Description

The getCustomDetectionList operation handles configuration related to CustomDetectionList model. 
If you add a file to this list, the system treats it as if the AMP cloud assigned a malware disposition. If you use AMP for Networks, and the AMP cloud incorrectly identifies a file’s disposition, you can add the file to a file list to better detect the file in the future. These files are specified using SHA-256 hash values. Each file list can contain up to 10000 unique SHA-256 values.

HTTP request

GET /api/fdm/v6/objects/customdetectionhashlist/{objId}

Path Parameters

Example

curl -X GET \
    --header "Accept: application/json" \
    --header "Authorization: Bearer ${ACCESS_TOKEN}" \
    "https://${HOST}:${PORT}/api/fdm/v6/objects/customdetectionhashlist/{objId}"

from bravado.requests_client import RequestsClient
from bravado.client import SwaggerClient


def get_client(host, token):
    http_client = RequestsClient()
    http_client.ssl_verify = False
    http_client.set_api_key(
        host,
        "Bearer {}".format(token),
        param_name="Authorization",
        param_in="header"
    )
    return SwaggerClient.from_url(
        "https://{}/apispec/ngfw.json".format(host),
        http_client=http_client,
        config={
            "validate_responses": False,
            "validate_swagger_spec": False
        }
    )


def get_custom_detection_list(client, obj_id):
    return client.FileAndMalwarePolicy.getCustomDetectionList(
        objId=obj_id
    ).response().result


if __name__ == "__main__":
    host = "ftd.example.com"
    token = "access_token"
    client = get_client(host, token)

    obj_id = "string"

    get_custom_detection_list(client, obj_id)