Home
N2OS SDK
The N2OS Software Development Kit (SDK).
OpenAPI
The scriptable variables correlation feature allows users to implement custom checks on the way variable values change over time. This section covers how such scripts can be implemented and used.
Quarantine endpoint

N2OS SDK
The N2OS Software Development Kit (SDK).
- Scriptable protocols
  The Lua scripting API for building a custom protocol decoder.
- Scriptable variables
  The scriptable variables correlation feature allows users to implement custom checks on the way variable values change over time. This section covers how such scripts can be implemented and used.
- OpenAPI
  The scriptable variables correlation feature allows users to implement custom checks on the way variable values change over time. This section covers how such scripts can be implemented and used.
- Data model reference
  The data model reference for query entities.
- Data integration best practices
  A description of best practices when using Nozomi Networks data integration with Syslog integration or OpenAPI calls.

Quarantine endpoint

A GET request to /api/open/quarantine allows you to get a file from the quarantine directory.

Requirements and Restrictions

The authenticated user must be in a group having admin role.
The full path of the file must be specified in the file parameter and the format should be /data/quarantine/<NAME>.
If you specify a path that does not exist, the call returns a 404 error.
If the request is accepted, the result will contain the actual file that Guardian extracted from traffic and that the Sandbox classified as malicious.

Example of request — Figure 1. Example of request

Hint: as shown in the top part of the previous screenshot, the file parameter to be used with the request can be found in the properties field of SIGN:MALWARE-DETECTED alerts.