Update Custom Malware Feed
PUT/api/v33.01/feeds/custom/malware
x-prisma-cloud-target-env: {"permission":"systemOperations"}
Creates a custom list of malware MD5 signatures of malicious executables.
Note: Any previously installed lists are overwritten.
cURL Request
Refer to the following cURL command that installs a custom list of malware MD5 signatures of malicious executables:
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X PUT \
-d '
{
"name": "malware-sigs",
"feed": [
{
"name": "dimaaa",
"md5": "d4ba1008e7d57458fdd65deca2ba801b"
},
{
"name": "emacs",
"md5": "5ce9d1116755f827f5d1e06246dd30b9"
}
]
}' \
"https://<CONSOLE>/api/v<VERSION>/feeds/custom/malware"
Note: No response will be returned upon successful execution.
To confirm the malware list has been added / overwritten to the ban list, invoke the GET /api/vVERSION/feeds/custom/malware
endpoint.
Request
- application/json
Body
- Array [
- ]
_id string
ID is the custom feed id.
digest string
Digest is an internal digest of the feed.
feed object[]
Feed is the list of custom malware signatures.
allowed boolean
Allowed indicates if this signature is on the allowed list.
md5 string
.
modified int64
Modified is the time the malware was added to the DB.
name string
.
modified date-time
Modified is the last time the custom feed was modified.
Responses
- 200
- default
OK
Loading...