Home
Resources
N2OS Software Development Kit
The N2OS Software Development Kit (SDK).
OpenAPI
The scriptable variables correlation feature allows users to implement custom checks on the way variable values change over time. This section covers how such scripts can be implemented and used.
Quarantine endpoint

Resources
- Release Notes
  Access the release notes for release-based products.
- N2OS Configuration
  The N2OS Configuration - Reference Guide.
- N2OS Software Development Kit
  The N2OS Software Development Kit (SDK).
  - Scriptable protocols
    The Lua scripting API for building a custom protocol decoder.
  - Scriptable variables
    The scriptable variables correlation feature allows users to implement custom checks on the way variable values change over time. This section covers how such scripts can be implemented and used.
  - OpenAPI
    The scriptable variables correlation feature allows users to implement custom checks on the way variable values change over time. This section covers how such scripts can be implemented and used.
  - Data model reference
    The data model reference for query entities.
  - Data integration best practices
    A description of best practices when using Nozomi Networks data integration with Syslog integration or OpenAPI calls.
- Integration Guides
  Integration guides to help you use applications that integrate with Nozomi Networks products.
- Reference Guides
  Additional reference guides with information on items such as Alerts and Incidents and Federal Information Processing Standards (FIPS).
- Quick Start Guides
  Hardware Quick Start Guides.
- Security
  Stay up-to-date with the most recent information and solutions for all vulnerabilities that affect Nozomi Networks products.
- Print format documentation
  A list of all the technical documentation that is available in print format.
- Documentation archive
  Access previous versions of the technical documentation.

Quarantine endpoint

A GET request to /api/open/quarantine allows you to get a file from the quarantine directory.

Requirements and Restrictions

The authenticated user must be in a group having admin role.
The full path of the file must be specified in the file parameter and the format should be /data/quarantine/<NAME>.
If you specify a path that does not exist, the call returns a 404 error.
If the request is accepted, the result will contain the actual file that Guardian extracted from traffic and that the Sandbox classified as malicious.

Hint: as shown in the top part of the previous screenshot, the file parameter to be used with the request can be found in the properties field of SIGN:MALWARE-DETECTED alerts.