Update Custom Malware Feed

PUT /api/v32.07/feeds/custom/malware

x-prisma-cloud-target-env: {"permission":"systemOperations"}

Creates a custom list of malware MD5 signatures of malicious executables.

Note: Any previously installed lists are overwritten.

cURL Request

Refer to the following cURL command that installs a custom list of malware MD5 signatures of malicious executables:

$ curl -k \
  -u <USER> \
  -H 'Content-Type: application/json' \
  -X PUT \
  -d '
{
  "name": "malware-sigs",
  "feed": [
    {
      "name": "dimaaa",
      "md5": "d4ba1008e7d57458fdd65deca2ba801b"
    },
    {
      "name": "emacs",
      "md5": "5ce9d1116755f827f5d1e06246dd30b9"
    }
  ]
}' \
  "https://<CONSOLE>/api/v<VERSION>/feeds/custom/malware"

Note: No response will be returned upon successful execution.

To confirm the malware list has been added / overwritten to the ban list, invoke the GET /api/vVERSION/feeds/custom/malware endpoint.

Request

application/json

Body

_id string

ID is the custom feed id.

digest string

Digest is an internal digest of the feed.

feed object[]

Feed is the list of custom malware signatures.

Array [

allowed boolean

Allowed indicates if this signature is on the allowed list.

md5 string

modified int64

Modified is the time the malware was added to the DB.

name string

]

modified date-time

Modified is the last time the custom feed was modified.

Responses

200
default

Update Custom Malware Feed

/api/v32.07/feeds/custom/malware

cURL Request​

Request​

Body

Responses​

cURL Request

Request

Responses