station is online,

ъ offline—station is offline,


583. Stations HandlingGet State of Specified Station

ъ activated—station is activated,

ъ unactivated—station is not activated,

ъ deinstalled—antivirus software in uninstalled from station,

ъ new—a new station with no anti-virus software installed,

ъ newbies—newbie station,

ъ with_update_errors—station with errors of antivirus software updates,

ъ deleted—station is deleted.

JSON Response

{ "head": { "status": true, "timestamp": 1558522040, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "states": { "1001": "online", "1002": "offline"}}}


The states block contains information on all stations with requested identifiers.

The states block elements:


Station identifier Station status. May take the following values:

· online—station is online,

· offline—station is offline,

· activated—station is activated,

· unactivated—station is not activated,

· deinstalled—antivirus software in uninstalled from station,

· new—a new station with no anti-virus software installed,

· newbies—newbie station,

· with_update_errors—station with errors of antivirus software updates,

· deleted—station is deleted.


593. Stations HandlingGet States of Stations

Get States of Stations

Request Parameters


group-id Identifier of a group stations of which will be given in the

response

no

server-id Identifier of the Dr.Web Server to which stations are connected.

The current Server is by default. You can use neighbor Servers

connected to this Server.

no

Request Example

http://192.168.1.1:9080/api/stations/states.ds?group-id=6


XML Response



<all total="55"/>

<newbies total="0"/>

<deinstalled total="0"/>

<online total="0"/>

<activated total="1"/>

<new total="54"/>

<unactivated total="54"/>

<with_update_errors total="0"/>

<offline total="55"/>

<deleted total="4"/>

</stations>

</drweb-es-api>


The <stations /> element contains information on all stations from requested group.





total Total number of stations in the group

The <stations /> element elements:

Element Attribute Description of element value

<all /> total Total number of stations in the group except deleted

stations

<newbies /> total Number of newbies (which request the access to the

Server)

<deinstalled /> total Number of stations with uninstalled antivirus software

<online /> total Number of online stations

<activated /> total Number of activated stations

<new /> total Number of new stations with not installed antivirus

software

<unactivated /> total Number of unactivated stations

<with_update_errors /> total Number of stations with errors of antivirus software

updates

<offline /> total Number of offline stations

<deleted /> total Number of deleted stations

JSON Response

{ "head": { "status": true, "timestamp": 1558522040, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "states": { "activated": 1, "all": 55, "deinstalled": 0, "deleted": 4 ,

"new": 54,



"newbies": 0, "offline": 4 , "online": 1, "total": 59, "unactivated": 54, "with_update_errors": 0}}}


The states block contains information on all stations from the requested group.

The states block elements:


activated Number of activated stations

all Total number of stations in the group except deleted stations

deinstalled Number of stations with uninstalled antivirus software

deleted Number of deleted stations

new Number of new stations with not installed antivirus software

newbies Number of newbies (which request the access to the Server)

offline Number of offline stations

online Number of online stations

total Total number of stations in the group

unactivated Number of unactivated stations

with_update_errors Number of stations with errors of antivirus software updates


623. Stations HandlingSend a Message to a Station

Send a Message to a Station

Request Parameters


id Station identifier yes

link-text The {link} macro will be substituted with a string defined in this

parameter

no

link-url Page URL opened when the {link} is clicked no

logo Logo in BMP format (24-bit image in the base64 encoding) no

logo-text Text placed to left of the logo, for example, a company name no

logo-url Logo URL opened when the logo is clicked no

message Text of a message sent to the station.

Message text may contain the {link} macro.

yes

Request Example

http://192.168.1.1:9080/api/stations/send-message.ds?id=1000&id=1001&message=message&logo-text=logo-text&logo-url=www.drweb.com&link-text=drweb&link-url=drweb.com&logo={base64}


XML Response



<station id="1000" status="initiated"/>

<station id="1001" status="delayed"/>

</stations>

</drweb-es-api>




The <stations /> element contains information about all stations to which the message has

been sent.



total Total number of stations to which the message has been sent

· The <station /> element contains information about a specific station to which the message

has been sent.




status The state of message sending process. Can take the following values:

· delayed—sending is delayed,

· failed—sending is failed,

· initiated—sending is initiated.

JSON Response

{ "head": { "status": true, "timestamp": 1552276920, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "a509dab1-d423-4059-971a-aa3944a2c48a"}}, "data": { "total": 2, "list": { "1000": "initiated", "1001": "delayed"}}}


The data block contains information on all stations to which the message has been sent.






· The list array contains information about specific stations to which the message has been

sent.



Identifier of a station

to which the

message has been

sent

The state of message sending process. Can take the following values:




Remote Launch of Stations Scanning

Request Parameters

Parameter Description Valid values Mandatory

action-adware Action on adware detection · delete,

· ignore,

· quarantine—move to

quarantine

no

action-dialers Action on dialers detection · delete,

· ignore,


quarantine

no

action-hacktools Action on hacktools detection · delete,

· ignore,


quarantine

no

action-incurable-

files

Action when infected object cannot

be cured

· delete,


quarantine

no

action-infected-

archive

Action on infected archives

detection

· delete,


quarantine

no


653. Stations HandlingRemote Launch of Stations Scanning


action-infected-

boot

Action on infected boot sectors

detection

· cure,

· report—send notification

to the Server

no

action-infected-

container

Action on infected files containers

detection

· delete,


quarantine

no

action-infected-

files

Action on infected files detection · cure,

· delete,


quarantine

no

action-infected-

mail

Action on infected email files

detection

· ignore,


quarantine

no

action-jokes Action on joke programs detection · delete,

· ignore,


quarantine

no

action-riskware Action on riskware detection · delete,

· ignore,


quarantine

no

action-

suspicious-files

Action on suspicious files detection · delete,

· ignore,


quarantine

no


This parameter can be defined in

the request several times to launch

the scan on several stations at a

time.

– yes

reboot Set automatic reboot of a user

computer after the scan is

completed if during the check

infected objects detected and the

cure process requires reboot of

operating system

yes | no no

type Scan type.

Default is quick

· full—full scan,

· quick—quick scan

no



Request Example

http://192.168.1.1:9080/api/stations/start-scanner.ds?id=d071625c-d21d-b211-9bc4-bc02713bf843&id=70200e02-d21d-b211-8a39-a00ca2f8be36


XML Response



<station id="d071625c-d21d-b211-9bc4-bc02713bf843" status="initiated"/>

<station id="70200e02-d21d-b211-8a39-a00ca2f8be36" status="failed"/>

</stations>

</drweb-es-api>


The <stations /> element contains information on a result of scan launch at stations.



total Number of stations with launched scan

· The <station /> element contains information on specific stations on which remote scan was

launched.




status The state of scan remote launch. May take the following values:

· delayed—scan launch is delayed,

· failed—scan launch is failed,

· initiated—scan is initiated.



JSON Response

{ "head": { "status": true, "timestamp": 1558522040, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1",

"version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}},

"data": { "total": 2, "list": { "70200e02-d21d-b211-8a39-a00ca2f8be36": "failed", "d071625c-d21d-b211-9bc4-bc02713bf843": "initiated"}}}


The data block contains information on a result of scan launch on stations.




· The list array contains information about specific stations, where remote scanning was

launched.




on which remote

scanning has been

launched

Remote scanning process status. May take the following values:

· delayed—scan is delayed,

· failed—scan is failed,



683. Stations HandlingUpdate Components by Stations

Update Components by Stations

Request Parameters




update components on several stations at a time.

yes

Request Example

http://192.168.1.1:9080/api/stations/update-components.ds?id=d071625c-d21d-b211-9bc4-bc02713bf843


XML Response



<station id="d071625c-d21d-b211-9bc4-bc02713bf843" status="initiated"/>

</stations>

</drweb-es-api>


The <stations /> element contains information on a result of anti-virus software updates

launch at stations.



total Total number of stations on which components update has been launched

· The <station /> element contains information on specific stations on which components

update has been launched.






status The state of update process. May take the following values:

· delayed—update is delayed,

· failed—update is failed,

· initiated—update is initiated.

JSON Response

{ "head": { "status": true, "timestamp": 1558522041, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "total": 1, "list": { "d071625c-d21d-b211-9bc4-bc02713bf843": "initiated"}}}


The data block contains information on a result of anti-virus software updates launch at

stations.




· The list array contains information about specific stations, where component updates were

initiated.





Identifier of a station on

which components

update has been

launched

The state of update process. May take the following values:




Reboot Station

Request Parameters


delay Delay of station reboot in seconds.

If the parameter is not set, then delay is 60 seconds.

no



reboot several stations at a time.

yes

message Message to a user in a free form about the reason of reboot yes

Request Example

http://192.168.1.1:9080/api/stations/reboot.ds?id=d071625c-d21d-b211-9bc4-bc02713bf843&message=reboot%20now



713. Stations HandlingReboot Station

XML Response



<station id="d071625c-d21d-b211-9bc4-bc02713bf843" status="failed"/>

</stations>

</drweb-es-api>


The <stations /> element contains information on all stations for which reboot has been

requested.



total Total number of stations for which reboot has been requested

· The <station /> element contains information on specific stations on which reboot has been

requested.




status The state of reboot process. May take the following values:

· failed—attempt to reboot a station is failed,

· initiated—reboot is initiated.

JSON Response

{ "head": { "status": true, "timestamp": 1558522041, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "total": 1, "list": { "d071625c-d21d-b211-9bc4-bc02713bf843": "failed"}}}


723. Stations HandlingReboot Station


The data block contains information on all stations for which reboot has been requested.

The data block:



· The list block contains information on specific stations on which reboot has been requested.

Elements in the list block:


Station identifier The state of reboot process. May take the following values:



Get the Quarantine State

Request Parameters


from The start of requested period, during which objects are moved

to Quarantine

no

id Identifier of a station to get information on Quarantine objects

on this station

yes

page Number of the page which must be returned in response in

paged view (may be used to display information about the large

number of stations)

no

per-page Number of stations per one page in paged view (may be used

to display information about the large number of stations)

no

till The end of requested period, during which objects are moved

to Quarantine

no


733. Stations HandlingGet the Quarantine State

Request Example

http://192.168.1.1:9080/api/stations/quarantine-objects.ds?id=2091ada3-ed5e-e611-3392-f0b9022a5484&from=20190531&till=20190614&page=2&per-page=2


XML Response


srv_version="12.00.0.201909260" status="true"> <group-quarantine items="100" period_from="1559314800" period_till="1560524399">

<item>

<created-time>1560513439</created-time>

<component>7</component>

<file size="860362">C:\Users\tests\Virs\Win32.Parite.2\postcard.gif.ex#</file>

<hash>gOD2zZJlSOzAq5mwHe7LRRlFRO9ngUSd</hash>

<owner>tests-pc\tests:tests-pc\None</owner>

<virus-info>IRC.Flood</virus-info>

<object>8f7b2c47-8e9b-11e9-5812-dcfdccec8a94</object>

<q-time>20190614115718980</q-time>

<infection-type>1</infection-type>

</item>

<item>



<file size="578560">C:\Users\tests\Virs\Adware.Look2me\Installer2.exe</file>

<hash>fGeq6EB6ERXxzl70fJ19iJOISHNyPU9F</hash>


<virus-info>Adware.Look2me.282</virus-info>

<object>9edc4361-9f0c-22d0-6b86-edaeddfd9b05</object>

<q-time>20190614115716149</q-time>


</item>

</group-quarantine>

<pages total="50" current="2" objects-per-page="2"/>

</drweb-es-api>


The <group-quarantine /> element contains information on objects in the Quarantine on

specified station.

The <group-quarantine /> element attributes:


items Total number of objects in Quarantine on specified station




period_from The start of requested period, during which objects are moved to Quarantine

period_till The end of requested period, during which objects are moved to Quarantine

· The <item /> element contains information on specific object in the Quarantine.

ъ The <created-time /> element value contains the time when the object was added to the

Quarantine at the Server.

ъ The <component /> element contains the code of components which moved the object to

the Quarantine:

0—unknown component,

1—Dr.Web Scanner,

2—SpIDer Guard,

3—SpIDer Mail,

4—SpIDer Gate,

5—Quarantine Manager,

6—Dr.Web for Kerio,

7—Dr.Web for Microsoft Outlook,

8—Dr.Web for IBM Lotus Domino,

9—Dr.Web for Qbik WinGate,

10—Dr.Web for ISA Server,

11—Antirootkit module.

ъ The <file /> element contains information on specific file in the Quarantine.

The <file /> element attribute:


size Size of the file in the Quarantine

The <file /> element value contains the full path to the file before moving to the

Quarantine.

ъ The <hash /> element value contains the object hash code in the SHA256 format.

ъ The <owner /> element value contains the name of the file owner.

ъ The <virus-info /> element value contains the name of malware object according to the

Doctor Web company classification.



ъ The <object /> element value contains the identifier of the object in the Quarantine.

ъ The <q-time /> element value contains the time when the object was added to the

Quarantine at the station.

ъ The <infection-type /> element value contains an infection type:

1—known infection,

2—known infection modification,

4—unknown infection,

5—adware,

6—dialer,

7—joke,

8—riskware,

9—hacktool.

· The <pages /> element contains information on paged view of Quarantine state.



total Total number of pages with information on Quarantine state in paged view

current Number of the current page

objects-per-page Objects count on one page

JSON Response

{ "head": { "status": true, "timestamp": 1560513463, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}}, "data": { "period_from": 1559314800, "period_till": 1560524399, "items": { "total": 100, "list": [ {"component_code": 7, "created_time": 1560513439, "file": "C:\\Users\\tests\\Virs\\Win32.Parite.2\\postcard.gif.ex#", "file_size": 860362, "hash": "gOD2zZJlSOzAq5mwHe7LRRlFRO9ngUSd", "object": "8f7b2c47-8e9b-11e9-5812-dcfdccec8a94", "owner": "tests-pc\\tests:tests-pc\\None",



"q_time": 20190614115718980, "virus_info": "IRC.Flood"}, {"component_code": 11, "created_time": 1560513436, "file": "C:\\Users\\tests\\Virs\\Adware.Look2me\\Installer2.exe", "file_size": 578560, "hash": "fGeq6EB6ERXxzl70fJ19iJOISHNyPU9F", "object": "9edc4361-9f0c-22d0-6b86-edaeddfd9b05", "owner": "tests-pc\\tests:tests-pc\\None", "q_time": 20190614115716149, "virus_info": "Adware.Look2me.282"}]}, "pages": { "current": 2, "objects_per_page": 2, "total": 50}}}


The data block contains general information on the request and the blocks with information on

objects in the Quarantine.





· The items block contains information on objects in the Quarantine on specified station.

The items block elements:


total Total number of objects in Quarantine on specified station

ъ The list array contains information on specific objects in the Quarantine.



component_code The code of components which moved the object to the Quarantine:


1—Dr.Web Scanner,

2—SpIDer Guard,

3—SpIDer Mail,




4—SpIDer Gate,







11—Antirootkit module.

created_time The time when the object was added to the Quarantine at the Server

file Full path to the file before moving to the Quarantine

file_size Size of the file in the Quarantine

hash The object hash code in the SHA256 format

object Identifier of the object in the Quarantine

owner Name of the file owner

q_time Time when the object was added to the Quarantine at the station

virus_info Name of malware object according to the Doctor Web company classification








783. Stations HandlingGet Newbies Information

Get Newbies Information

Request Parameters




get information on a several stations at a time.

yes

Request Example

http://192.168.1.1:9080/api/stations/newbies-info.ds?id=d034621d-7405-e711-1491-f4600dec4700


XML Response

<drweb-es-api api_version="<%API_V%>" timestamp="1558521955" server="192.168.1.1"


<station id="d034621d-7405-e711-1491-f4600dec4700" name="36fz1ya27aQ"

created="1489138192" parent_id="20e27d73-d21d-b211-a788-85419c46f0e6"parent_name="Everyone" state="0"> <os code="35850244">Windows 7 Enterprise x64</os>

<server>70d9cc8c-6df7-e611-1c76-f030d2090f68</server>

<address>tcp://192.168.1.1:57516</address>

</station>

</stations>

</drweb-es-api>


The <stations /> element contains information on newbies stations.



total Total number of stations information on which is displayed in response

· The <station /> element contains information on a specific newbie station.





id Station ID

name Station name

created Date of account creation at the Server

parent_id Parent group identifier

parent_name Parent group name


ъ The <os /> element contains information about the operating system currently installed on

the station.

The <os /> element attribute:


code Operating system code

The <os /> element value is an operating system name.

ъ The <server /> element value is identifier of Server to which the station requests a

connection.

ъ The <address /> element value is a network address from which the station accessed the

Server at the last time.

JSON Response

{ "head": { "status": true, "timestamp": 1558522043, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "total": 1, "list": [{ "address": "tcp://192.168.1.1:40566",

"created_time": 1489138192, "id": "1a299c6c-5b5c-4089-a72b-3044752d52b7", "name": "elena.i.drweb.ru", "onconnect": 2, "os_code": 16842752, "os_name": "Linux",



"parent_id": "20e27d73-d21d-b211-a788-85419c46f0e6", "parent_name": "Everyone", "server": "257f112d-ab07-4d17-ae01-f37b6b135fab", "state": 0}]}}


The data block contains information on all newbie stations.




· The list array contains information on specific newbies stations.



address Network address from which the station accessed the Server at the last time

created_time Date of account creation at the Server

id Station ID

name Station name

onconnect Action that will be performed on the next connection of a station to the Server:




os_code Operating system code




server Identifier of Server to which the station requests a connection



813. Stations HandlingGet Installing Components List

Get Installing Components List

Request Parameters




get installing components lists for several stations at a time.

yes

The response document for stations running OS Windows will contain a list of installed

components, while the list for other stations will be empty.

Request Example

http://192.168.1.1:9080/api/stations/components.ds?id=test30cc7eb2


XML Response



<station id="test30cc7eb2">


a788-85419c46f0e6" inherited_group_name="Everyone"> <component code="4" name="Dr.Web Scanner for Windows" status="1"/>

<component code="14" name="SpIDer Mail for Windows workstations"

status="1"/> <component code="38" name="SpIDer Gate for Windows workstations"

status="1"/> <component code="54" name="Dr.Web Office Control" status="1"/>

<component code="55" name="Dr.Web Antispam" status="1"/>

<component code="57" name="SpIDer Guard for Windows workstations"

status="1"/> <component code="58" name="SpIDer Guard for Windows servers" status="1"/>

<component code="103" name="Dr.Web plug-in for MS Outlook" status="1"/>

<component code="105" name="Dr.Web Firewall" status="1"/>

<component code="30" name="Dr.Web Agent for Windows" status="2"/>

<component code="37" name="Dr.Web Agent Scanner for Windows" status="2"/>



<component code="39" name="Dr.Web Agent for UNIX" status="2"/>

</components>

</station>

</stations>

</drweb-es-api>


The <stations /> element contains information on all requested stations.








ъ The <components /> element contains information on all installing components of a

specific station.



total Total number of all components



individually.



value will be none.


inherited. If the inherited attribute is false, than the value of this

attribute will be none.

§ The <component /> contains information about a specific installing component.












{ "head": { "status": true, "timestamp": 1558522043, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "total": 1, "list": [{ "components": [ {"code": 4, "name": "Dr.Web Scanner for Windows", "status": 1}, {"code": 14, "name": "SpIDer Mail for Windows workstations", "status": 1}, {"code": 38, "name": "SpIDer Gate for Windows workstations", "status": 1}, {"code": 54, "name": "Dr.Web Office Control", "status": 1}, {"code": 55, "name": "Dr.Web Antispam", "status": 1}, {"code": 57, "name": "SpIDer Guard for Windows workstations", "status": 1}, {"code": 58, "name": "SpIDer Guard for Windows servers", "status": 1}, {"code": 103, "name": "Dr.Web plug-in for MS Outlook", "status": 1},



{"code": 105, "name": "Dr.Web Firewall", "status": 1}, {"code": 30, "name": "Dr.Web Agent for Windows", "status": 2}, {"code": 37, "name": "Dr.Web Agent Scanner for Windows", "status": 2}, {"code": 39, "name": "Dr.Web Agent for UNIX", "status": 2}], "inherited": true, "inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6", "inherited_group_name": "Everyone", "station_id": "test30cc7eb2"}]}}


The data block contains information on all requested stations.




· The list array contains information on all requested stations.





individually.



value will be none.



value will be none.

station_id Station identifier

ъ The components array contains information about specific installing components.

Elements in the components array:











Get Installed Components List

Request Parameters




get installed components lists for several stations at a time.

yes

Request Example

http://192.168.1.1:9080/api/stations/installed-components.ds?id=88e984a0-6031-11e9-5b7e-f4ffebd769bf


XML Response



<station id="88e984a0-6031-11e9-5b7e-f4ffebd769bf">

<components total="10">

<component code="144" name="Dr.Web Preventive Protection"

installed="1559729080" path="C:\Program Files\DrWeb" server="MT"/> <component code="4" name="Dr.Web Scanner for Windows" installed="1561445724"

path="C:\Program Files\DrWeb" server="MT"/> <component code="14" name="SpIDer Mail for Windows workstations"

installed="1561445724" path="C:\Program Files\DrWeb" server="MT"/>


863. Stations HandlingGet Installed Components List

<component code="30" name="Dr.Web Agent for Windows" installed="1561445694"

path="C:\Program Files\DrWeb" server="MT"/> <component code="37" name="Dr.Web Agent Scanner for Windows"

installed="1561445694" path="C:\Program Files\DrWeb" server="MT"/> <component code="38" name="SpIDer Gate for Windows workstations"

installed="1561445696" path="C:\Program Files\DrWeb" server="MT"/> <component code="54" name="Dr.Web Office Control" installed="1561445723"

path="C:\Program Files\DrWeb" server="MT"/> <component code="55" name="Dr.Web Antispam" installed="1561445690" path="C:

\Program Files\DrWeb" server="MT"/> <component code="57" name="SpIDer Guard for Windows workstations"

installed="1561445724" path="C:\Windows\system32\drivers\"server="tcp/192.168.10.93:2193"/> <component code="124" name="Dr.Web Self-protection" installed="1561445725"

path="C:\Windows\system32\drivers\" server="tcp/192.168.10.93:2193"/> </components>

</station>

</stations>

</drweb-es-api>










ъ The <components /> element contains information on all installed components of a specific

station.

The <components /> element attribute:


total Total number of components installed on this station

§ The <component /> element contains information about a specific installed component.







installed Date of the component installation in the UNIX timestamp format


server Address of the Server from which the component was installed. For

components installed from the current Server, the server attribute

contains the empty value.

JSON Response

{ "head": { "status": true, "timestamp": 1561552119, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}}, "data": { "total": 1, "list": [{ "components": [ {"code": 144, "installed_time": 1559729080, "name": "Dr.Web Preventive Protection", "path": "C:\\Program Files\\DrWeb", "server": "MT"}, {"code": 4, "installed_time": 1561445724, "name": "Dr.Web Scanner for Windows", "path": "C:\\Program Files\\DrWeb", "server": "MT"}, {"code": 14, "installed_time": 1561445724, "name": "SpIDer Mail for Windows workstations", "path": "C:\\Program Files\\DrWeb", "server": "MT"}, {"code": 30, "installed_time": 1561445694, "name": "Dr.Web Agent for Windows", "path": "C:\\Program Files\\DrWeb", "server": "MT"}, {"code": 37, "installed_time": 1561445694, "name": "Dr.Web Agent Scanner for Window",



"path": "C:\\Program Files\\DrWeb", "server": "tcp/192.168.1.1:2193"}, {"code": 38, "installed_time": 1561445696, "name": "SpIDer Gate for Windows workstations", "path": "C:\\Program Files\\DrWeb", "server": "MT"}, {"code": 54, "installed_time": 1561445723, "name": "Dr.Web Office Control", "path": "C:\\Program Files\\DrWeb", "server": "MT"}, {"code": 55, "installed_time": 1561445690, "name": "Dr.Web Antispam", "path": "C:\\Program Files\\DrWeb", "server": "MT"}, {"code": 57, "installed_time": 1561445724, "name": "SpIDer Guard for Windows workstations", "path": "C:\\Windows\\system32\\drivers\\", "server": "tcp/192.168.10.93:2193"}, {"code": 124, "installed_time": 1561445725, "name": "Dr.Web Self-protection", "path": "C:\\Windows\\system32\\drivers\\", "server": "tcp/192.168.10.93:2193"}], "station_id": "88e984a0-6031-11e9-5b7e-f4ffebd769bf"}]}}










ъ The components array contains information on all installed components of a station.







installed_time Date of the component installation in the UNIX timestamp format



server Address of the Server from which the component was installed. For

components installed from the current Server, the server attribute contains

the empty value.

Get Running Components List

Request Parameters




get the lists of currently running components for several stations

at a time.

yes

Request Example

http://192.168.1.1:9080/api/stations/running-components.ds?id=88e984a0-6031-11e9-5b7e-f4ffebd769bf


XML Response




<components total="6">

<component code="14" name="SpIDer Mail for Windows workstations" params=""

started="1561525662" type="8" user="NT AUTHORITY\SYSTEM"/> <component code="30" name="Dr.Web Agent for Windows" params=""

started="1561525672" type="8" user="NT AUTHORITY\SYSTEM"/>


903. Stations HandlingGet Running Components List

<component code="54" name="Dr.Web Office Control" params=""

started="1561525673" type="8" user="NT AUTHORITY\SYSTEM"/> <component code="57" name="SpIDer Guard for Windows workstations" params=""

started="1561525674" type="8" user="NT AUTHORITY\SYSTEM"/> <component code="124" name="Dr.Web Self-protection" params=""

started="1561525674" type="8" user="NT AUTHORITY\SYSTEM"/> <component code="144" name="Dr.Web Preventive Protection" params=""

started="1561525674" type="8" user="NT AUTHORITY\SYSTEM"/> </components>

</station>

</stations>

</drweb-es-api>










ъ The <components /> element contains information on all currently running components of a

specific station.

The <components /> element attribute:


total Total number of components which are running on this stations

§ The <component /> element contains information about a specific running component.






started Component start time in the UNIX timestamp format




type Component starting method. May take the following values:

1—started manually,

2—started by a scheduled task,

4—started by the user,

8—started as system process.


JSON Response

{ "head": { "status": true, "timestamp": 1561552034, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}}, "data": { "total": 1, "list": [{ "components": [ {"code": 14, "name": "SpIDer Mail for Windows workstations", "params": "", "pid": "14", "started_time": 1561525662, "type": 8, "user": "NT AUTHORITY\\SYSTEM"}, {"code": 30, "name": "Dr.Web Agent for Windows", "params": "", "pid": "30", "started_time": 1561525672, "type": 8, "user": "NT AUTHORITY\\SYSTEM"}, {"code": 54, "name": "Dr.Web Office Control", "params": "", "pid": "54", "started_time": 1561525673, "type": 8, "user": "NT AUTHORITY\\SYSTEM"}, {"code": 57, "name": "SpIDer Guard for Windows workstations", "params": "", "pid": "57", "started_time": 1561525674, "type": 8, "user": "NT AUTHORITY\\SYSTEM"},



{"code": 124, "name": "Dr.Web Self-protection", "params": "", "pid": "124", "started_time": 1561525674, "type": 8, "user": "NT AUTHORITY\\SYSTEM"}, {"code": 144, "name": "Dr.Web Preventive Protection", "params": "", "pid": "144", "started_time": 1561525674, "type": 8, "user": "NT AUTHORITY\\SYSTEM"}], "station_id": "88e984a0-6031-11e9-5b7e-f4ffebd769bf"}]}}










ъ The components block contains information on all currently running components of a

station.






pid Process identifier at the station

started_time Component start time in the UNIX timestamp format




type Component starting method. May take the following values:

1—started manually,

2—started by a scheduled task,

4—started by the user,

8—started as system process.


Get Modules List

Request Parameters




get the lists of antivirus components software modules for

several stations at a time.

yes

Request Example

http://192.168.1.1:9080/api/stations/modules.ds?id=88e984a0-6031-11e9-5b7e-f4ffebd769bf


XML Response




<modules total="32">

<module name="drweb32.dll" version="7.00.34.11020" created="1555412121"

modified="1555412121" hash="6fbd6151c4a67f7439130282efb7e981" file_size="4572424"file_owner="BUILTIN\Administrators:DRWEB\Domain Users @ MT"/> <module name="drwupsrv.exe" version="12.0.9.04050" created="1555412105"

modified="1555412105" hash="0a8ebb1e750fb47c3949ad2c944a3cc1" file_size="7768968"file_owner="BUILTIN\Administrators:DRWEB\Domain Users @ MT"/>


943. Stations HandlingGet Modules List


<module name="win-es-agent-setup.exe" version="12.0.0.05300"

created="1555412107" modified="1559729074" hash="b56aff4c5f64b45122cfda03fb732076"file_size="19241504" file_owner="BUILTIN\Administrators:DRWEB\Domain Users @ MT"/> </modules>

</station>

</stations>

</drweb-es-api>










ъ The <modules /> element contains information about all program modules installed on a

specific station.

The <modules /> element attribute:


total Total number of modules installed on this station

§ The <module /> element contains information about a specific program module.

The <module /> element attributes:


name File name


created Module creation date in the UNIX timestamp format

modified Module last modified date in the UNIX timestamp format







JSON Response

{ "head": { "status": true, "timestamp": 1561552009, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}}, "data": { "total": 1, "list": [{ "modules": [ {"created_time": 1555412121, "description": "Dr.Web Virus-Finding Engine", "file_name": "drweb32.dll", "file_owner": "BUILTIN\\Administrators:DRWEB\\Domain Users @ MT", "file_size": 4572424, "hash": "6fbd6151c4a67f7439130282efb7e981", "modified_time": 1555412121, "version": "7.00.34.11020"}, {"created_time": 1555412105, "description": "Dr.Web Update", "file_name": "drwupsrv.exe", "file_owner": "BUILTIN\\Administrators:DRWEB\\Domain Users @ MT", "file_size": 7768968, "hash": "0a8ebb1e750fb47c3949ad2c944a3cc1", "modified_time": 1555412105, "version": "12.0.9.04050"}, ... {"created_time": 1555412107, "description": "Dr.Web Agent setup", "file_name": "win-es-agent-setup.exe", "file_owner": "BUILTIN\\Administrators:DRWEB\\Domain Users @ MT", "file_size": 19241504, "hash": "b56aff4c5f64b45122cfda03fb732076", "modified_time": 1559729074, "version": "12.0.0.05300"}]}, "station_id": "88e984a0-6031-11e9-5b7e-f4ffebd769bf"}]}}












ъ The modules block contains information about all program modules installed on a specific

station.

Elements in the modules array:


created_time Module creation date in the UNIX timestamp format

description Module description

file_name File name




modified_time Module last modified date in the UNIX timestamp format


Get Virus Databases List

Request Parameters




get the lists of virus databases for several stations at a time.

yes

973. Stations HandlingGet Virus Databases List

Request Example

http://192.168.1.1:9080/api/stations/bases.ds?id=30cc7eb2-d11d-b211-b695-b80815e63511


XML Response



<station id="724f2e10-890e-11e9-4d9d-6812fd061186">

<bases total="214">

<base file_name="dwp11000.vdb" version="1100" created="1559904284"

viruses="1"/> <base file_name="dwf11000.vdb" version="1100" created="1559904284"

viruses="4"/> 

<base file_name="dwntoday.vdb" version="1100" created="1559904284"

viruses="4005"/> </bases>

</station>

</stations>

</drweb-es-api>










ъ The <bases /> element contains information about all virus databases installed on a

specific station.



The <bases /> element attribute:


total Total number of virus databases

§ The <base /> element contains information about a specific virus database.

The <base /> element attributes:






JSON Response

{ "head": { "status": true, "timestamp": 1559905392, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "6c271cb0-8912-11e9-5a3b-b85a98f7c5ad"}}, "data": { "total": 1, "list": [ {"bases": [ {"created_time": 1559904284, "file_name": "dwp11000.vdb", "version": "1100", "viruses": 1}, {"created_time": 1559904284, "file_name": "dwf11000.vdb", "version": "1100", "viruses": 4}, ... {"created_time": 1559904284, "file_name": "dwntoday.vdb", "version": "1100", "viruses": 4005}], "station_id": "724f2e10-890e-11e9-4d9d-6812fd061186"}]}}












ъ The bases block contains information about all virus databases installed on a specific

station.

Elements in the bases array:


created_time Database creation date in the UNIX timestamp format




Get Station Location Data

Request Parameters




get the location data for several stations at a time.

yes


1003. Stations HandlingGet Station Location Data

Request Example

http://192.168.1.1:9080/api/stations/geo.ds?id=StationForFunctional1


XML Response



<station id="88e984a0-6031-11e9-5b7e-f4ffebd769bf" name="StationForFunctional1">



<country>RU</country>

<province>Test_region</province>

<city>Test_town</city>

<street>Test_avenue</street>

</station>

</stations>

</drweb-es-api>






· The <station /> element contains information about a specific station.



id Station ID

name Station name

Nested elements of the <station /> element:

Element Description




Element Description


<country /> Country


<city /> City

<street /> Street


{ "head": { "status": true, "timestamp": 1561465731, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}}, "data": { "total": 1, "list": [{ "city": "Test_town", "country": "RU", "id": "88e984a0-6031-11e9-5b7e-f4ffebd769bf", "latitude": 12000000, "longitude": 15000000, "name": "StationForFunctional1", "province": "Test_region", "street": "Test_avenue"}]}}











city City

country Country

id Station ID

latitude Latitude

longitude Longitude

name Station name

province Province

street Street

Get Information about Products on a Station

Request Parameters




get the data about products for several stations at a time.

yes

Request Example

http://192.168.1.1:9080/api/stations/products.ds?id=123456789



1033. Stations HandlingGet Information about Products on a Station

XML Response




<products total="4">

<product code="10-drwbases" modified_time="1560510660"

revision="12020190603092307" state_code="S" state="Normal">Dr.Web virus

databases</product>

<product code="10-drwspamdb" modified_time="1560510660"

revision="12020190603090829" state_code="F" state="Update failed">Dr.Web Anti-spam

databases</product>

<product code="20-drwagent" modified_time="1560510660"

revision="12020190530164458" state_code="S" state="Normal">Dr.Web Agent for

Windows</product>

<product code="10-drwgatedb" modified_time="1560510660"

revision="12020190603090829" state_code="F" state="Update failed">SpIDer Gate

databases</product>

</products>

</station>

</stations>

</drweb-es-api>










ъ The <products /> element contains information on all stations of a specified station.

The <products /> element attribute:


total Total number of products

§ The <product /> element contains information on a specific product.



The <product /> element attributes:


code Product code

modified_time The date of last revision update in the Unix timestamp format

revision Revision number

state_code Code of the update state. May take one of the following values:

· D—update is delayed,

· F—update error,

· S—the product is updated successfully.

state Update state. May take one of the following values:

· Delayed—update is delayed,

· Update failed—update error,

· Normal—the product is updated successfully.

JSON Response

{ "head": { "status": true, "timestamp": 1561465752, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}} "data": { "total": 1, "list": [ {"products": { "10-drwbases": { "modified_time": "1560510660", "name": "Dr.Web virus databases", "revision": 12020190603092307, "state": "Normal", "state_code": "S"}, "10-drwgatedb": { "modified_time": "1560510660", "name": "SpIDer Gate databases", "revision": 12020190603090829, "state": "Update failed", "state_code": "F"}, "10-drwspamdb": { "modified_time": "1560510660", "name": "Dr.Web Anti-spam databases", "revision": 12020190603090829,



"state": "Update failed", "state_code": "F"}, "20-drwagent": { "modified_time": "1560510660", "name": "Dr.Web Agent for Windows", "revision": 12020190530164458, "state": "Normal", "state_code": "S"}}, "station_id": "88e984a0-6031-11e9-5b7e-f4ffebd769bf", "total": 4}]}}










total Total number of products on the station

ъ The products array contains information about specific products on a station, nested

blocks names corresponding the product codes.

Elements in the products array:



name Product name


state Update state. May take one of the following values:

· Delayed—update is delayed,

· Update failed—update error,

· Normal—the product is updated successfully.




state_code Code of the update state. May take one of the following values:

· D—update is delayed,

· F—update error,

· S—the product is updated successfully.


1074. Groups Handling

4. Groups Handling

URL requests

http://<host>:9080/api/groups/<script>.ds?

or

https://<host>:9081/api/groups/<script>.ds?

Available scripts

Script Description

add.ds Add a new group

change.ds Change group parameters

components.ds Get installing components list for a group

delete.ds Delete group

geo.ds Get Location Data of Stations of a Group

infections-chart.ds Get statistics on performed actions

info.ds Get group information

list.ds Get groups list

quarantine-objects.ds Get the Quarantine state of stations of a group

reboot.ds Reboot stations of a group

send-message.ds Send a message to stations of a group

start-scanner.ds Remote launch of scanning on stations of a group

stations-list.ds Get the list of stations of a group

statistics.ds Get group statistics

update-components.ds Update components on stations of a group


1084. Groups HandlingAdd a New Group

Add a New Group

Request Parameters


description Group description – Required parameter: no

id Group identifier Digits, latin characters,

and the following

symbols: ‘_’, ‘-’, ‘.’


If not set, an ID will be generated

automatically.

name Group name – Required parameter: yes

parent-group Parent group identifier – Required parameter:

no—for full-rights administrators

yes—for group administrators

The parent-group parameter is obligatory for group creation by a user with group

administrator rights.

Request Example

http://192.168.1.1:9080/api/groups/add.ds?id=1001&name=group4&parent-group=1&description=new


XML Response


srv_version="12.00.0.201909260" status="true"> <group id="1001"/>

</drweb-es-api>


The <group /> element contains information about the created group.


1094. Groups HandlingAdd a New Group

The <group /> element attribute:


id Group identifier


{ "head": { "status": true, "timestamp": 1558521971, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "id": "1001"}}


The data block contains information on the created group.



id Identifier of created group

Change Group Parameters

Request Parameters


description Group description no

id Identifier of a group which parameters will be changed yes

name Group name no

parent-group Parent group identifier no


1104. Groups HandlingChange Group Parameters

Request Example

http://192.168.1.1:9080/api/groups/change.ds?id=4&name=group4edit&parent-group=2&description=descr_new


XML Response


srv_version="12.00.0.201909260" status="true"> <group id="4"/>

</drweb-es-api>


The <group /> element contains information about the changed group.



id Group identifier


{ "head": { "status": true, "timestamp": 1555734992, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "1023dcd7-d11d-b211-896d-8804c0842edb"}}, "data": { "id": "4"}}


The data block contains information on the changed group.


1114. Groups HandlingChange Group Parameters



id Identifier of changed group

Delete Group

Request Parameters


id Group identifier.


delete multiple groups at a time.

yes

Request Example

http://192.168.1.1:9080/api/groups/delete.ds?id=4


XML Response


srv_version="12.00.0.201909260" status="true"> <groups total="1">

<group id="4"/>

</groups>

</drweb-es-api>


The <groups /> element contains information about all deleted groups.

The <groups /> element attribute:


total Total number of groups deleted


1124. Groups HandlingDelete Group

· The <group /> element contains information about a specific deleted group. Number of the

<group /> elements corresponds to the number of deleted groups.



id Group identifier


{ "head": { "status": true, "timestamp": 1555735077, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "1023dcd7-d11d-b211-896d-8804c0842edb"}}, "data": { "groups": { "total": 1, "list": [{ "id": "4"}]}}}


The groups block contains information about all deleted groups.

The groups block elements:


total Total number of groups

· The list array contains information about a specific deleted group.



id Group identifier


1134. Groups HandlingGet Groups List

Get Groups List

Request Parameters


parent-group Parent group identifier.

The response contains information on all child groups of the

specified parent group (without nesting). Information on child

groups of the Operating system, Status, or Ungrouped system

groups can be provided in the same way.

If parameter is not set, response contains information on all

user groups of the Everyone group level.

no

Request Example

http://192.168.1.1:9080/api/groups/list.ds?parent-group=ParentGroupForLGS


XML Response



<group id="98c8f98a-16e9-4fb5-af4d-d62923dca7b3" name="New group2"

child_groups="0" stations="0" type="0"/> <group id="3" name="New group3" child_groups="2" stations="1" type="0"/>

</groups>

</drweb-es-api>


The <groups /> element contains a list of groups.




· The <group /> element contains information about a specific group.





id Group identifier

name Group name

child-groups Number of child groups (without nesting)

stations Number of stations in a group


0—user group,








10—pseudogroup,

13—group containing Dr.Web Proxy servers for connecting Agents and

neighbor Servers.

JSON Response

{ "head": { "status": true, "timestamp": 1558521971, "api": { "version": 40300, "versionString": 4.3.0},

"server": { "name": "192.168.1.1",

"version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}},

"data": { "groups": { "total": 2,

"list": [ {"child_groups": 0, "id": "98c8f98a-16e9-4fb5-af4d-d62923dca7b3", "name": "New group2",

"stations": 0, "type": 0}, {"child_groups": 2, "id": "3", "name": "New group3",



"stations": 1, "type": 0}]}}}


The groups block contains information about all requested groups.




· The list array contains information about a specific group.



child-groups Number of child groups (without nesting)

id Group identifier

name Group name



0—user group,








10—pseudogroup,


neighbor Servers.


1164. Groups HandlingGet Group Information

Get Group Information

Request Parameters


components If this parameter value is yes, then response

will contain information about group

components.

The default value is no

yes | no no


This parameter can be defined in the request

several times to request information on

multiple groups at a time.

– yes

keys If this parameter value is yes, then response

will contain information about the license key

for this group.


yes | no no

rights If this parameter value is yes, then response

will contain information about group rights.


yes | no no

Request example

http://192.168.1.1:9080/api/groups/info.ds?id=GroupForIGS&rights=yes&components=yes&keys=yes




XML Response



<group id="GroupForIGS" name="GroupForIGS" description="GroupForIGS"

created="1489410582" modified="1489410582" parent_id="" parent_name="" type="0"> <keys inherited="true" inherited_group_id="20e27d73-d21d-b211-a788-

85419c46f0e6" inherited_group_name="Everyone"> <key id="daa669be6fdbca01"/>

</keys>

<packages>

<package arch="all" os="windows" url="http://win10-1809-pro-x64-

ru:9080/download/download.ds?os=windows&group-id=GroupForIGS"/>

</packages>

<rights inherited="true" inherited_group_id="20e27d73-d21d-b211-a788-

85419c46f0e6" inherited_group_name="Everyone"> <right code="1" name="Run Dr.Web Scanner for Windows" value="1"/>


</rights>

<components inherited="true" inherited_group_id="20e27d73-d21d-b211-a788-

85419c46f0e6" inherited_group_name="Everyone"> <component code="4" name="Dr.Web Scanner for Windows" status="1"/>


status="1"/> <component code="38" name="SpIDer Gate for Windows workstations"

status="1"/> <component code="54" name="Dr.Web Office Control" status="1"/>

<component code="55" name="Dr.Web Antispam" status="1"/>


status="1"/> <component code="58" name="SpIDer Guard for Windows servers" status="1"/>

<component code="103" name="Dr.Web plug-in for MS Outlook" status="1"/>

<component code="105" name="Dr.Web Firewall" status="1"/>

<component code="30" name="Dr.Web Agent for Windows" status="2"/>

<component code="37" name="Dr.Web Agent Scanner for Windows" status="2"/>

</components>

<child-groups/0</child-groups>

<stations>1</stations>

</group>

</groups>

</drweb-es-api>


The <groups /> element contains information about all groups.









id Group identifier

name Group name

description Group description

created Group creation time and date in Unix timestamp format

modified Group modification time and date in Unix timestamp format

parent_id Parent group identifier. If the value is none, then the parent group has not

been set.

parent_name Parent group name. If the value is none, then the parent group has not been

set.


0—user group,








10—pseudogroup,


neighbor Servers.

ъ The <keys /> element contains information about all group keys.

The <keys /> element attributes:


inherited If its value is set to true, then the keys are inherited from a parent group,

and if set to false—then the keys are configured individually.

inherited_group_id ID of a parent group from which the keys have been inherited. If the


none.

inherited_group_name Name of a parent group from which keys parameters have been inherited.

If the inherited attribute is set to false, then this attribute value will be

none.



§ The <key /> element contains information about a specific key.

The <key /> element attribute:



ъ The <packages /> element contains links on group installation packages created at this

Server for different architectures and operating systems.

§ The <package /> element contains the link on the specific installation package.

The <package /> element attributes:







url Web resource for the package (Agent) downloading

ъ The <rights /> element contains information about all rights of a tariff group.

The <rights /> element attributes:






none.



none.

§ The <right /> element contains information about a specific element of rights.

The <right /> element attributes:


code Digital code of an element of rights (see the Rights section)








ъ The <components /> element contains information about all group components.





individually.



value will be none.



value will be none.

§ The <component /> element contains information about a specific component.









ъ The <child-groups /> element contains the number of child groups.

ъ The <stations /> element contains information about all stations, included in the group.

Value of this element is the number of stations included to this group.



JSON Response

{ "head": { "status": true, "timestamp": 1559905257, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "6c271cb0-8912-11e9-5a3b-b85a98f7c5ad"}}, "data": { "groups": { "total": 1, "list": [ {"child_groups": 0, "components": { "inherited": true, "inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6"}, "inherited_group_name": "Everyone", "list": [ {"code": 4 , "name": "Dr.Web Scanner for Windows", "status": 1}, {"code": 14, "name": "SpIDer Mail for Windows workstations", "status": 1}, {"code": 38, "name": "SpIDer Gate for Windows workstations", "status": 1}, {"code": 54, "name": "Dr.Web Office Control", "status": 1}, {"code": 55, "name": "Dr.Web Antispam", "status": 1}, {"code": 57, "name": "SpIDer Guard for Windows workstations", "status": 1}, {"code": 58, "name": "SpIDer Guard for Windows servers", "status": 1}, {"code": 103, "name": "Dr.Web plug-in for MS Outlook", "status": 1}, {"code": 105, "name": "Dr.Web Firewall", "status": 1}, {"code": 30, "name": "Dr.Web Agent for Windows", "status": 2}, {"code": 37, "name": "Dr.Web Agent Scanner for Windows", "status": 2}]}, "created_time": 1489410582, "description": "GroupForIGS", "has_personal_settings": true, "id": "GroupForIGS",



"keys": { "inherited": true, "inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6", "inherited_group_name": "Everyone", "list": [ "daa669be6fdbca01"]}, "modified_time": 1489410582, "name": "GroupForIGS", "packages": [ {"arch": "all", "os": "windows", "url": "http://win10-1809-pro-x64-ru:9080/download/download.ds?

os=windows&group-id=GroupForIGS"}],

"permissions": { "inherited": true, "inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6", "inherited_group_name": "Everyone", "list": [ {"name": "Run Dr.Web Scanner for Windows", "right": 1, "value": 1}, ...]}, "stations": 1, "type": 0}]}}}


The groups block contains information about all requested groups.




· The list array contains information about a specific group.



child_groups Number of child groups

created_time Group creation time and date in Unix timestamp format

description Group description. The string is displayed only if the field is not empty.

has_personal_settings If the value is true, then personal settings have been set for the group or for

some stations in the group, and if set to false, then no personal settings

have been set.

id Group identifier

modified_time Group modification time and date in Unix timestamp format




name Group name

parent_group_id Parent group identifier. If the value is none, then the parent group has not

been set. The string is displayed only if the field is not empty.

parent_group_name Parent group name. If the value is none, then the parent group has not been

set. The string is displayed only if the field is not empty.



0—user group,








10—pseudogroup,


neighbor Servers.

ъ The components block contains information about all group components.

§ The list array in the component block contains information about a specific component.









ъ The keys block contains information about all license keys of a group.





inherited If its value is set to true, then keys are inherited from a parent group, and

if set to false—then keys are configured individually.

inherited_group_id ID of a parent group from which the keys have been inherited. If the


none.

inherited_group_name Name of a parent group from which keys parameters have been inherited.

If the inherited field value is set to false, then this attribute value will

be none.

§ The list array in the keys contains information about a specific key.




ъ The packages array block contains links on group installation packages created at this

Server for different architectures and operating systems.

Elements in the packages array:







url Web resource for the package (Agent) downloading

ъ The permissions block contains information about all rights of a group.

The permissions block elements:






none.






none.

§ The list array in the permissions contains information about a specific element of rights.




right Digital code of an element of rights (see the Rights section)




Get Group Statistics

Request Parameters


id Group identifier – Required parameter: yes.

This parameter can be defined

in the request several times to

request information on multiple

groups at a time.



requested Accepted parameters

format: YYYYMMDD or

YYYYMMDDHHmmss

Required parameters: no.



returned.till End date of a period for


requested


1264. Groups HandlingGet Group Statistics


top-viruses If this parameter value is

yes, then the response

will contain information

about the most common

viruses.




the virus top


The default value is 10; the

parameter will be ignored if

top-viruses=no.

Request Example

http://192.168.1.1:9080/api/groups/statistics.ds?id=20e27d73-d21d-b211-a788-85419c46f0e6




srv_version="12.00.0.201909260" status="true"> <groups-statistics total="1" period_from="1514808000" period_till="1568213999">

<group id="20e27d73-d21d-b211-a788-85419c46f0e6" name="Everyone">


<cured>11773944</cured>

<moved>11781181</moved>



<locked>0</locked>

<errors>46174597</errors>

</infections>

<viruses>

<virus name="IO2V2.KpRKF.LZXzuk1ssY" stations="1" originator=37"


<virus name="125F.FtE6OP7.37688" stations="1" originator=37"


<virus name="16aE.Il9509.17776" stations="1" originator=37"


<virus name="05z9Y.5jZetG" stations="1" originator=37"


<virus name="0T5q.C28VO.5360" stations="1" originator=37"




<virus name="11qp.d8SNO6.17481" stations="1" originator=37"


<virus name="0BUG5y.ekHPE.28147" stations="1" originator=37"


<virus name="10Qp.lVZE.ELByVcwf6R.43711" stations="1" originator=37"


<virus name="i5S1.hI2emvT8.76WQs.54360" stations="1" originator=37"


<virus name="fZVa.QRwL.16169" stations="1" originator=37"


</viruses>

</group>

</groups-statistics>

</drweb-es-api>


The <groups-statistics /> element contains information about all groups.

The <groups-statistics /> element attributes:



period_from Start date of a period for which statistical data received

period_till End date of a period for which statistical data received




id Group identifier

name Group name

ъ The <infections /> element contains statistics on infections.



scaned Total number of scanned objects

total Total number of detected infections




Element Description








ъ The <viruses /> element contains statistics on all detected viruses.

§ The <virus /> element contains information about a specific virus. The <virus />

element value is the number of objects infected by this virus.



name Virus name





{ "head": { "status": true, "timestamp": 1568207129, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "7c889d36-b94a-42b8-b2c6-8c3a5500bf1e"}}, "data": { "period_from": 1514808000, "period_till": 1568213999, "groups": { "total": 1,



"list": [ {"id": "20e27d73-d21d-b211-a788-85419c46f0e6", "infections": { "scanned": 93297843, "infected": 52351084, "cured": 11773944, "moved": 11781181, "deleted": 11779308, "renamed": 0, "locked": 0, "errors": 46174597}, "viruses": { "11qp.d8SNO6.17481": 1, "16aE.Il9509.17776": 1, "fZVa.QRwL.16169": 2, "05z9Y.5jZetG": 1, "125F.FtE6OP7.37688": 1, "i5S1.hI2emvT8.76WQs.54360": 2, "0BUG5y.ekHPE.28147": 1, "10Qp.lVZE.ELByVcwf6R.43711": 1, "IO2V2.KpRKF.LZXzuk1ssY": 2, "0T5q.C28VO.5360": 1}, "viruses_info": { "11qp.d8SNO6.17481": { "count": 1, "originator": 37, "stations": 1, "treatment": 2049}, "16aE.Il9509.17776": { "count": 1, "originator": 37, "stations": 1, "treatment": 514}, "fZVa.QRwL.16169": { "count": 2, "originator": 37, "stations": 1, "treatment": 513}, "05z9Y.5jZetG": { "count": 1, "originator": 37, "stations": 1, "treatment": 2049}, "125F.FtE6OP7.37688": { "count": 1, "originator": 37, "stations": 1, "treatment": 1025}, "i5S1.hI2emvT8.76WQs.54360": { "count": 2, "originator": 37, "stations": 1, "treatment": 9}, "0BUG5y.ekHPE.28147": { "count": 1, "originator": 37, "stations": 1, "treatment": 2049},



"10Qp.lVZE.ELByVcwf6R.43711": { "count": 1, "originator": 37, "stations": 1, "treatment": 9}, "IO2V2.KpRKF.LZXzuk1ssY": { "count": 2, "originator": 37, "stations": 1, "treatment": 9}, "0T5q.C28VO.5360": { "count": 1, "originator": 37, "stations": 1, "treatment": 9}}, "name": "Everyone"}}}]}}}



requested.



period_from End date of a period for which statistical data were requested


· The groups block contains information about all groups.




ъ The list array contains information about specific groups.



id Group identifier

name Group name

§ The infections block contains statistics on the infections detected on the group's

stations.













§ The viruses block contains statistics on ll viruses detected on the group's stations. The

fields names correspond to the viruses names, while the values contain the number of

infected objects.

§ The viruses_info block contains statistics on each detected virus.

The viruses_info block elements:






Get statistics on performed actions

Request Parameters


id Group identifier – Required parameter: yes


1324. Groups HandlingGet statistics on performed actions




requested

Accepted format:

YYYYMMDD or

YYYYMMDDHHmmss




returned.



requested

Accepted format:

YYYYMMDD or

YYYYMMDDHHmmss




returned.

Request Example

http://192.168.1.1:9080/api/groups/infections-chart.ds?id=d071625c-d21d-b211-9bc4-bc02713bf843&from=1559314800&till=1559746799


XML Response


srv_version="12.00.0.201909260" status="true"> <infections-chart total="1" period_from="1559314800" period_till="1559746799">

<item time="1559746799">


<cured>0</cured>

<moved>0</moved>



<locked>14</locked>

</item>

<item time="1559401199">


<cured>0</cured>

<moved>0</moved>



<locked>0</locked>

</item>

</infections-chart>

</drweb-es-api>




The <infections-chart /> element contains information on all scan launches for a group.

The <infections-chart /> element attributes:





· The <item /> element contains information on actions performed after a specific station scan.

<item /> element attribute:


time Date and time of scan results transfer by Dr.Web Agent

The <item /> element elements:

Element Description

<infected /> Number of infected objects


<moved /> Number of objects moved to quarantine





JSON Response

{ "head": { "status": true, "timestamp": 1559737436, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}},



"data": { "period_from": "1559314800", "period_till": "1559746799", "chart": { "1559746799": { "infected": 0, "cured": 0, "moved": 10, "deleted": 0, "renamed": 0, "locked": 14}, "1559401199": { "infected": 0, "cured": 0, "moved": 10, "deleted": 0, "renamed": 0, "locked": 0}}}}



requested.





· The chart block contains information units on all scan launch results for a group.

Elements in the chart block:


Date and time of

scan results transfer

by Dr.Web Agent

Statistics on actions performed after a specific station scan:

· infected—number of infected objects,

· cured—number of cured objects,

· moved—number of objects moved to quarantine,

· deleted—number of deleted objects,

· renamed—number of renamed objects,

· locked—number of blocked objects


1354. Groups HandlingSend a Message to Stations of a Group

Send a Message to Stations of a Group

Request Parameters


id Group identifier yes

link-text The {link} macro will be substituted with a string defined in

this parameter

no

link-url Page URL opened when the {link} is clicked no

logo Logo in BMP format (24-bit image in the base64 encoding) no

logo-text Text placed to left of the logo, for example, a company name no

logo-url Logo URL opened when the logo is clicked no

message Text of a message sent to the station.

Message text may contain the {link} macro

yes

Request Example

http://192.168.1.1:9080/api/groups/send-message.ds?message=TEST_MSG&id=1&logo=logo_base64&logo-text=logo-text&logo-url=www.logo.ru&link-text=test%20text&link-url=www.url.ru


XML Response



<station id="203fe068-d21d-b211-ac5b-840701ce1bdd" status="delayed"/>

<station id="50b63369-d21d-b211-ac61-840701ce1bdd" status="delayed"/>

<station id="30fa7468-d21d-b211-ac55-840701ce1bdd" status="delayed"/>

</stations>

</drweb-es-api>




The <stations /> element contains information about all stations to which the message has

been sent.




· The <station /> element contains information about a specific station to which the message

has been sent.




status The state of message sending process. May take the following values:




JSON Response

{ "head": { "status": true, "timestamp": 1558521992, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "total": 3, "list": { "203fe068-d21d-b211-ac5b-840701ce1bdd": "delayed", "50b63369-d21d-b211-ac61-840701ce1bdd": "delayed", "30fa7468-d21d-b211-ac55-840701ce1bdd": "delayed"}}}


The data block contains information on all stations to which the message has been sent.






· The list array contains information about specific stations to which the message has been

sent.




to which the

message has been

sent

The state of message sending process. May take the following values:




Launch of Scanning on Stations of a Group

Request Parameters


action-adware Action on adware detection · ignore,

· delete,


quarantine

no

action-dialers Action on dialers detection no

action-hacktools Action on hacktools detection no

action-incurable-

files

Action when infected object

cannot be cured

· delete,


quarantine

no

action-infected-

archive

Action on infected archives

detection

no

action-infected-

boot

Action on infected boot sectors

detection

· report—send notification

to the Server,

· cure

no


1384. Groups HandlingLaunch of Scanning on Stations of a Group


action-infected-

container

Action on infected files

containers detection

no

action-infected-files Action on infected files

detection

· cure,

· delete,


quarantine

no

action-infected-

mail

Action on infected email files

detection

· ignore,


quarantine

no

action-jokes Action on joke programs

detection

no

action-riskware Action on riskware detection no

action-suspicious-

files

Action on suspicious files

detection

· ignore,

· delete,


quarantine

no


This parameter can be defined

in the request several times to

launch the scan on stations of

several groups at a time.

– yes

reboot Set automatic reboot of a user

computer after the scan is

completed if during the check

infected objects detected and

the cure process requires

reboot of operating system

yes | no no

type Scan type · full—full scan,

· quick—quick scan.

Default is quick.

no



Request Example

http://192.168.1.1:9080/api/groups/start-scanner.ds?id=4


XML Response



<station id="e8702ab1-a176-4aef-8660-f01851fcae80" status="initiated"/>

<station id="1" status="failed"/>

</stations>

</drweb-es-api>


The <stations /> element contains information on a result of scan launch at stations.




· The <station /> element contains information on specific stations on which remote scan was

launched.




status The state of scan remote launch. Can take the following values:






JSON Response

{ "head": { "status": true, "timestamp": 1558522001, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "total": 2, "list": { "e8702ab1-a176-4aef-8660-f01851fcae80": "failed", "1": "initiated"}}}


The data block contains information on a result of scan launch at groups.




· The list block contains information on specific stations on which remote scanning has been

launched.

The list block elements:



which remote scanning

has been launched

The state of scan remote launch. Can take the following values:





1414. Groups HandlingUpdate Components on Stations of a Group

Update Components on Stations of a Group

Request Parameters




update components on stations of several groups at a time.

yes

Request Example

http://192.168.1.1:9080/api/groups/update-components.ds?id=123123123


XML Response



<station id="d071625c-d21d-b211-9bc4-bc02713bf843" status="delayed"/>

<station id="70200e02-d21d-b211-8a39-a00ca2f8be36" status="delayed"/>

<station id="e8702ab1-a176-4aef-8660-f01851fcae80" status="initiated"/>

</stations>

</drweb-es-api>


The <stations /> element contains information on update process launch at a group's stations.



total Total number of stations on which update has been launched

· The <station /> element contains information on specific stations on which components

update has been launched.






status The state of update process. Can take the following values:




JSON Response

{ "head": { "status": true, "timestamp": 1558522006, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "total": 3, "list": { "d071625c-d21d-b211-9bc4-bc02713bf843": "delayed", "70200e02-d21d-b211-8a39-a00ca2f8be36": "delayed", "e8702ab1-a176-4aef-8660-f01851fcae80": "initiated"}}}


The data contains information on all stations on which components update has been launched.




· The list block contains information on specific stations on which components update has

been launched.



The list block elements:



which components

update has been

launched

The state of update process. Can take the following values:




Reboot Stations of a Group

Request Parameters


delay Delay of station reboot in seconds.

If the parameter is not set, then delay is 60 seconds.

no



reboot stations of several groups at a time.

yes

message Message to a user in a free form about the reason of reboot yes

Request Example

http://192.168.1.1:9080/api/groups/reboot.ds?id=4&message=reboot&delay=45


XML Response



<station id="70200e02-d21d-b211-8a39-a00ca2f8be36" status="failed"/>

<station id="2091ada3-ed5e-e611-3392-f0b9022a5484" status="initiated"/>

</stations>

</drweb-es-api>


1444. Groups HandlingReboot Stations of a Group


The <stations /> element contains information on all stations for which reboot has been

requested.




· The <station /> element contains information on specific stations on which reboot has been

requested.




status The state of reboot process. Can take the following values:



JSON Response

{ "head": { "status": true, "timestamp": 1558522021, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "total": 2, "list": { "70200e02-d21d-b211-8a39-a00ca2f8be36": "failed", "2091ada3-ed5e-e611-3392-f0b9022a5484": "initiated"}}}


1454. Groups HandlingReboot Stations of a Group


The data block contains information on all stations for which reboot has been requested.




· The list array contains information on specific stations on which reboot has been requested.



Identifier of station on

which reboot has been

requested

The state of reboot process. Can take the following values:



Get the List of Stations of a Group

Request Parameters



Response contains information on all stations of this group

(without nesting). Information on stations of the Operating

system, Status, or Ungrouped system groups can be provided

in the same way.

yes

page The page number in paged view (may be used to display

information about the large number of stations)

no



no

server-id Server identifier from which the information is requested no


1464. Groups HandlingGet the List of Stations of a Group

Request Example

http://192.168.1.1:9080/api/groups/stations-list.ds?id=1


XML Response



<station id="203fe068-d21d-b211-ac5b-840701ce1bdd" name="203fe068-d21d-b211-ac5b-

840701ce1bdd" last_seen_time="0" last_seen_addr="" state="0" os="0" os_name="unknown"login_addr="" login_mac=""/> <station id="2091ada3-ed5e-e611-3392-f0b9022a5484" name="WIN-7-PRO-SP1-X"

last_seen_time="1489567785" last_seen_addr="tcp://192.168.233.131:49285" state="0"os="35850247" os_name="Windows 7 Professional x64" login_addr="" login_mac=""/> </stations>


</drweb-es-api>


· The <stations /> element contains information on stations included to the specified group.



total Total number of stations included into the specified group

ъ The <station /> element contains information on specific stations of specified group.



id Station ID

name Station name









login_addr Station IP address

login_mac MAC address of the station's network interface

· The <pages /> element contains information on displayed pages.





objects-per-page Number of records on one page

JSON Response

{ "head": { "status": true, "timestamp": 1395731278, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "1023dcd7-d11d-b211-896d-8804c0842edb"}}, "data": { "pages": { "current": 1, "objects_per_page": 100, "total": 1}, "stations": { "total": 3, "list": [ {"id": "203fe068-d21d-b211-ac5b-840701ce1bdd", "last_seen_time": 0, "last_seen_addr": null, "login_addr": null, "login_mac": null, "name": "203fe068-d21d-b211-ac5b-840701ce1bdd", "os_code": 0, "os_name": "unknown", "state": 0}, {"id": "2091ada3-ed5e-e611-3392-f0b9022a5484", "last_seen_time": 1489567785, "last_seen_addr": "tcp://192.168.233.131:49285", "login_addr": null, "login_mac": null, "name": "WIN-7-PRO-SP1-X",



"os_code": 35850247, "os_name": "Windows 7 Professional x64", "state": 0}]}}}








· The stations block contains information on all stations of a requested group.




ъ The list array contains information on specific stations of specified group.






login_addr Station IP address

login_mac MAC address of the station's network interface

name Station name





1494. Groups HandlingGet the Quarantine State

Get the Quarantine State

Request Parameters


from The start of requested period, during which objects are moved

to Quarantine

no

id Identifier of a group to get information on Quarantine objects

on stations of this group

yes

page Number of the page which must be returned in response in

paged view (may be used to display information about the large

number of stations)

no



no

till The end of requested period, during which objects are moved

to Quarantine

no

Request Example

http://192.168.1.1:9080/api/groups/quarantine-objects.ds?id=30cc7eb2-d11d-b211-b695-b80815e63511&from=20190531&till=20190614&page=1&per-page=3


XML Response


srv_version="12.00.0.201909260" status="true"> <group-quarantine items="1" period_from="1559314800" period_till="1560524399">

<item>

<station id="9d09ba10-8c30-11e9-476d-bcdfc107a5ed">T-PC</station>



<file size="226592">C:\Users\tests\Virs_Samples\Adware\dprawex.#l</file>

<hash>0B12DF889C995EAE30FDAA6AEFBCA6896946889D9AE105E9C21359C2F3C48E45</hash>


<virus-info>Adware.Look2me</virus-info>

<object>F165CBF1C530C32147A070211842E753CE9104B4C3A7F1A74FE1B83BF8BDA5F0</object>

<q-time>20190611100719446</q-time>




</item>

</group-quarantine>


</drweb-es-api>


· The <group-quarantine /> element contains information on objects in the Quarantine on

stations of specified group.

The <group-quarantine /> element attributes:


items Total number of objects in Quarantine on all stations of specified group



ъ The <item /> element contains information on specific object in the Quarantine.

§ The <station /> element contains information on specific stations of specified group.



id Identifier of a station information about Quarantine of which is presented in

this <item /> section

The <station /> element value contains the name of a stations information about

Quarantine of which is presented in this section.

§ The <created-time /> element value contains the time when the object was added to the

Quarantine at the Server.

§ The <component /> element contains the code of components which moved the object to

the Quarantine:

Code Component

0 unknown component

1 Dr.Web Scanner

2 SpIDer Guard

3 SpIDer Mail



Code Component

4 SpIDer Gate

5 Quarantine Manager

6 Dr.Web for Kerio

7 Dr.Web for Microsoft Outlook

8 Dr.Web for IBM Lotus Domino

9 Dr.Web for Qbik WinGate

10 Dr.Web for ISA Server

11 Antirootkit module

· The <file /> element contains information on specific file in the Quarantine.

The <file /> element attribute:


size Size of the file in the Quarantine

The <file /> element value contains the full path to the file before moving to the

Quarantine.

· The <hash /> element value contains the object hash code in the SHA256 format.

· The <owner /> element value contains the name of the file owner.

· The <virus-info /> element value contains the name of malware object according to

the Doctor Web company classification.

· The <object /> element value contains the identifier of the object in the Quarantine.

· The <q-time /> element value contains the time when the object was added to the

Quarantine at the station.

· The <infection-type /> element value contains an infection type. Infection type codes:

Code Infection type

1 known infection

2 known infection modification

4 unknown infection

5 adware

6 dialer

7 joke



Code Infection type

8 riskware

9 hacktool

· The <pages /> element contains information on paged view of Quarantine state.



total Total number of pages with information on Quarantine state in paged view

current Number of the current page

objects-per-page Objects count on one page

JSON Response

{ "head": { "status": true, "timestamp": 1560513328, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}}, "data": { "period_from": 1559314800, "period_till": 1560524399, "items": { "total": 1, "list": [ {"component_code": 11, "created_time": 1560247639, "file": "C:\\Users\\tests\\Virs_Samples\\Adware\\dprawex.#l", "file_size": 226592, "hash": "0B12DF889C995EAE30FDAA6AEFBCA6896946889D9AE105E9C21359C2F3C48E45", "infection_type": 5, "object": "F165CBF1C530C32147A070211842E753CE9104B4C3A7F1A74FE1B83BF8BDA5F0", "owner": "tests-pc\\tests:tests-pc\\None", "q_time": 20190611100719446, "station_id": "9d09ba10-8c30-11e9-476d-bcdfc107a5ed", "station_name": "T-PC", "virus_info": "Adware.Look2me"}]}, "pages": { "current": 1, "objects_per_page": 3, "total": 1}}}




The data block contains general information on the request and the blocks with information on

objects in the Quarantine.





· The items block contains information on objects in the Quarantine on stations of specified

group.

The items block elements:


total Total number of objects in Quarantine on all stations of specified group

ъ The list array contains information on specific objects in the Quarantine.



component_code The code of components which moved the object to the Quarantine:


1—Dr.Web Scanner,

2—SpIDer Guard,

3—SpIDer Mail,

4—SpIDer Gate,







11—Antirootkit module

created_time The time when the object was added to the Quarantine at the Server

file Full path to the file before moving to the Quarantine

file_size Size of the file in the Quarantine

hash The object hash code in the SHA256 format




infection_type Infection type:

1—known infection,

2—known infection modification,

4—unknown infection,

5—adware,

6—dialer,

7—joke,

8—riskware,

9—hacktool

object Identifier of the object in the Quarantine

owner Name of the file owner

q_time Time when the object was added to the Quarantine at the station

station_id Identifier of a station which information on Quarantine is presented in this

section

station_name Name of a station which information on Quarantine is presented in this section

virus_info Name of malware object according to the Doctor Web company classification








1554. Groups HandlingGet Location Data of Stations of a Group

Get Location Data of Stations of a Group

Request Parameters


id Group identifier yes

Request Example

http://192.168.1.1:9080/api/groups/geo.ds?id=20e27d73-d21d-b211-a788-85419c46f0e6


XML Response



<station id="999" name="WIN-7-PRO-SP1-X">



<country> </country>

<province></province>

<city></city>

<street></street>

</station>

<station id="998" name="if">



<country>EG</country>

<province>G_region</province>

<city>G_Town</city>

<street>G_avenue</street>

</station>

</stations>

</drweb-es-api>








· The <station /> element contains information about a specific station.



id Station ID

name Station name

Nested elements of the <station /> element:

Element Description



<country /> Country


<city /> City

<street /> Street

JSON Response

{ "head": { "status": true, "timestamp": 1558521987, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "total": 2, "list": [ {"country": " ", "id": "999", "latitude": 0, "longitude": 0, "name": "WIN-7-PRO-SP1-X"}, {"city": "G_Town", "country": "EG",



"id": "998", "latitude": 3333330, "longitude": 3222220, "name": "if", "province": "G_region", "street": "G_avenue"}]}}


The data block contains information on all stations.




· The list array contains information about specific stations of a requested group



city City

country Country

id Station ID

latitude Latitude

longitude Longitude

name Station name

province Province

street Street


1584. Groups HandlingGet Installing Components List for a Group

Get Installing Components List for a Group

Request Parameters




get installing components lists for several groups at a time.

yes

If the group contains stations operating under Windows OS the response document will

include the list of components to be installed on these stations. Otherwise the list will be

empty.

Request Example

http://192.168.1.1:9080/api/groups/components.ds?id=gr1


XML Response



<group id="gr1">


a788-85419c46f0e6" inherited_group_name="Everyone"> <component code="4" name="Dr.Web Scanner for Windows" status="1" />


status="1" /> <component code="38" name="SpIDer Gate for Windows workstations"

status="1" /> <component code="54" name="Dr.Web Office Control" status="1" />

<component code="55" name="Dr.Web Antispam" status="1" />


status="1" /> <component code="58" name="SpIDer Guard for Windows servers" status="1" />

<component code="103" name="Dr.Web plug-in for MS Outlook" status="1" />

<component code="105" name="Dr.Web Firewall" status="1" />

<component code="30" name="Dr.Web Agent for Windows" status="2" />



<component code="37" name="Dr.Web Agent Scanner for Windows" status="2" />

<component code="39" name="Dr.Web Agent for UNIX" status="2" />

</components>

</group>

</groups>

</drweb-es-api>


The <groups /> element contains information on all requested groups.



total Total number of station groups information on which is displayed in response

· The <group /> element contains information on a specific group of stations.



id Group identifier

ъ The <components /> element contains information on all installing components of a

specific group of stations.



total Total number of all components



individually.



value will be none.




· The <component /> contains information about a specific installing component.







status Component status. Can take the following values:

2—the component must be installed,




{ "head": { "status": true, "timestamp": 1550514156, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "70c5f522-aaab-4c93-a180-a442a0da9c2a"}}, "data": { "total": 1, "list": [{ "components": [ {"code": 4, "name": "Dr.Web Scanner for Windows", "status": 1}, {"code": 14, "name": "SpIDer Mail for Windows workstations", "status": 1}, {"code": 38, "name": "SpIDer Gate for Windows workstations", "status": 1}, {"code": 54, "name": "Dr.Web Office Control", "status": 1}, {"code": 55, "name": "Dr.Web Antispam", "status": 1}, {"code": 57, "name": "SpIDer Guard for Windows workstations", "status": 1}, {"code": 58, "name": "SpIDer Guard for Windows servers", "status": 1}, {"code": 103, "name": "Dr.Web plug-in for MS Outlook", "status": 1},



{"code": 105, "name": "Dr.Web Firewall", "status": 1}, {"code": 30, "name": "Dr.Web Agent for Windows", "status": 2}, {"code": 37, "name": "Dr.Web Agent Scanner for Windows", "status": 2}, {"code": 39, "name": "Dr.Web Agent for UNIX", "status": 2}], "group_id": "gr1", "inherited": true, "inherited_group_id": "20e27d73-d21d-b211-a788-85419c46f0e6", "inherited_group_name": "Everyone"}]}}


The data block contains information on stations.



total Total number of station groups information on which is displayed in response

· The list array contains information on specific stations.



group_id Group identifier



individually.



value will be none.




ъ The components array contains information about a specific installing component.








status Component status. Can take the following values:

2—the component must be installed,




1635. Server Handling

5. Server Handling

URL requests

http://<host>:9080/api/server/<script>.ds?

or

https://<host>:9081/api/server/<script>.ds?

Available scripts

Script Description

info.ds Server information

keys.ds Get Information about License Keys

public-key.ds Get Server encryption public keys

repositories-state.ds

repository-products.dsRepository Status

repository-status.ds

update-repositories-status.dsGet Repository Update Process Information

search.ds Search for stations and groups

statistics.ds Get Server statistics on detected threats

summary.ds Get Server summary statistics on stations scan

task.ds

tasks.dsRun a Job

usage.ds Get Server statistics on the level of system resources usage of a

computer and also network interaction with anti-virus network

components and external resources


1645. Server HandlingServer Information

Server Information

Request Parameters

Request does not contain parameters.

Request Example

http://192.168.1.1:9080/api/server/info.ds


XML Response


srv_version="12.00.0.201909260" status="true"> <server-info>

<host>192.168.1.1</host>

<uuid>27671337-e0b0-4f60-aeb0-ab1f2ca47f77</uuid>

<os>Linux</os>

<version>12.00.0.201909260</version>

<api-version>4.3.0</api-version>

<uptime>60</uptime>

<platform>

<![CDATA[Linux 4.15.0-23-generic x86_64; Debian GNU/Linux buster/sid; glibc

2.27]]>

</platform>

<memory>

<total>3944</total>

<free>330</free>

<used-by-server>29</used-by-server>

</memory>

<file-system>

<home-directory path="/opt/drwcs">

<total-space>32392400896</total-space>

<free-space>20352274432</free-space>

</home-directory>

<variable-directory path="/var/opt/drwcs">



</variable-directory>

</file-system>

<groups total="231">

<custom>57</custom>

<system>174</system>

</groups>

<stations total="50">

<activated>1</activated>

<online>0</online>



<available>4294967245</available>

<licensed>4294967295</licensed>

<with_update_errors>0</with_update_errors>

<new>45</new>

<unactivated>45</unactivated>

<deinstalled>0</deinstalled>


<newbies>0</newbies>

<offline>46</offline>

</stations>

</server-info>

</drweb-es-api>


The <server-info /> element contains information about the Server.

· Nested elements of the <server-info /> element:

Element Description

<host /> Server domain name or IP address

<uuid /> Server identifier

<os /> Operating system

<version /> Information on the branch of Server version

<api-version /> Information on the Dr.Web Web API version

<uptime /> Time of uninterrupted operation

<platform /> Platform

· The <memory /> element contains information about the Server memory size.

Nested elements of the <memory /> element:

Element Description

<total /> Total system memory size

<free /> Free memory size

<used-by-server /> Memory size used by the Server



· The <file-system /> element contains information about the Server working directory.

ъ The <home-directory /> and <variable-directory /> contain information about the

available disk space in the working subdirectories.

The <home-directory /> and <variable-directory /> elements attribute:


path Subdirectory path

Nested elements of the <home-directory /> and <variable-directory /> elements:

Element Description

<total-space /> Total disk space (in Megabytes)

<free-space /> Free disk space (in Megabytes)

· The <groups /> element contains information on groups of stations registered at the Server.




Nested elements of the <groups /> element:

Element Description

<custom /> User groups

<system /> System groups

· The <stations /> element contains information on stations registered at the Server.





Element Description

<activated /> Number of activated stations

<online /> Number of online stations

<available /> Number of stations available to register

<licensed /> Limit for stations with activated license



Element Description

<with_update_errors /> Number of stations with errors of antivirus software updates

<new /> Number of new stations with not installed antivirus software

<unactivated /> Number of unactivated stations

<deinstalled /> Number of stations with uninstalled antivirus software

<deleted /> Number of deleted stations

<newbies /> Number of newbies (which request the access to the Server)

<offline /> Number of offline stations

JSON Response

{ "head": { "status": true, "timestamp": 1558522033, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}, "data": { "api_version": "4.3.0", "file_system": { "home_directory": { "free_space": 20359036928, "path": "/opt/drwcs", "total_space": 32392400896}, "variable_directory": { "free_space": 20359036928, "path": "/var/opt/drwcs", "total_space": 32392400896}}, "groups": { "total": 231, "customs": 57, "systems": 174}, "host": "192.168.1.1", "id": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77", "memory": { "free": 314, "total": 3944, "used_by_server": 29}, "os": "Linux", "platform": "Linux 4.15.0-23-generic x86_64; Debian GNU/Linux buster/sid; glibc2.27", "stations": { "activated": 1, "available": 4294967245,



"deinstalled": 0, "deleted": 4, "licensed": 4294967295, "new": 45, "newbies": 0, "offline": 46, "online": 0, "total": 50, "unactivated": 45, "with_update_errors": 0, "uptime": 60, "version": "12.00.0.201909260"}}}


The data block contains general information about the Server.



api_version Information on the Dr.Web Web API version

host Server domain name or IP address

id Server identifier

os Operating system

platform Platform

uptime Time of uninterrupted operation

version Information on the branch of Server version

· The file-system block contains information about the Server working directory.

ъ The home_directory and variable_directory contain information about the available disk

space in the working subdirectories.

The home_directory and variable_directory block elements:


free_space Free disk space (in Megabytes)


total_space Total disk space (in Megabytes)

· The groups block contains information on groups of stations registered at the Server.






customs User groups

systems System groups

· The memory block contains information about the Server memory size.

The memory block elements:


total Total system memory size

free Free memory size

used_by_server Memory size used by the Server

· The stations block contains information on stations registered at the Server.




available Number of stations available to register



licensed Limit for stations with activated license









1705. Server HandlingRepository Status

Repository Status

Request parameters

Requests do not contain parameters.

Request Examples

http://192.168.1.1:9080/api/server/repositories-state.ds

http://192.168.1.1:9080/api/server/repository-products.ds


XML Response


srv_version="12.00.0.201909260" status="true"> <repositories total="14">

<repository code="15-drwappcntrl" modified_time="1020211200"

revision="10020020501000000" size="5502" files="6">Application Control

Bases</repository>

<repository code="80-drwnews" modified_time="1559520000"

revision="12020190603000000" size="23487099" files="1929">Doctor Web News</repository>

<repository code="10-drwbases" modified_time="1559553787"

revision="12020190603092307" size="176738186" files="257">Dr.Web Virus

Bases</repository>

<repository code="20-drwandroid11" modified_time="1020211200"

revision="10020020501000000" size="0" files="0">Dr.Web Agent for Android</repository>

<repository code="70-drwextra" modified_time="1020211200"

revision="10020020501000000" size="37173" files="3">Dr.Web Enterprise

products</repository>

<repository code="20-drwagent" modified_time="1559234698"

revision="12020190530164458" size="98365594" files="377">Dr.Web Agent for

Windows</repository>

<repository code="40-drwproxy" modified_time="1020211200"

revision="10020020501000000" size="0" files="0">Dr.Web Proxy Server</repository>

<repository code="20-drwcs" modified_time="1559520000"

revision="12020190603000000" size="413652649" files="1990">Dr.Web Server</repository>

<repository code="70-drwutils" modified_time="1020211200"

revision="10020020501000000" size="19207" files="2">Dr.Web administrative

utilities</repository>

<repository code="10-drwspamdb" modified_time="1559552909"

revision="12020190603090829" size="2795129" files="17">AntiSpam Bases</repository>

<repository code="10-drwgatedb" modified_time="1559552909"

revision="12020190603090829" size="248326862" files="119">SpIDer Gate Bases</repository>



<repository code="20-drwunix" modified_time="1020211200"

revision="10020020501000000" size="0" files="0">Dr.Web Agent for UNIX</repository>

<repository code="05-drwmeta" modified_time="1559520000"

revision="12020190603000000" size="268067" files="9">Dr.Web Meta

information</repository>

<repository code="10-drwupgrade" modified_time="1559520000"

revision="12020190603000000" size="24125449" files="17">Dr.Web Updater</repository>

</repositories>

</drweb-es-api>


The <repositories /> element contains information on all repository products.

The <repositories /> element attribute:


total Total number of products in the repository

· The <repository /> element contains information about a specific product in the repository.

The <repository /> element attributes:


code Repository code


revision Current revision number

size Revision size in bytes

files Files number in revision

The <repository /> element value is a product name.

JSON Response

{ "head": { "status": true, "timestamp": 1559737588, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}},



"data": { "repositories": { "total": 14, "list": { "05-drwmeta": { "files": 9, "modified_time": 1559520000, "name": "Dr.Web Meta information", "revision": "12020190603000000", "size": 268067, "state": "normal"}, "10-drwbases": { "files": 257, "modified_time": 1559553787, "name": "Dr.Web Virus Bases", "revision": "12020190603092307", "size": 176738186, "state": "normal"}, "10-drwgatedb": { "files": 119, "modified_time": 1559552909, "name": "SpIDer Gate Bases", "revision": "12020190603090829", "size": 248326862, "state": "normal"}, "10-drwspamdb": { "files": 17, "modified_time": 1559552909, "name": "AntiSpam Bases", "revision": "12020190603090829", "size": 2795129, "state": "normal"}, "10-drwupgrade": { "files": 17, "modified_time": 1559520000, "name": "Dr.Web Updater", "revision": "12020190603000000", "size": 24125449, "state": "normal"}, "15-drwappcntrl": { "files": 6, "modified_time": 1020211200, "name": "Application Control Bases", "revision": "10020020501000000", "size": 5502, "state": "disabled"}, "20-drwagent": { "files": 377, "modified_time": 1559234698, "name": "Dr.Web Agent for Windows", "revision": "12020190530164458", "size": 98365594, "state": "normal"}, "20-drwandroid11": { "files": 0, "modified_time": 1020211200, "name": "Dr.Web Agent for Android", "revision": "10020020501000000", "size": 0, "state": "normal"},



"20-drwcs": { "files": 1990, "modified_time": 1559520000, "name": "Dr.Web Server", "revision": "12020190603000000", "size": 413652649, "state": "normal"}, "20-drwunix": { "files": 0, "modified_time": 1020211200, "name": "Dr.Web Agent for UNIX", "revision": "10020020501000000", "size": 0, "state": "normal"}, "40-drwproxy": { "files": 0, "modified_time": 1020211200, "name": "Dr.Web Proxy Server", "revision": "10020020501000000", "size": 0, "state": "normal"}, "70-drwextra": { "files": 3, "modified_time": 1020211200, "name": "Dr.Web Enterprise products", "revision": "10020020501000000", "size": 37173, "state": "disabled"}, "70-drwutils": { "files": 2, "modified_time": 1020211200, "name": "Dr.Web administrative utilities", "revision": "10020020501000000", "size": 19207, "state": "disabled"}, "80-drwnews": { "files": 1929, "modified_time": 1559520000, "name": "Doctor Web News", "revision": "12020190603000000", "size": 23487099, "state": "normal"}}}}}


The repositories block contains information on all products in the repository.

The repositories block element:


total Total number of products in the repository

· The list array contains information about specific products, nested blocks names

corresponding the product codes in the repository.





name Repository name


revision Current revision number



state Product update status. May take the following values:

· normal—the product is updated successfully,

· frozen—the product update is frozen,

· disabled—the product update is disabled.

Get Repository Update Information

Request parameters

Requests do not contain parameters.

Request Examples

http://192.168.1.1:9080/api/server/repository-status.ds

http://192.168.1.1:9080/api/server/update-repositories-status.ds


XML Response


srv_version="12.00.0.201909260" status="true"> <status>ready</status>

</drweb-es-api>


1755. Server HandlingGet Repository Update Information


The <status /> element contains information about the process of products update in the

repository. May take the following values:

· ready—the repository is ready for updating,

· updating—the repository update process is initiated.

JSON Response

{ "head": { "status": true, "timestamp": 1559737648, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}}, "data": { "status": "ready"}}


The data block contains information about the process of products update in the repository.



status Repository update status. May take the following values:

· ready—the repository is ready for updating,

· updating—the repository update process is initiated.


1765. Server HandlingGet Server statistics on detected threats

Get Server statistics on detected threats

Request Parameters




requested

Accepted format:

YYYYMMDD or

YYYYMMDDHHmmss




returned.



requested

Accepted format:

YYYYMMDD or

YYYYMMDDHHmmss




returned.

top-viruses Virus top yes | no Required parameter: no.



the virus top


The default value is 10; the

parameter will be ignored if

top-viruses=no.

Request Example

http://192.168.1.1:9080/api/server/statistics.ds?virtop=100&top-viruses=yes&from=1567285200&till=1569877199




srv_version="12.00.0.201909260" status="true"> <server-statistics period_from="1567285200" period_till="1569877199">


<modifications>0</modifications>

<suspicious>1</suspicious>

<activities>0</activities>

<cured>0</cured>

<moved>7</moved>





<locked>0</locked>

<errors>7</errors>

</infections>

<viruses>

<virus name="HLLP.Setart.19919" stations="1" originator=57"


<virus name="EICAR Test File (NOT a Virus!)" stations="1" originator=57"


<virus name="Dialer.Adultparty" stations="1" originator=57"


<virus name="Adware.Dudu" stations="1" originator=57"


<virus name="Program.2Spy" stations="1" originator=4" treatment=1">2</virus>

</viruses>

</server-statistics>

<stations></stations>

</drweb-es-api>


The <server-statistics /> element contains information on the Server statistic.

The <server-statistics /> element attributes:


period_from Start date of a period to display statistic data

period_till End date of a period to display statistic data

· The <infections /> element contains statistics on detected objects actions.



scanned Total number of scanned objects

total Total number of detected infections


Element Description

<modifications /> Number of objects infected with virus modifications

<suspicious /> Number of suspicious objects

<activities /> Number of malicious actions




Element Description






Value of these elements is the number of objects under which corresponding action is

performed.

· The <viruses /> element contains statistics on all detected viruses.

ъ The <virus /> element contains information about a specific virus. The <virus /> element

value is the number of objects infected by this virus.



name Virus name





{ "head": { "status": true, "timestamp": 1569834553, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "99e24f80-e35d-11e9-64e2-b45638e9b982"}}, "data": { "period_till": 1569877199, "period_from": 1567285200, "infections": { "scanned": 72, "infected": 16 , "modifications": 0, "suspicious": 1, "activities": 0, "cured": 0,



"moved": 7, "deleted": 0, "renamed": 0, "locked": 0, "errors": 7}, "viruses": { "Dialer.Adultparty": 1, "HLLP.Setart.19919": 1, "Adware.Dudu": 1, "Program.2Spy": 2, "EICAR Test File (NOT a Virus!)": 1}, "viruses_info": { "Dialer.Adultparty": { "count": 1, "originator": 57, "stations": 1, "treatment": 1049605}, "HLLP.Setart.19919": { "count": 1, "originator": 57, "stations": 1, "treatment": 9}, "Adware.Dudu": { "count": 1, "originator": 57, "stations": 1, "treatment": 1049605}, "Program.2Spy": { "count": 2, "originator": 4 , "stations": 1, "treatment": 1}, "EICAR Test File (NOT a Virus!)": { "count": 1, "originator": 57, "stations": 1, "treatment": 1049605}}}}


The data block contains general information about the request and the blocks with the statistics

requested.



period_from End date of a period for which statistical data were requested


· The infections block contains statistics on detected objects actions.







modifications Number of objects infected with virus modifications

suspicious Number of suspicious objects

activities Number of malicious actions







· The viruses block contains statistics on all detected viruses. The fields names correspond to

the viruses names, while the values contain the number of infected objects.

· The viruses_info block contains statistics on each detected virus.

ъ Elements of a block with the detected virus name:







1815. Server HandlingRun a Job

Run a Job

Request Parameters


action Action under a newbie

station

· approve—approve the access of the

stations to the Server,

· cancelonconnect—cancel an

action specified to execute at the next

connection of a station to the Server,

· reject—reject the station

no

group Group to which a newbie

station will be added

– no

id Identifier of a newbie

station

– no

task-id Job identifier · newbies—set the action under the

newbie stations.

· update_repositories initiates

updating of the Server repository

yes

The action, group and id parameters are set only if task-id=newbies.

If the action parameter is set to approve, the group parameters must be specified.

Request Examples

1. For task-id=newbies:

http://192.168.1.1:9080/api/server/task.ds?task-id=newbies&action=approve&group=_notfound_&id=001

http://192.168.1.1:9080/api/server/tasks.ds?task-id=newbies&action=approve&group=_notfound_&id=001

2. For task-id=update_repositories:

http://192.168.1.1:9080/api/server/task.ds?task-id=update_repositories

http://192.168.1.1:9080/api/server/tasks.ds?task-id=update_repositories



In Server repository update has already been initiated, the request task-

id=update_repositories will return the success status.


XML Response

1. For task-id=newbies:


srv_version="12.00.0.201909260" status="true"> <task id="newbies" status="failed" message="Group is not found"/>

</drweb-es-api>

2. For task-id=update_repositories:


srv_version="12.00.0.201909260" status="true"> <task id="update_repositories" status="failed" message="Not enough privileges to

perform the operation"/></drweb-es-api>


The <task /> element contains information on requested job.

The <task /> element attributes:


id Job identifier. Can take the following values:

· newbies—set an action under the newbie station.

· update_repositories—the job to update the Server repository.

status Job execution state:

· success—job successfully executed,

· failed—job failed.

message Message on error occurred during job execution. If the job completed

successfully, the message attribute contains the empty message string.



JSON Response

1. For task-id=newbies

{ "head": { "status": true, "timestamp": 1558522034, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "task": { "id": "newbies", "message": "Group is not found", "status": "failed"}}}

2. For task-id=update_repositories

{ "head": { "status": true, "timestamp": 1558522034, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "1023dcd7-d11d-b211-896d-8804c0842edb"}}, "data": { "task": { "id": "update_repositories", "message": "Not enough privileges to perform the operation", "status": "failed"}}}


The task block contains information on requested job.

The task block elements:


id Job identifier. Can take the following values:

· newbies—set an action under the newbie station.

· update_repositories—the job to update the Server repository.

message Message on error occurred during job execution. If the job completed

successfully, the message element contains the empty message string.




status Job execution state:

· success—job successfully executed,

· failed—job failed.

Get Server Encryption Public Keys

Request Parameters


Request Example

http://192.168.1.1:9080/api/server/public-key.ds


XML Response


srv_version="12.00.0.201909260" status="true"> <keys>

<key id="f001bf9c-7149-40db-b104-0227ae882b66" active="true">

<value>

<![CDATA[1234567890ABCDEFGHIJKLMNOPQRSTVUWXYZ1234567890ABCD]]>

</value>

<file>

<![CDATA[; Dr.Web (R) Public key file

; Do not edit!

f001bf9c-7149-40db-b104-0227ae882b66

1234567890ABCDEFGHIJKLMNOPQRSTVUWXYZ1234567890ABCD

; ***EOF***]]>

</file>

</key>

</keys>

</drweb-es-api>


1855. Server HandlingGet Server Encryption Public Keys


The <keys /> element contains information on all public encryption keys of the Server.

· The <key /> element contains information on a specific public encryption key.

The <key /> element attributes:


id Identifier of a public encryption key

active Activity of a public encryption key:

· true—the key is currently active,

· false—the key is inactive

The <key /> nested elements:

Element Description

<value /> the public encryption key itself

<file /> Content of the public encryption key file

JSON Response

{ "head": { "status": true, "timestamp": 1558522034, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "keys": [ {"active": true, "file": "; Dr.Web (R) Public key file\n ; Do not edit!\f001bf9c-7149-40db-b104-0227ae882b66\n 1234567890ABCDEFGHIJKLMNOPQRSTVUWXYZ1234567890ABCD\n ; ***EOF***\n", "uuid": "f001bf9c-7149-40db-b104-0227ae882b66", "value": "1234567890ABCDEFGHIJKLMNOPQRSTVUWXYZ1234567890ABCD"}]}}


The keys array contains information on all public encryption keys of the Server.


1865. Server HandlingGet Server Encryption Public Keys

The keys array objects elements:


active Activity of a public encryption key:

· true—the key is currently active,

· false—the key is inactive

file full content of the public encryption key file

uuid Identifier of a public encryption key

value the public encryption key itself

Search for Stations and Groups

Request Parameters


groups Search by

groups



query Search string – Required parameter: yes.

The script searches for matches in the identifier, name

and description string of an object and in the identifiers

of users.

stations Search by

stations



Request Example

http://192.168.1.1:9080/api/server/search.ds?query=1&groups=yes&stations=yes



1875. Server HandlingSearch for Stations and Groups

XML Response



<group id="20e27d73-d21d-b211-a788-85419c46f0e6" name="Everyone" description="All

stations" parent_id="" parent_name="" child_groups="0" stations="2"/> <group id="10f58fa7-ffa6-4e85-ba4a-f67f44455a75"

name="GroupAfterAddGroupFunctional3" description="" parent_id="ParentGroupForAGF5"parent_name="ParentGroupForAGF5" child_groups="0" stations="0"/> </groups>


<station id="StationForChangeStationFunctional1"

name="StationForChangeStationFunctional1" parent_id="20e27d73-d21d-b211-a788-85419c46f0e6" parent_name="Everyone" description="StationForChangeStationFunctional 1"last_seen_time="0" last_seen_addr="" user-id=""/> <station id="2091ada3-ed5e-e611-3392-f0b9022a5484" name="WIN-7-PRO-SP1-X"

parent_id="20e27d73-d21d-b211-a788-85419c46f0e6" parent_name="Everyone" description=""last_seen_time="1489567785" last_seen_addr="tcp://192.168.1.2:49285" user-id=""/> </stations>

</drweb-es-api>


· The <groups /> element contains information on all groups that are corresponded the search

request.



total Total number of groups that are corresponded the search request

ъ The <group /> element contains information on specific group that is corresponded the

search request.



id Group identifier

name Group name

description Description string




stations Number of stations included into this group



· The <stations /> element contains information on all stations that are corresponded the

search request.




ъ The <station /> element contains information on specific station that is corresponded the

search request.



id Station ID

name Station name

parent_id Identifier of a primary group

parent_name Name of a primary group


last_seen_time Time of a last connection of a station to the Server


user-id User identifier

JSON Response

{ "head": { "status": true, "timestamp": 1558522035, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "groups": { "total": 2, "list": [ {"child_groups": 0, "description": "All stations", "id": "20e27d73-d21d-b211-a788-85419c46f0e6", "name": "Everyone", "parent_id": null, "parent_name": null, "stations": 2},



{"child_groups": 0, "description": null, "id": "10f58fa7-ffa6-4e85-ba4a-f67f44455a75", "name": "GroupAfterAddGroupFunctional3", "parent_id": "ParentGroupForAGF5", "parent_name": "ParentGroupForAGF5", "stations": 0}]}, "stations": { "total": 2, "list": [ {"description": "StationForChangeStationFunctional 1", "id": "StationForChangeStationFunctional1", "last_seen_addr": null, "last_seen_at": 0, "name": "StationForChangeStationFunctional1", "parent_id": "20e27d73-d21d-b211-a788-85419c46f0e6", "parent_name": "Everyone"} {"description": null, "id": "2091ada3-ed5e-e611-3392-f0b9022a5484", "last_seen_addr": "tcp://192.168.233.131:49285", "last_seen_at": 1489567785, "name": "WIN-7-PRO-SP1-X", "parent_id": "20e27d73-d21d-b211-a788-85419c46f0e6", "parent_name": "Everyone"}]}}}


· The groups block contains information on all groups that are corresponded the search

request.



total Total number of groups that are corresponded the search request

ъ The list array contains information about specific groups.





id Group identifier

name Group name



stations Number of stations included into this group



· The stations block contains information on all stations that are corresponded the search

request.



total Total number of stations that are corresponded the search request







last_seen_time Time of a last connection of a station to the Server

name Station name

parent_id Identifier of a primary group

parent_name Name of a primary group

Get Information about License Keys

Request Parameters


Request Example

http://192.168.1.1:9080/api/server/keys.ds



1915. Server HandlingGet Information about License Keys

XML Response


srv_version="12.00.0.201909260" status="true"> <keys>

<key id="abc123de4fghij56" user="Dr.Web" created="1544783466" expires="1576492266"

activation="1544783466" clients="4294967295"/> </keys>

</drweb-es-api>


The <keys /> element contains information on all license keys used by this Server.

· The <key /> element contains information on a specific license key.




user User identifier

created Key creation date

expires License expiration date

activation License activation date

clients Number of clients

JSON Response

{ "head": { "status": true, "timestamp": 1560856513, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}}, "data": { "keys": [ {"activation": 1544783466, "clients": 4294967295, "created": 1544783466, "expires": 1576492266,


1925. Server HandlingGet Information about License Keys

"id": "daa669be6fdbca01", "user_name": "Dr.Web"}]}}


The keys block contains information on all license keys used by this Server.



activation License activation date

clients Number of clients

created Key creation date



user_name User identifier

Get Server Statistics on Stations Scan

Request Parameters


Request Example

http://192.168.1.1:9080/api/server/summary.ds


XML Response


srv_version="12.00.0.201909260" status="true"> <server-summary>

<host>192.168.1.1</host>

<uuid>27671337-e0b0-4f60-aeb0-ab1f2ca47f77</uuid>


1935. Server HandlingGet Server Statistics on Stations Scan

<os>Linux</os>

<version>12.00.0.201909260</version>

<api_version>4.3.0</api_version>

<uptime>60</uptime>

<platform>

<![CDATA[Linux 4.15.0-23-generic x86_64; Debian GNU/Linux buster/sid; glibc

2.27]]>

</platform>

<memory>

<total>3944</total>

<free>328</free>


</memory>

<file-system>

<home-directory path="/opt/drwcs">



</home-directory>

<variable-directory path="/var/opt/drwcs">



</variable-directory>

</file-system>

<groups total="231">

<custom>57</custom>

<system>174</system>

</groups>


<activated>1</activated>

<online>0</online>

<available>4294967245</available>

<licensed>4294967295</licensed>

<with_update_errors>0</with_update_errors>

<new>45</new>

<unactivated>45</unactivated>

<deinstalled>0</deinstalled>


<newbies>0</newbies>

<offline>46</offline>

</stations>

<keys>

<key id="daa669be6fdbca01" user="Dr.Web" expires="1576492266">

</keys>

<repository>

<product code="20-drwagent" name="Dr.Web Agent for Windows"

modified_time="1558694129" revision="12020190524103529" size="98140163" files="376"state="normal"/> <product code="10-drwspamdb" name="AntiSpam Bases" modified_time="1559032659"

revision="12020190528083739" size="2790558" files="17" state="normal"/> <product code="10-drwbases" name="Dr.Web Virus Bases"

modified_time="1559031502" revision="12020190528081822" size="176280787" files="257"state="normal"/> <product code="20-drwunix" name="Dr.Web Agent for UNIX"

modified_time="1020211200" revision="10020020501000000" size="0" files="0"state="normal"/>



<product code="10-drwgatedb" name="SpIDer Gate Bases"

modified_time="1559034443" revision="12020190528090723" size="248129729" files="119"state="normal"/> <product code="10-drwupgrade" name="Dr.Web Updater" modified_time="1559001600"

revision="12020190528000000" size="24099022" files="17" state="normal"/> <product code="80-drwnews" name="Doctor Web News" modified_time="1559001600"

revision="12020190528000000" size="23461777" files="1929" state="normal"/> <product code="20-drwcs" name="Dr.Web Server" modified_time="1559001600"

revision="12020190528000000" size="402800242" files="1992" state="normal"/> <product code="70-drwutils" name="Dr.Web administrative utilities"

modified_time="1020211200" revision="10020020501000000" size="13340" files="1"state="disabled"/> <product code="70-drwextra" name="Dr.Web Enterprise products"

modified_time="1020211200" revision="10020020501000000" size="31215" files="2"state="disabled"/> <product code="15-drwappcntrl" name="Application Control Bases"

modified_time="1020211200" revision="10020020501000000" size="11596" files="6"state="disabled"/> <product code="05-drwmeta" name="Dr.Web Meta information"

modified_time="1559001600" revision="12020190528000000" size="256131" files="7"state="normal"/> <product code="40-drwproxy" name="Dr.Web Proxy Server"

modified_time="1020211200" revision="10020020501000000" size="0" files="0"state="normal"/> <product code="20-drwandroid11" name="Dr.Web Agent for Android"

modified_time="1020211200" revision="10020020501000000" size="0" files="0"state="normal"/> </repository>

</server-summary>

</drweb-es-api>


The <server-summary /> element contains information about the Server.

Nested elements of the <server-summary /> element:

Element Description

<host /> Server domain name or IP address

<uuid /> Server identifier

<os /> Operating system

<uptime /> Time of uninterrupted operation

<platform /> Platform

<version /> Information on the branch of Server version

<api_version /> Information on the Dr.Web Web API version

· The <memory /> element contains information about the Server memory size.




Element Description

<total /> Total system memory size

<free /> Free memory size

<used-by-server /> Memory size used by the Server

· The <file-system /> element contains information about the Server working directory.

ъ The <home-directory /> and <variable-directory /> contain information about the

available disk space in the working subdirectories.

The <home-directory /> and <variable-directory /> elements attribute:



Nested elements of the <home-directory /> and <variable-directory /> elements:

Element Description

<total-space /> Total disk space (in Megabytes)

<free-space /> Free disk space (in Megabytes)

· The <groups /> element contains information on groups of stations registered at the Server.




Nested elements of the <groups /> element:

Element Description

<custom /> User groups

<system /> System groups

· The <stations /> element contains information on stations registered at the Server.







Element Description

<activated /> Number of activated stations

<online /> Number of online stations

<available /> Number of stations available to register

<licensed /> Limit for stations with activated license

<with_update_errors /> Number of stations with errors of antivirus software updates

<new /> Number of new stations with not installed antivirus software

<unactivated /> Number of unactivated stations

<deinstalled /> Number of stations with uninstalled antivirus software

<deleted /> Number of deleted stations

<newbies /> Number of newbies (which request the access to the Server)

<offline /> Number of offline stations

· The <keys /> element contains information about license keys on the Server.

ъ The <key /> element of the <keys /> element contains information on a specific license

key.




user User identifier


· The <repository /> element contains information about a repository status. The <product />

element contain information on a specific product.

The <product /> element attributes:


code Product code

name Product name

modified_time The date of last update in the Unix timestamp format











JSON Response

{ "head": { "status": true, "timestamp": 1558522035, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "api_version": "4.3.0", "host": "192.168.1.1", "id": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77", "file_system": { "home_directory": { "free_space": 20358995968, "path": "/opt/drwcs", "total_space": 32392400896}, "var_dir": { "free_space": 20358995968, "path": "/var/opt/drwcs", "total_space": 32392400896}}, "groups": { "customs": 57, "systems": 174, "total": 231}, "keys": [{ "expires": 1576492266, "id": "daa669be6fdbca01", "user_name": "Dr.Web"}], "memory": { "total": 311, "free": 3944, "used_by_server": 29}, "os": "Linux", "platform": "Linux 4.15.0-23-generic x86_64; Debian GNU/Linux buster/sid; glibc2.27",



"repository": { "products": { "05-drwmeta": { "files": 7, "modified_time": 1557878400, "name": "Dr.Web Meta information", "revision": "12020190515000000", "size": 256131, "state": "normal"}, "10-drwbases": { "files": 257, "modified_time": 1557947246, "name": "Dr.Web Virus Bases", "revision": "12020190515190726", "size": 177296553, "state": "normal"}, "10-drwgatedb": { "files": 119, "modified_time": 1557947551, "name": "SpIDer Gate Bases", "revision": "12020190515191231", "size": 247281865, "state": "normal"}, "10-drwspamdb": { "files": 17, "modified_time": 1557909561, "name": "AntiSpam Bases", "revision": "12020190515083921", "size": 2874094, "state": "normal"}, "10-drwupgrade": { "files": 17, "modified_time": 1557878400, "name": "Dr.Web Updater", "revision": "12020190515000000", "size": 24131358, "state": "normal"}, "15-drwappcntrl": { "files": 6, "modified_time": 1020211200, "name": "Application Control Bases", "revision": "10020020501000000", "size": 11596, "state": "disabled"}, "20-drwagent": { "files": 376, "modified_time": 1557860828, "name": "Dr.Web Agent for Windows", "revision": "12020190514190708", "size": 98154454, "state": "normal"}, "20-drwandroid11": { "files": 0, "modified_time": 1020211200, "name": "Dr.Web Agent for Android", "revision": "10020020501000000", "size": 0, "state": "normal"}, "20-drwcs": { "files": 1991, "modified_time": 1557878400,



"name": "Dr.Web Server", "revision": "12020190515000000", "size": 401346488, "state": "normal"}, "20-drwunix": { "files": 0, "modified_time": 1020211200, "name": "Dr.Web Agent for UNIX", "revision": "10020020501000000", "size": 0, "state": "normal"}, "40-drwproxy": { "files": 0, "modified_time": 1020211200, "name": "Dr.Web Proxy Server", "revision": "10020020501000000", "size": 0, "state": "normal"}, "70-drwextra": { "files": 2, "modified_time": 1020211200, "name": "Dr.Web Enterprise products", "revision": "10020020501000000", "size": 31175, "state": "disabled"}, "70-drwutils": { "files": 1, "modified_time": 1020211200, "name": "Dr.Web administrative utilities", "revision": "10020020501000000", "size": 13340, "state": "disabled"}, "80-drwnews": { "files": 1924, "modified_time": 1557878400, "name": "Doctor Web News", "revision": "12020190515000000", "size": 23583584, "state": "normal"}}}, "stations": { "activated": 1, "available": 4294967245, "deinstalled": 0, "deleted": 4 , "licensed": 4294967245, "new": 45, "newbies": 0, "offline": 46, "online": 0, "total": 50, "unactivated": 45, "with_update_errors": 0}, "uptime": 60, "version": "12.00.0.201909260"}}




The data block contains general information about the Server.



api_version Information on the Dr.Web Web API version

host Server domain name or IP address

id Server identifier

os Operating system

platform Platform

uptime Time of uninterrupted operation

version Information on the branch of Server version

· The file_system block contains information about the Server working directory.

ъ The home_directory and variable_directory contain information about the available disk

space in the working subdirectories.

The home_directory and variable_directory block elements:


free_space Free disk space (in Megabytes)


total_space Total disk space (in Megabytes)

· The groups block contains information on groups of stations registered at the Server.



customs User groups

systems System groups


· The keys block contains information on all license keys used by this Server.







user_name User identifier

· The memory block contains information about the Server memory size.



free Free memory size

total Total system memory size

used_by_server Memory size used by the Server

· The repositories block contains information on the products in the repository.

ъ The products blocks contains information about specific products, nested blocks names

corresponding the product codes in the repository.

Elements in the products blocks:



modified_time The date of last update in the Unix timestamp format

name Product name







· The stations block contains information on stations registered at the Server.







available Number of stations available to register



licensed Limit for stations with activated license








Get Server Statistics on Resources Usage

Request Parameters


Request Example

http://192.168.1.1:9080/api/server/usage.ds


XML Response


srv_version="12.00.0.201909260" status="true"> <usage>

<alert total="0" size="0" failed="0" sent="0"/>

<client agents="0" consoles="0" installs="0" links="0" newbies="0" proxies="0"/>

<cluster bytes_in="0" bytes_out="0" messages_in="0" messages_out="0"/>


2035. Server HandlingGet Server Statistics on Resources Usage

<connections total="1" current="0" maximum="1"/>

<vm context_switches="98688" cpu_kernel="455193400" cpu_user="2568140100"

page_faults="34240" read_cnt="0" write_cnt="1504624" threads="36"virtual_memory="389767168" working_set="93057024"/> <db rows_read="542526" rows_written="51448" statements_fail="0"

statements_ok="93240" transactions_rolledback="1" transactions_comitted="50800"/> <repository bytes_in="0" bytes_out="0" files_added="0" files_deleted="0"

files_replaced="0" http_fail="0" http_ok="0"/> <cache>

<dns hit="0" missed="0" size="0"/>

<file hit="1136" max_msize="249" max_vsize="249" vsize="249" missed="1"

msize="249"/> <mcastupdate bytes_in="0" bytes_out="0" packets_in="0" packets_out="0"/>

<repository hit="619" max_msize="3605106" max_vsize="3615410" missed="0"

msize="3605106" vsize="3605106"/> </cache>

<load-average>

<load1>0.88</load1>

<load5>0.57</load5>

<load15>0.27</load15>

</load-average>

<memory>

<total>3944</total>

<free>328</free>


</memory>

<fd>

<opened>90</opened>

<soft-limit>131170</soft-limit>

<hard-limit>131170</hard-limit>

</fd>

</usage>

</drweb-es-api>


The <usage /> element contains information on utilizing Server resources.

· The <alert /> element contains information on the Server notifications.

The <alert /> element attributes:


total Total number of generated notifications

size Total size of generated notifications

failed Number of unsent notifications

sent Number of successfully sent notifications

· The <client /> element contains information on the clients connected to the Server.



The <client /> element attributes:


agents Number of connected Agents

consoles Number of connected Control Centers

installs Number of the Agent installations currently running

links Number of connected neighbor Servers

newbies Number of newbies

proxies Number of proxy servers

· The <cluster /> element contains information on the Servers cluster.

The <cluster /> element attributes:


bytes_in Number of received data in bytes

bytes_out Number of sent data in bytes

messages_in Number of received messages

messages_out Number of sent messages

· The <connections /> element contains information on the Server network connections.

The <connections /> element attributes:


total Total number of allowed connections

current Number of active connections at the moment

maximum Fixed maximum of simultaneous connections

· The <vm /> element contains information on a usage of system resources on the computer

with the Server installed.

The <vm /> element attributes:


context_switches Number of context switches

cpu_kernel CPU operation time in the kernel mode

cpu_user CPU operation time in the user mode




page_faults Number of page faults

read_cnt Number of memory read

write_cnt Number of memory write

virtual_memory Virtual memory currently allocated to the Server

threads Number of running threads

working_set Working set

· The <db /> element contains information on the Server database usage.

The <db /> element attributes:


rows_read Number of read rows

rows_written Number of written rows

statements_fail Number of failed statements

statements_ok Number of succeeded statements

transactions_rolledback Number of rolled back transactions

transactions_comitted Number of committed transactions

· The <repository /> element contains information on the Server repository.





files_added Number of new files added

files_deleted Number of deleted files

files_replaced Number of replaced files

http_fail Number of failed HTTP requests

http_ok Number of succeeded HTTP requests

· The <cache /> element contains information on a cache usage.

ъ The <dns /> element contains information on DNS cache usage.



The <dns /> element attributes:


hit Number of cache hits

missed Number of cache misses

size Current cache size

ъ The <file /> element contains information on usage of the file cache.

The <file /> element attributes:



max_msize Maximum cache size

max_vsize Maximum virtual cache size

vsize Virtual cache size


msize Current cache size

ъ The <mcastupdate /> element contains information on cache usage during multicast

updates.

The <mcastupdate /> element attributes:




packets_in Number of received packages

packets_out Number of sent packages

ъ The <repository /> element contains information on repository cache usage.












· The <load-average /> element contains average load of a system for a certain period.

Nested elements of the <load-average /> element:

Element Description

<load1 /> Percentage of system load for 1 minute

<load5 /> Percentage of system load for 5 minutes

<load15 /> Percentage of system load for 15 minutes

Average system load value is calculated for UNIX-based systems only. For Windows OS the

"-1" value is returned.

· The <memory /> element contains information on operative memory of the computer on which

the Server is installed.


Element Description

<total /> Total amount of operative memory

<free /> Amount of free operative memory

<used-by-server /> Amount of operative memory used by the Server

· The <fd /> element contains information about all open files on the Server.

The <fd /> element elements:

Element Description

<opened /> Number of open files on the Server

<soft-limit /> Recommended open file number limit

<hard-limit /> Strict open file number limit

An open file number limit is relevant for UNIX-based systems only.



JSON Response

{ "head": { "status": true, "timestamp": 1558522035, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.10.126", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "usage": { "alert": { "failed": 0, "sent": 0, "size": 0, "total": 0}, "cache": { "dns": { "hit": 0, "missed": 0}, "size": 0}, "file": { "hit": 1136, "max_msize": 249, "max_vsize": 249, "missed": 1, "msize": 249, "vsize": 249}, "mcastupdate": { "bytes_in": 0, "bytes_out": 0, "packets_in": 0, "packets_out": 0}, "repository": { "hit": 619, "max_msize": 3605106, "max_vsize": 3615410, "missed": 0, "msize": 3605106, "vsize": 3605106}}, "client": { "agents": 0, "consoles": 0, "installs": 0, "links": 0, "newbies": 0, "proxies": 0}, "cluster": { "bytes_in": 0, "bytes_out": 0, "messages_in": 0, "messages_out": 0}, "connect": { "current": 0,



"maximum": 1, "total": 1}, "db": { "rows_read": 543261, "rows_written": 51448, "statements_fail": 0, "statements_ok": 93305, "transactions_comitted": 50865, "transactions_rolledback": 1}, "fd": { "hard_limit": 131170, "opened": 97, "soft_limit": 131170}, "load_average": { "load1": 1.12, "load15": 0.35, "load5": 0.72}, "memory": { "free": 311, "total": 3944, "used_by_server": 29}, "repository": { "bytes_in": 0, "bytes_out": 0, "files_added": 0, "files_deleted": 0, "files_replaced": 0, "http_fail": 0, "http_ok": 0}, "vm": { "context_switches": 98105, "cpu_kernel": 552177500, "cpu_user": 2671634000, "page_faults": 35579, "read_cnt": 0, "threads": 36, "virtual_memory": 384000000, "working_set": 94928896, "write_cnt": 1502632}}}}


The usage block contains information on utilizing Server resources.

· The alert block contains information on the Server notifications.

The alert block elements:


failed Number of unsent notifications

sent Number of successfully sent notifications

size Total size of generated notifications




total Total number of generated notifications

· The cache block contains information on a cache usage.

ъ The dns block contains information on DNS cache usage.

The dns block elements:




size Current cache size

ъ The file block contains information on usage of the file cache.

The file block elements:








ъ The mcastupdate block contains information on cache usage during multicast updates.

The mcastupdate block elements:




packets_in Number of received packages

packets_out Number of sent packages

ъ The repository block included into the cache block, contains information on repository

cache usage.



The repository block elements:








· The client block contains information on the clients connected to the Server.

The client block elements:


agents Number of connected Agents

consoles Number of connected Control Centers

installs Number of the Agent installations currently running

links Number of connected neighbor Servers

newbies Number of newbies

proxies Number of proxy servers

· The cluster block contains information on the Servers cluster.

The cluster block elements:




messages_in Number of received messages

messages_out Number of sent messages

· The connect block contains information on the Server network connections.



The connect block elements:


current Number of active connections at the moment

maximum Fixed maximum of simultaneous connections

total Total number of allowed connections

· The db block contains information on the Server database usage.

The db block elements:


rows_read Number of read rows

rows_written Number of written rows

statements_fail Number of failed statements

statements_ok Number of succeeded statements

transactions_comitted Number of committed transactions

transactions_rolledback Number of rolled back transactions

· The fd block contains information about all open files on the Server.

The fd block elements:


hard_limit Strict open file number limit

opened Number of open files on the Server

soft_limit Recommended open file number limit

An open file number limit is relevant for UNIX-based systems only.

· The load_average block contains average load of a system for a certain period.

The load_average block elements:


load1 Percentage of system load for 1 minute

load15 Percentage of system load for 15 minutes




load5 Percentage of system load for 5 minutes

Average system load value is calculated for UNIX-based systems only. For Windows OS the

"-1" value is returned.

· The memory block contains information on operative memory of the computer on which the

Server is installed.



free Amount of free operative memory

total Total amount of operative memory

used_by_server Amount of operative memory used by the Server

· The repository block contains information on the Server repository.

The repository block elements:




files_added Number of new files added

files_deleted Number of deleted files

files_replaced Number of replaced files

http_fail Number of failed HTTP requests

http_ok Number of succeeded HTTP requests

· The vm block contains information on a usage of system resources on the computer with the

Server installed.

The vm block elements:


context_switches Number of context switches

cpu_kernel CPU operation time in the kernel mode

cpu_user CPU operation time in the user mode




page_faults Number of page faults

read_cnt Number of memory read

threads Number of running threads

virtual_memory Virtual memory currently allocated to the Server

working_set Working set

write_cnt Number of memory write


2156. Administators Handling

6. Administators Handling

URL requests

http://<host>:9080/api/admins/<script>.ds?

or

https://<host>:9081/api/admins/<script>.ds?

Available scripts

Script Description

add.ds Adding administrator

change.ds Changing administrator parameters

delete.ds Deleting administrator

info.ds Administrator information

list.ds Administrators List

Adding Administrator

Request Parameters


description Description – Required parameter: no

group Identifier of a group

which a newly-created

administrator can access

– Required parameter: no.

This parameter can be defined in the

request several times to specify multiple

groups at a time. If this parameter is set in

the request, then a group administrator

account will be created.


2166. Administators HandlingAdding Administrator


id Administrator account

identifier

Digits, latin

characters, and

symbols ‘_’, ’-‘


If not set, an ID will be generated

automatically.

last-name Surname – Required parameter: no

login Administrator account

login

Required parameter: yes

may-create-

admin

A flag determines the

right to create

administrators and

administrative groups


By default is yes

middle-name Middle name – Required parameter: no

name Name – Required parameter: no

password Password Required parameter: no.

If not set, a password will be generated

automatically.

readonly A flag to create a

restricted group

administrator account


By default is no. If the flag is set and its

value is set to yes, a read-only account will

be created (see Permissions).

If the readonly=yes and may-create-admin=yes parameters are specified

simultaneously, the readonly parameter has the priority. I.e. read-only administrator

cannot add or change settings of other administrative accounts.

Request Example

http://192.168.1.1:9080/api/admins/add.ds?login=newadm1&password=root&name=name&last-name=last-name&middle-name=middle-name&description=description&group=1&readonly=yes&may-create-admin=no



2176. Administators HandlingAdding Administrator

XML Response


srv_version="12.00.0.201909260" status="true"> <administrator id="f143cc19-e71c-4ec5-b32c-0fc8f4b41706"/>

</drweb-es-api>


The <administrator /> element contains information about created administrator account.

The <administrator /> element attribute:


id Identifier of the created account


{ "head": { "status": true, "timestamp": 1558521886, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "id": "afbff760-4746-449a-af4b-4e9fd43ffc59"}}


The data block contains information about the created administrator account.



id Identifier of the created account


2186. Administators HandlingChanging Administrator Parameters

Changing Administrator Parameters

Request Parameters


add-group Identifier of a group which an

administrator will access


The parameter can be defined in

the request as many times as you

like to specify multiple groups at a

time.

delete-group Identifier of a group to which an

administrator access will be

denied


The parameter can be defined in

the request as many times as you

like to specify multiple groups at a

time.

description Description – Required parameter: no

id Identifier of an administrator

account which parameters will

be changed

– Required parameter: yes

last-name Surname – Required parameter: no

login Administrator account login – Required parameter: no

may-create-

admin

A flag determines the right to

create administrators and

administrative groups


By default is yes

middle-name Middle name – Required parameter: no

name Name – Required parameter: no

password Password – Required parameter: no

readonly A flag to restrict administrator

account permissions


By default is no.

If the value is set to yes, a read-

only account will be created (see

the Permissions section).



If the readonly=yes and may-create-admin=yes parameters are specified

simultaneously, the readonly parameter has the priority. I.e. read-only administrator

cannot add or change settings of other administrative accounts.

Administrator cannot change the may-create-admin, readonly and group parameters

for own account.

Request Example

http://192.168.1.1:9080/api/admins/change.ds?id=3&login=newadm3&password=root&name=name&last-name=last-name&middle-name=middle-name&description=description&add-group=1&readonly=yes&may-create-admin=no


XML Response


srv_version="12.00.0.201909260" status="true"> <administrator id="3"/>

</drweb-es-api>


The <administrator /> element contains information about modified administrator account.



id Identifier of the changed account




{ "head": { "status": true, "timestamp": 1558521969, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "id": "3"}}


The data block contains information about the changed administrator account.



id Identifier of the changed account

Deleting Administrator

Request Parameters


login Administrator

account login

Required parameter: yes.


delete multiple administrators at a time.

Request Example

http://192.168.1.1:9080/api/admins/delete.ds?login=adm4&login=adm5



2216. Administators HandlingDeleting Administrator

XML Response


srv_version="12.00.0.201909260" status="true"> <administrators total="2">

<administrator id="1000"/>

<administrator id="1001"/>

</administrators>

</drweb-es-api>


The <administrators /> element contains information about all deleted administrators.

The <administrators /> element attribute:


total Total number of deleted administrators

· The <administrator /> element contains information about a specific deleted administrator

account.



id Identifier of deleted account


{ "head": { "status": true, "timestamp": 1558521970, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "27671337-e0b0-4f60-aeb0-ab1f2ca47f77"}}, "data": { "administators": { "total": 2, "list": [ {"id": "1000"}, {"id": "1001"}]}}}


2226. Administators HandlingDeleting Administrator


The administrators block contains information about all deleted administrators.

The administrators block elements:


total Total number of deleted accounts

· The list array contains information about specific deleted tariff groups.



id Identifier of deleted account

Administrator Information

Request Parameters


login Administrator

account login

Required parameter: yes.


request information on multiple administrators at a time.

Request Example

http://192.168.1.1:9080/api/admins/info.ds?login=adm1&login=adm2



2236. Administators HandlingAdministrator Information

XML Response


srv_version="12.00.0.201909260" status="true"> <administrators total="2">

<administrator id="1" login="adm1" description="Default administrator account"

created="1495654901" modified="1495654901" name="Admin-1" last_name="" middle_name=""external="true" may_create_admin="true" group_id="123" group_name="TEST-GROUP"/> <administrator id="2" login="adm2" description="" created="1495655048"

modified="1495655114" name="Admin-2" last_name="" middle_name="" external="false"may_create_admin="false" group_id="777" group_name="NEW-GROUP"/> </administrators>

</drweb-es-api>


The <administrators /> element contains information about all administrators whose

registration names have been submitted in the request.



total Total number of administrators about which the information have been returned

· The <administrator /> element contains information about a specific administrator account.

The <administrator /> element attributes:


id Account identifier

login Account login


created Account creation time and date in Unix timestamp format

modified Account modification time and date in Unix timestamp format

name Name

last_name Surname

middle_name Middle name

external The type of administrator authorization. False value means internal

administrator, while true stands for administrator with authorization via the

external systems.




may_create_admin Right to create other group administrators

group_id Identifier of a group which a specified administrator can access

group_name Name of a group which a specified administrator can access


{ "head": { "status": true, "timestamp": 1550514584, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "70c5f522-aaab-4c93-a180-a442a0da9c2a"}}, "data": { "admins": { "total": 1, "list": [ {"created_time": 1495654901, "description": "Default administrator account", "external": true, "group_id": "123", "group_name": "TEST-GROUP", "id": "1", "last_name": null, "login": "adm1", "may_create_admins": true, "middle_name": null, "modified_time": 1495654901, "name": "Admin-1"}, {"created_time": 1495655048, "description": "", "external": false, "group_id": "777", "group_name": "NEW-GROUP", "id": "2", "last_name": null, "login": "adm2", "may_create_admins": false, "middle_name": null, "modified_time": 1495655114, "name": "Admin-2"}]}}}




The data block contains information about all administrators.



total Total number of administrators about which the information have been returned

· The list array contains information about a specific administrator account.



created_time Account creation time and date in Unix timestamp format


external The type of administrator authorization. False value means internal

administrator, while true stands for administrator with authorization via the

external systems.

group_id Identifier of a group which a specified administrator can access

group_name Name of a group which a specified administrator can access


last_name Surname

login Account login

may_create_admins Right to create other group administrators

middle_name Middle name

modified_time Account modification time and date in Unix timestamp format

name Name

Administrators List

Request Parameters



2266. Administators HandlingAdministrators List

Request Example

http://192.168.1.1:9080/api/admins/list.ds


XML Response


srv_version="12.00.0.201909260" status="true"> <adm1inistrators total="2">

<administrator id="1" login="adm1" group_id="b3c14d40" group_name="Administrators"

may_create_admin="true" permission="allow"/> <groups>

<group id="GroupForCAF1-1">GroupForCAF1-1</group>

<group id="GroupForCAF1-2">GroupForCAF1-2</group>

</groups>

</administrator>

<administrator id="2" login="adm2" group_id="b3c14d40" group_name="Administrators"

may_create_admin="false" permission="deny"/> <groups> </groups>

</administrator>

</administrators>

</drweb-es-api>


The <administrators /> element contains a list of administrators in all administrator groups.



total Total number of administrators

· The <administrator /> element contains information about a specific administrator account.

The <administrator /> element attributes:



group_name Group name


login Account login




may_create_admin Right to create other group administrators

permission Granting access privileges. May take the following values:

· allow—access allowed

· deny—access denied.

ъ The <groups /> element contains information about all administrative groups that contain

the administrator.

The <groups /> element attributes:


total Total number of administrative groups

§ The <group /> element contains information about specific administrative group.



id Administrative group identifier

The <group /> element value is the administrator group name.


{ "head": { "status": true, "timestamp": 1551398630, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "20546124-e03f-e411-0aa6-a4d5c8ad7f2c"}}, "data": { "total": 2, "list": [ {"group_id": "b3c14d40" "group_name": "Administrators", "groups": { "GroupForCAF1-1": "GroupForCAF1-1", "GroupForCAF1-2": "GroupForCAF1-2"}, "id": "1", "login": "adm1", "may_create_admins": true, "permission": "allow"}, {"group_id": "b3c14d40" "group_name": "Administrators", "groups": [],



"id": "2", "login": "adm2", "may_create_admins": false, "permission": "deny"}]}}


The data block contains a list of administrators in all administrator groups.



total Total number of administrators

· The list array of the data block contains information about a specific administrator account.




login Account login


group_name Group name

may_create_admins Right to create other group administrators

permission Granting access privileges. May take the following values:

· allow—access allowed

· deny—access denied.

ъ The groups block contains information about all administrative groups that contain the

administrator.



Administrative group identifier Administrative group name


2297. Quarantine Handling

7. Quarantine Handling

URL requests

http://<host>:9080/api/quarantine/<script>.ds?

or

https://<host>:9081/api/quarantine/<script>.ds?

Available scripts

Script Description

delete.ds Delete objects from Quarantine

rescan.ds Rescan objects from Quarantine

restore.ds Restore objects from Quarantine

Restore Objects from Quarantine

Request Parameters


object Object in the Quarantine.


restore several objects from the Quarantine at a time.

yes

Returned errors

1. If the Quarantine is disabled at the Server, the script returns the following error:

code = 144message ='Quarantine is disabled on Server'


2307. Quarantine HandlingRestore Objects from Quarantine

2. If the Quarantine is not available at the station, the script returns the following error:

code = 145message ='Quarantine is unavailable'

Request Example

From the returned XML on the Get the Quarantine State request, take the following parameters:

<obj ect> = 8f7b2c47-8e9b-11e9-5812-dcfdccec8a94

<station_id> = 2091ada3-ed5e-e611-3392-f0b9022a5484

<q_time> = 20190614115718980

For the request to restore object from the Quarantine, the object parameter is formed like the

following: <obj ect>:<station_id>:<q_time>.

In the result, you have the following request:

http://192.168.1.1:9080/api/quarantine/restore.ds?object=8f7b2c47-8e9b-11e9-5812-dcfdccec8a94%3A2091ada3-ed5e-e611-3392-f0b9022a5484%3A20190614115718980


XML Response


srv_version="12.00.0.201909260" status="true"> <items>

<object status="delayed">8f7b2c47-8e9b-11e9-5812-dcfdccec8a94:2091ada3-ed5e-e611-

3392-f0b9022a5484:20190614115718980</object>

</items>

</drweb-es-api>


The <items /> element contains information on all objects for which the restoring from the

Quarantine was requested.

· The <object /> element contains information on a specific Quarantine object.


2317. Quarantine HandlingRestore Objects from Quarantine

The <object /> element attribute:


status Restoration status. Can take the following values:

· initiated—restoration is initiated,

· delayed—restoration is delayed,

· failed—restoration is failed.

The <object /> element value contains the information on a restored object similarly to the

information that is passed in the object argument in the initial request.

JSON Response

{ "head": { "status": true, "timestamp": 1560535448, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}}, "data": { "8f7b2c47-8e9b-11e9-5812-dcfdccec8a94:2091ada3-ed5e-e611-3392-f0b9022a5484:20190614115718980": "delayed"}}


The data block contains information about all objects for which the restoring from the

Quarantine was requested.



Corresponds to the

object parameter

from the initial

request

Restoration status. Can take the following values:

· initiated—restoration is initiated,

· delayed—restoration is delayed,

· failed—restoration is failed.


2327. Quarantine HandlingRescan Objects from Quarantine

Rescan Objects from Quarantine

Request Parameters




rescan several objects from the Quarantine at a time.

yes

Returned errors





Request Example


<obj ect> = 9edc4361-9f0c-22d0-6b86-edaeddfd9b05


<q_time> = 20190614115716149




http://192.168.1.1:9080/api/quarantine/rescan.ds?object=9edc4361-9f0c-22d0-6b86-edaeddfd9b05%3A2091ada3-ed5e-e611-3392-f0b9022a5484%3A20190614115716149




XML Response



<object status="delayed">9edc4361-9f0c-22d0-6b86-edaeddfd9b05:2091ada3-ed5e-e611-

3392-f0b9022a5484:20190614115716149</object>

</items>

</drweb-es-api>


The <items /> element contains information on all objects from the Quarantine for which

rescan was requested.




status Status of the repeated scanning. Can take the following values:

· initiated—repeated scanning is initiated,

· delayed—repeated scanning is delayed,

· failed—repeated scanning is failed.

The <object /> element value contains the information on a rescanned object similarly to the


JSON Response

{ "head": { "status": true, "timestamp": 1561553442, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}}, "data": { "9edc4361-9f0c-22d0-6b86-edaeddfd9b05:2091ada3-ed5e-e611-3392-f0b9022a5484:20190614115716149": "delayed"}}




The data block contains information about all objects from the Quarantine for which rescan was

requested.



Corresponds to the

object parameter

from the initial

request

Status of the repeated scanning. Can take the following values:

· initiated—repeated scanning is initiated,

· delayed—repeated scanning is delayed,

· failed—repeated scanning is failed.

Delete Objects from Quarantine

Request Parameters




delete several objects from the Quarantine at a time.

yes

Returned errors






2357. Quarantine HandlingDelete Objects from Quarantine

Request Example


<obj ect> = 9edc4361-9f0c-22d0-6b86-edaeddfd9b05


<q_time> = 20190614115716149




http://192.168.1.1:9080/api/quarantine/delete.ds?object=9edc4361-9f0c-22d0-6b86-edaeddfd9b05%3A2091ada3-ed5e-e611-3392-f0b9022a5484%3A20190614115716149


XML Response



<object status="initiated">9edc4361-9f0c-22d0-6b86-edaeddfd9b05:2091ada3-ed5e-

e611-3392-f0b9022a5484:20190614115716149</object>

</items>

</drweb-es-api>


The <items /> element contains information on all objects from the Quarantine for which

deletion was requested.




status Status of object removal. Can take the following values:

· initiated—removal is initiated,

· delayed—removal is delayed,

· failed—removal is failed.

The <object /> element value contains the information on a deleting object similarly to the



2367. Quarantine HandlingDelete Objects from Quarantine

JSON Response

{ "head": { "status": true, "timestamp": 1563653447, "api": { "version": 40300, "versionString": 4.3.0}, "server": { "name": "192.168.1.1", "version": "12.00.0.201909260", "uuid": "76b05bc0-8691-11e9-63e5-7036cecd07fa"}}, "data": { "9edc4361-9f0c-22d0-6b86-edaeddfd9b05:2091ada3-ed5e-e611-3392-f0b9022a5484:20190614115716149": "delayed"}}


The data block contains information about all objects from the Quarantine for which deletion

was requested.



Corresponds to the

object parameter

from the initial

request

Status of object removal. Can take the following values:

· initiated—removal is initiated,

· delayed—removal is delayed,

· failed—removal is failed.


237Appendix A. Rights

Appendix A. Rights

Read-only Administrator Permissions

The readonly flag with the yes value denies the following administrative permissions:

· Edit properties of station groups

· Edit configuration of groups

· Edit station properties

· Move stations into groups

· Remove stations from groups

· Delete stations

· Remote Agent installation and deinstallation

· Merge stations

· Edit licensing

· Create administrators and administrative groups

· Edit administrator accounts

· Delete administrator accounts

· Edit properties and configuration of administrative groups

· Create stations

· Approve newbies

· Edit Server schedule

· Edit Server configuration and repository configuration

· Edit neighborhood connections

Rights Codes

Code Right description

1 Run Dr.Web Scanner for Windows

2 Run SpIDer Guard for Windows workstations

4 Change configuration of Dr.Web Scanner for Windows

5 Change configuration of SpIDer Guard for Windows workstations

7 Start SpIDer Mail for Windows workstations

8 Change configuration of SpIDer Mail for Windows workstations




9 Stop SpIDer Guard for Windows workstations

10 Stop SpIDer Mail for Windows workstations

11 Create local schedule

12 Change some settings in the Server section of Dr.Web Agent

13 Change some settings of Dr.Web Agent (in the Notification, Self-Protection, Advanced,

and Server sections)

15 Run Dr.Web Agent in the mobile mode, get updates directly from Dr.Web Global Update

System

16 Start SpIDer Guard for Windows servers

17 Change configuration of SpIDer Guard for Windows servers

18 Stop SpIDer Guard for Windows servers

19 Start SpIDer Gate for Windows workstations

20 Stop SpIDer Gate for Windows workstations

21 Change configuration of SpIDer Gate for Windows workstations

22 Run Dr.Web Office Control

23 Stop Dr.Web Office Control

24 Change Dr.Web Office Control configuration

27 Change some settings in the Self-Protection section of Dr.Web Agent

28 Run Dr.Web for Microsoft Outlook

29 Stop Dr.Web for Microsoft Outlook

30 Change configuration of Dr.Web for Microsoft Outlook

31 Change configuration of Dr.Web for IBM Lotus Domino

37 Run Dr.Web Scanner for macOS workstations

38 Change configuration of Dr.Web Scanner for macOS workstations

39 Stop Dr.Web Scanner for macOS workstations

40 Run SpIDer Guard for macOS

41 Change configuration of SpIDer Guard for macOS




42 Stop SpIDer Guard for macOS

43 Change configuration of Dr.Web for Microsoft Exchange Server

44 Change Preventive protection configuration

47 Run Dr.Web Scanner for UNIX

48 Change configuration of Dr.Web Scanner for UNIX

49 Stop Dr.Web Scanner for UNIX

50 Run SpIDer Guard for UNIX

51 Change configuration of SpIDer Guard for UNIX

52 Stop SpIDer Guard for UNIX

53 Uninstall Dr.Web Agent

54 Run in the mobile mode for Linux workstations

55 Run in the mobile mode for macOS workstations

56 Run Dr.Web Scanner for macOS servers

57 Change configuration of Dr.Web Scanner for macOS servers

58 Stop Dr.Web Scanner for macOS servers

59 Run SpIDer Guard for macOS servers

60 Change configuration of SpIDer Guard for macOS servers

61 Stop SpIDer Guard for macOS servers

62 Run in the mobile mode for macOS servers

63 Using Dr.Web for UNIX mail servers Control Center

64 Using Dr.Web for UNIX Internet gateways Control Center

65 Using Dr.Web for UNIX file servers Control Center

72 Change configuration of Dr.Web Scanner for Android

73 Change configuration of SpIDer Guard for Android

74 Stop SpIDer Guard for Android

75 Change configuration of Dr.Web Anti-spam for Android




76 Change configuration of Dr.Web Anti-theft for Android

77 Change configuration of Dr.Web Application filter for Android

78 Change configuration of Dr.Web for Android

80 Run Dr.Web for Android in the mobile mode

82 Change configuration of URL filter for Android

83 Run Dr.Web for Microsoft Exchange Server

95 Run Dr.Web for IBM Lotus Domino

96 Run Preventive protection

97 Stop Preventive protection

98 Change configuration of SpIDer Gate for macOS workstations

99 Start SpIDer Gate for macOS workstations

100 Stop SpIDer Gate for macOS workstations

101 Change configuration of SpIDer Gate for UNIX

102 Start SpIDer Gate for UNIX

103 Stop SpIDer Gate for UNIX

104 Start Dr.Web for Android

105 Start Dr.Web Anti-spam for IBM Lotus Domino

106 Change configuration of SpIDer Gate for macOS servers

107 Start SpIDer Gate for macOS servers

108 Stop SpIDer Gate for macOS servers

109 Stop Dr.Web for Android

122 Start Dr.Web for Microsoft SharePoint Server

123 Run Dr.Web for Microsoft ISA Server

124 Change Dr.Web Firewall configuration

125 Change configuration of Network port monitor

126 Start Dr.Web Firewall




127 Stop Dr.Web Firewall

128 Start Application Control


242Appendix B. ComponentsB1. Installing Components

Appendix B. Components

B1. Installing Components

Installing components are specified in the components parameter. Available values are:

· none—to reset custom settings and restore inheritance from the primary group.

· An integer that determines the state of installing components.

Components are installed with the use of bit flags. Each of the components can be in three

states:

0—the component cannot be installed

1—the component can be installed,

2—the component must be installed.

Components value calculation method

Constants of installing components

Component Constant Value

Dr.Web Scanner for Windows DRWEB32W 0x1

SpIDer Guard for Windows XP SPIDERNT 0x4

SpIDer Mail for Windows workstations SPIDERMAILHOME 0x8

SpIDer Guard for Windows servers SPIDERNTSERVER 0x10

SpIDer Gate for Windows workstations SPIDERGATE 0x20

Dr.Web Office Control DWPROT 0x40

Dr.Web Anti-spam VADERETRO 0x80

Dr.Web for Microsoft Outlook OUTLOOK 0x100

Dr.Web Firewall FIREWALL 0x200

The components parameter value is the result of combining the values of one or multiple

constants for the respective components by a bitwise OR.


243Appendix B. ComponentsB1. Installing Components

Examples of setting multiple components with a status

· Status The component cannot be installed:

Components = DRWEB32W | FIREWALL | OUTLOOK

As a result: components = 769

· The component can be installed—shift the default value to the left by 0xA:

Components = ( DRWEB32W << 0xA ) | ( FIREWALL << 0xA ) | (OUTLOOK << 0xA)


· The component must be installed—double-shift the default value to the left by 0xA:

Components = (( DRWEB32W << 0xA ) << 0xA ) | ( ( FIREWALL << 0xA ) <<0xA ) | ((OUTLOOK << 0xA) << 0xA )


B2. Component Codes

Code Description

3 Dr.Web Console Scanner for UNIX

4 Dr.Web Scanner for Windows

7 Dr.Web Scanner for Linux

9 Dr.Web Daemon for Linux

10 Dr.Web Daemon for FreeBSD

12 Dr.Web Daemon for Solaris

14 SpIDer Mail for Windows workstations

27 Dr.Web for IBM Lotus Domino

30 Dr.Web Agent for Windows

37 Dr.Web Agent Scanner for Windows

38 SpIDer Gate for Windows workstations

40 Dr.Web MailD for Linux

43 Dr.Web MailD for Solaris

44 Dr.Web MailD for FreeBSD


244Appendix B. ComponentsB2. Component Codes

Code Description

45 Dr.Web for Microsoft Exchange Server

46 Dr.Web Components Monitor for UNIX

49 Dr.Web ICAPD for Linux

50 Dr.Web ICAPD for Solaris

51 Dr.Web ICAPD for FreeBSD

53 Dr.Web for Windows Mobile

54 Dr.Web Office Control

55 Dr.Web Anti-spam

57 SpIDer Guard for Windows workstations

58 SpIDer Guard for Windows servers

60 SpIDer Guard for Windows Mobile

61 SpIDer Guard for Linux

62 Dr.Web Agent Scanner for UNIX

101 Dr.Web Scanner for macOS workstations

103 Dr.Web for Microsoft Outlook

105 Dr.Web Firewall

106 SpIDer Guard for macOS workstations

107 Dr.Web Agent Scanner for macOS

108 SpIDer Guard for NSS

109 Dr.Web Scanner for macOS servers

110 SpIDer Guard for SMB for Linux

111 SpIDer Guard for SMB for FreeBSD

112 SpIDer Guard for SMB for Solaris

113 SpIDer Guard for macOS

114 Dr.Web for Android

115 Dr.Web Monitor for Android



Code Description

116 Dr.Web Anti-spam for Android

117 Dr.Web Anti-theft for Android

118 Dr.Web Application Filter for Android

119 Dr.Web Scanner for Android

123 Dr.Web Cloud Checker for Android

124 Dr.Web Self-protection

128 Dr.Web Scanning Engine for Linux

129 Dr.Web File Checker for Linux

130 Dr.Web Agent for Linux

131 Dr.Web Scanning Engine for FreeBSD

132 Dr.Web File Checker for FreeBSD

133 Dr.Web Agent for FreeBSD

134 Dr.Web Scanning Engine for Solaris

135 Dr.Web File Checker for Solaris

136 Dr.Web Agent for Solaris

138 Dr.Web Scanning Engine for macOS

139 Dr.Web File Checker for macOS

140 Dr.Web Agent for macOS

141 SpIDer Gate for macOS

142 SpIDer Gate for macOS servers

143 SpIDer Gate for Linux

144 Preventive protection

145 Connection settings

146 Dr.Web Proxy server

147 Dr.Web for Microsoft SharePoint Server

148 Plug-ins



Code Description

149 Network port monitor

150 Anti-spam for IBM Lotus Domino

151 Dr.Web ClamD for Linux

152 Dr.Web ClamD for FreeBSD

153 Dr.Web ClamD for Solaris


247Appendix C. Returned error codes

Appendix C. Returned error codes

Code Description

1 Group name is not specified.

2 Identifier is not specified.

4 Invalid identifier. The identifier may only contain ASCII symbols and not exceed 36

characters.

6 The station is not found.

10 Illegal arguments are detected in your request.

11 Necessary parameters are not specified in your request.

12 Illegal argument value

13 Illegal argument type

15 Group is not found.

17 Identifier of parent group is not specified.

19 System group cannot be parental.

21 Data to make changes is not specified.

23 Specified identifier already in use.

27 Failed to create personal installation package for stations running Windows.

28 Specified administrator is not found.

29 Specified administrator login already in use.

32 You cannot delete your account.

36 You cannot delete system group.

37 Message is not specified.

40 Login is not specified.

54 Parent group is not found.

55 Incorrect login; login should not exceed 36 characters.

56 You do not have enough privileges to perform the operation.



Code Description

57 Administrative group is not specified.

80 You cannot set children group as parent.

81 You cannot set self as parent.

97 Task identifier is not set or empty value is specified.

98 Invalid task identifier is specified.

99 Invalid download code

100 Installation package is not found.

105 You cannot change preinstalled group.

107 You cannot remove the default admin.

110 Unable to initialize database connection.

111 Empty SQL request

112 Unable to start database transaction.

113 Unable to finish database transaction.

114 Database request error

115 Callback option is not set.

116 Unable to roll back database transaction.

117 Unable to establish database connection.

118 You cannot change the account of the drweb-monitoring administrator.

119 Parent group of administrator group is not found.

120 Administrative group name is not specified.

121 You cannot modify admin root group.

122 You cannot delete admin root group.

123 License key is not found.

124 License key identifier is not specified.

125 License key ID is not specified.

126 License key already exists.



Code Description

127 License key has expired.

128 License key is blocked.

129 License key is invalid

131 Illegal grace period value. Only the range from 0 to 90 days is allowed.

132 Cannot create stations.

133 Limit of licensed stations is reached.

134 Primary group is not found.

135 API Internal Error

136 Administrative group is not found.

137 Resource is not found.

138 Device token is invalid

139 You are not authorized to edit license keys of this group.

140 Cannot run Scanner.

141 There are no suitable stations to run Scanner. Select active stations running the operating

system that enables Scanner startup.

142 Stations list is empty.

144 Quarantine is disabled on the Server.

145 Quarantine is unavailable.

146 The object format is invalid

147 Authorization failed.

148 Authorization failed, you have made frequent unsuccessful attempts to login.

149 There are no suitable stations to reset password. Select stations running OS Windows.

150 Cannot change password.

151 The password reset is postponed because the station is offline.

152 Notification is not found.

153 The request to send message is postponed because the station is offline.



Code Description

154 Cannot send message.

155 Only a user group can represent an organization.

156 The group cannot represent the organization, because its parent or administrative group

already contains an organization representative.

157 The group representing organization cannot be assigned a parent group that already has

an organization representative in its parent or administrative group.

158 Unknown client

159 Client name is not specified.

160 You cannot remove the default client.

161 Unknown device token

162 Unknown verification code

163 Incorrect request

164 Membership settings error: station can only belong to one organization.

165 Invalid country code. Set a two-character country or region code under ISO 3166, alpha-2.

166 You cannot change privileges and parent group of the main administrator.

167 No license key is distributed to this group.

168 Policy versions limit is reached.

169 Policy name is not specified.

170 Policy is not found.

171 Policy version is not found.

172 You cannot delete the default policy.

173 Error upon creating Dr.Web Proxy server

174 Dr.Web Proxy server group is not found.

175 Dr.Web Proxy server group is not specified.

176 Incorrect latitude value to set the location.

177 Incorrect longitude value to set the location.

178 Error upon deleting Dr.Web Proxy server.



Code Description

179 Placing stations in Dr.Web Proxy server groups is not allowed.

183 Error upon creating profile

184 Error upon deleting profile

185 Error upon editing profile properties

186 Authorization failed. Authorization via an insecure connection is not allowed.


252Appendix D. Returned Station State Codes

Appendix D. Returned Station State Codes

Code Description

-1 Station has been deleted.

0 Station is not logged in at the Server (offline).

1 Station is logged in at the Server (online).

2 Connection with the station is broken.

3 Server is rebooting or shutting down.

4 Agent did not respond on the ping request timely.

5 Waiting time of instruction execution is expired.

6 Antivirus package was uninstalled.

7 Antivirus software has been successfully installed on the station via the network installation

but the station is not yet connected to the Server.