Post Action Script

Using Post Action Script is not recommended. If you plan to use post action script, please contact OPSWAT Technical Support to see if there are different ways of achieving the same goal. For example, if you want to copy files after scan, use the Workflow - copy to directory feature instead.

Running scripts on clean/infected files

Creating a post action script provides the capability to handle simple or advanced application logic. Once a file is scanned by engines, the script will be executed on a file based on scan results.

XML format for post action script

<if type="[scan result]">[script]</if>
<if type="[scan result]">[script]</if>
<user_var name="[user variable]">[user variable string]</user_var>
<user_var name="[user variable]">[user variable string]</user_var>





Batch script supported by cmd.exe. For multiline scripts,use “&&”. (“&&” for xml)

DEL c:\

[scan result]

Refer to asynchronous scan API in Software Developer Guide

for clean files,


[user variable]

Variables that you define


[user variable string]

Value for user variables

C:\ data_folder_for_archiving

Pre-defined variables





Absolute path to the file to be scanned.

This variable is supported only on local COM scans.


Name of threats found by engines.

Applies only to infected(“1”) scan result.


The time when scan is finished.



Integer number representing the scan_results type.

Refer to Scan Outcome return Type


Unique id of each scan


Applying post action script

Property Name



XML-formatted scripts applied per scan result with support of pre-defined variables and user-defined variables.


omsCmdLineUtil.exe config pa=<xml file path>

Management Console

On the Metadefender Core Management Console, use only the script in the text box, instead of the XML format for Post Action Script described in the above section.



Any character that has special meaning to XML (e.g., &, <, >) must be escaped.

Example of post action script XML

Note: In the following examples, any variable surrounded with %%% that is not already defined in pre-defined variables, need to either be defined in your post action XML or replaced with the actual values you intend to use.

Moving clean file and infected files to different folder

<if type="0">move %%%file_path%%% c:\archive_data\clean</if>
<if type="1">move %%%file_path%%% c:\archive_data\infected</if>

Uploading infected file to ftp server

<if type="1">
echo OPEN %%%server%%%&gt; ftp.scr&&
echo %%%username%%%&gt;&gt; ftp.scr&&
echo %%%password%%%&gt;&gt; ftp.scr&&
echo cd test_post_action&gt;&gt; ftp.scr&&
echo put %%%file_path%%%&gt;&gt; ftp.scr&&
echo CLOSE&gt;&gt; ftp.scr&&
echo quit&gt;&gt; ftp.scr &&
ftp -s:ftp.scr
<user_var name="server"></user_var>
<user_var name="username">ftp_user</user_var>
<user_var name="password">1234abcd</user_var>