servers

JSON array

"servers": [
{
"url": "http://<ip or dns>:8008",
"apikey": "1234"
}
]

"server": [
{
"url": "http://metadefender:8008",
"apikey": ""
}
]

Yes

Specifies the location of the MetaDefender server and apikey if configured

user_agent

string

"user_agent":"md_client"

"MDClient"

No

Specifies the string passed in the user_agent header to the MetaDefender Core server
This can be used to determine which workflow is used to process requests

rule

string

"rule":"client"

" "

No

Used to determine which workflow rule is used to process requests
Note: Only applicable for MetaDefender v4

workflow

string

"workflow":"client"

" "

No

Used to determine which workflow is used to process requests
Note: Only applicable for MetaDefender v3

disable_hash_check

boolean

"disable_hash_check":false

false

No

Specifies whether checking the hash is performed before scanning a file with MetaDefender

allow_exit

boolean

"allow_exit":true

true

No

Specifies whether the MetaDefender Client can be exited from the system tray

allow_user_selection

boolean

"allow_user_selection":true

false

No

Specifies whether a user will be able to select which scan type(s) to run

scan_type

string array

"scan_type":["physical", "process"]

["removable", "physical"]

Yes

Types of scans the Client can perform, also outlines the types selectable if "allow_user_selection" is enabled.
Should consist of all unique values.

Possible values:
"physical" - physical drives
"system" - system drives
"removable" - removable drives (e.g. discs, floppy, usb)
"process" - running memory processes

log_file

file path

"log_file":""

"%AppData%\\MetaDefenderApp"

No

Specifies the location where scan reports will be saved

Note: Backslashes must be double escaped

force_usb

boolean

"force_usb":true

false

Yes

Specifies if USB functionality is enabled

copy_clean_location

file path

"copy_clean_location":""

"%USERPROFILE%\\Desktop\\MetaDefender\\"

Yes

Specifies the location where clean files will be copied to the system

copy_to_maintain_dir_structure

boolean

"copy_to_maintain_dir_structure":false

false

No

When copying files from system to USB create all paths from system machine
If False then the copy structure is relative to the USB drive

hide_usb_warning

boolean

"hide_usb_warning":false

false

No

Specifies whether to display the warning message of a blocked device upon insertion

unblock_on_error

boolean

"unblock_on_error":false

false

No

Specifies whether Client allows or blocks a drive when a MetaDefender error occurs

copy_on_error

boolean

"copy_on_error":false

false

No

Specifies whether Client allows or blocks copying files from a drive when a MetaDefender error occurs

hide_drive_unlock

boolean

"hide_drive_unlock":false

false

No

Specifies unlocking a blocked drive can be done by the user

hide_drive_browse

boolean

"hide_drive_browse":false

false

No

Specifies copying files from a blocked drive to the system can be done by the user

hide_drive_copy

boolean

"hide_drive_copy":false

false

No

Specifies copying files from the system to a blocked drive can be done by the user

max_file_size

integer

"max_file_size":52428800

1000000 MB

No

Specifies the maximum size of files for which MetaDefender Client will process with MetaDefender Core

Note: Any file greater than the max file size will display "Exceeded File Size"

media_manifest.trust_only_manifest

boolean

"media_manifest": {
"trust_only_manifest":false
}

false

No

Specifies if any file not found in the Media Manifest will be immediately blocked and Client will not attempt to process the file with MetaDefender

media_manifest.days_trusted

integer

"media_manifest": {
"days_trusted":30
}

30

No

The maximum days to use a media manifest result
If blank or omitted, the manifest is trusted forever
If 0, the manifest is never trusted

pdf_report_dir

string

"pdf_report_dir":"D:\\"

" "

No

Specifies the location where scan reports will be generated automatically at the end of a scan session

Note: Backslashes must be double escaped

use_file_sanitization

boolean

"use_file_sanitization":true

false

No

With data sanitization enabled in the corresponding security rule in Core, this will provide the option to download available sanitized versions of files

delete_original_sanitized_file

boolean

"delete_original_sanitized_file":true

false

No

When copying files to the system, only the available sanitized version will be copied over

default_language

integer

"default_language":13

9

No

Client will attempt to use the given language. If strings are found they will be updated on next restart of the client. If language is not supported then the client will default to English. The code is based on Microsoft Windows primary language id which can be found at https://msdn.microsoft.com/en-us/library/windows/desktop/dd318693(v=vs.85).aspx

Currently supported languages: English (9) , Hebrew (13), Japanese (17)

exclude_engines

string array

"exclude_engines":["engine1", "engine2"]

[ ]

No

List of engines to exclude from MetaDefender scan results

vault

JSON object

"vault": {
"allowed": {
"enabled":true,
"auth_token":"1234",
"copy_to_url":"http://VaultServer:8000/vault_rest",
"guest_only" false
},
"blocked" {
"enabled":false,
"auth_token":"",
"copy_to_url":"",
"guest_only":false
}
}

"vault": {
"allowed": {
"enabled":false,
"auth_token":"",
"copy_to_url":"",
"guest_only" false
},
"blocked" {
"enabled":false,
"auth_token": "",
"copy_to_url": "",
"guest_only":false
}
}

No

Enables uploading allowed and/or blocked files to a Vault server.

enabled - specifies copying is enabled
auth_token - Vault admin token used for uploading
copy_to_url - location of the vault server to upload to
guest_only - only upload to guest accounts

Note: By default, uploads will be sent to the user running Client.
If the user does not have an account in Vault, then files will be uploaded to a guest account.