Post actions in MetaDefender core V4.8.0 and above

Disclaimer

This sample script is provided for illustrative purpose only and is not guaranteed to be functional in a production environment.

MetaDefender core V4.8.0 has a new feature "Post Actions".

You can define a "Post Action" which is a command line executable or script that will be called after each scan is finished.

The documentation of this feature can be found here: https://onlinehelp.opswat.com/corev4/3.10._External_Scanners_And_Post_Actions.html

For this script to work properly, we need to call Powershell in the Post Actions screen of MetaDefender core:

images/download/attachments/28640243/image2017-7-4_12-7-54.png

You will need to specify the location from where Powershell is running in your system followed by:

  • ExecutionPolicy Bypass

  • -File TheNameAndPathOfYourScriptFile.ps1

We created a sample Powershell script that sorts the files according to their result. (Allowed/Blocked)

The script is called after the scan is finished.

It accepts as its input:

  1. The current scan results JSON from STDIN.

  2. The full path to the currently scanned file as the last argument on the command line.

And returns the following return values:

0 - Success
1 - Json Parse error - The script was unable to parse the expected JSON from STDIN
2 - Copy error - file copy to failed
3 - file path of currently scanned file is invalid
4 - the destination path of either allowed/blocked or both is invalid.

The script itself can be found and downloaded from the following link:

post_action_sample.ps1


This article applies to MetaDefender Core v4 Windows
This article was last updated on 2018-03-26
CN