CheckSourceDefinition
Description |
Will query source feeds for information on whether Antimalware definitions are up to date. |
Required database file: vmod-om.dat or vmod.dat
The json_in parameter must provide the following JSON:
{
"input"
:
{
"method"
:
4
,
"signature"
: number,
"product_id"
: number,
"os_type"
: number,
"version"
: string,
"tolerance"
: number,
"product_name"
: string,
"vendor_id"
: number,
"vendor_name"
: string,
"def_date"
: string,
"def_version"
: string,
"engine_version"
: string,
"am_type"
: number
}
}
Key |
JSON |
Description |
method |
number |
The method that is being called. #define WA_OFFLINE_VMOD_V4_CHECK_SOURCE_DEF 4 |
signature |
number |
The signature id of the product returned from the detection call. |
product_id |
number |
The id of the product returned from the detection call. |
os_type |
number |
The type of the operating system. Type 0 means unspecified, type 1 is Windows, 2 is Linux and 4 is MacOS. |
version |
string |
The current version of the queried product. |
tolerance |
number |
A tolerance factor that can be used to loosen the 'is_current' metric. The default tolerance value is '1'. |
product_name |
string |
The name of the product. |
vendor_id |
number |
The id of the product's vendor. |
vendor_name |
string |
The name of the product's vendor. |
def_date |
string |
The current definition date of the product. Definition date is a timestamp or has format "mm/dd/yyyy" for "month/day/year". |
def_version |
string |
The current definition version of the product. |
engine_version |
string |
The current engine version of the product. |
am_type |
number |
The antimalware type of the product. This field is reserved and its value should always be 1. |
The json_out parameter will contain the following JSON result upon successful call:
{
"basic"
: number,
"count_behind"
: number,
"date_latest"
: number,
"def_date"
: string,
"def_signature"
: string,
"def_version"
: string,
"engine_latest"
: number,
"engine_version"
: string,
"feed_id"
: number,
"is_current"
:
boolean
,
"strict"
: number,
"version_age"
: number,
"version_latest"
: number
}
Key |
JSON |
Description |
basic |
number |
A simple metric for determining if definition is up to date based on definition date (within 36 hours) and definition version. Possible values are:
|
count_behind |
number |
The number of definitions behind of the installed antimalware based on definition version. Possible values are:
|
date_latest |
number |
Indicates whether definition date is the latest. Possible values are:
|
def_date |
string |
The current definition date in the remote feed as an epoch timestamp. |
def_signature |
string |
The current definition signature in the remote feed. |
def_version |
string |
The current definition version in the remote feed. |
engine_latest |
number |
Indicates whether the engine is the latest version. Possible values are:
|
engine_version |
string |
The current engine version in the remote feed. |
feed_id |
number |
The remote feed ID used to determine definition currency. |
is_current |
boolean |
True if this product's antimalware definitions are current based on metrics on definition date and definition version. |
strict |
number |
A strict metric for determining if definition is up to date based on definition date and definition version the same way as "basic" metric but no window for definition date is used. Possible values are:
|
version_age |
number |
Indicates if the definition version is recent in relation with definition date. This metric is useful for dealing with products which update with a high degree of frequency. Possible values are:
|
version_latest |
number |
Indicates whether the definition version is the latest. Possible values are:
|