Skip to content

EngineResponseSchema

Jump to bottom
Amy Bowersox edited this page Apr 30, 2020 · 2 revisions

The EngineResponse Schema

This schema should be used to format the return value from your engine object's analyze method. It contains the following properties:

  • iocs: (type: list) - A list of Indicators of Compromise returned by the analysis engine. Each item in this list is a dict that must follow the Indicator of Compromise schema. If no IOCs are present, an empty list should be returned here.
  • engine_name: (type: str) - The name of the analysis engine generating this response.
  • binary_hash: (type: str) - The hash value of the item that was analyzed. Always 64 characters in length. Should be copied from the sha256: element of the binary metadata.
  • success: (type: bool) - A value of True if the analysis succeeded, False if it did not.

Copyright © 2020 VMware Inc., All Rights Reserved.

Information here is current as of Carbon Black Cloud Binary Toolkit 1.0.0

CBC Binary Toolkit

Clone this wiki locally