sandbox

The following methods allow for interaction with the ZIA Cloud Sandbox API endpoints.

Methods are accessible via zia.sandbox

class CloudSandboxAPI

__init__(api)

get_quota()

Returns the Cloud Sandbox API quota information for the organisation.

Returns:

The Cloud Sandbox quota report.

Return type:

Box

Examples

>>> pprint(zia.sandbox.get_quota())

get_report(md5_hash, report_details='summary')

Returns the Cloud Sandbox Report for the provided hash.

Parameters:

• md5_hash (str) – The MD5 hash of the file that was analysed by Cloud Sandbox.

• report_details (str) – The type of report. Accepted values are ‘full’ or ‘summary’. Defaults to ‘summary’.

Returns:

The cloud sandbox report.

Return type:

Box

Examples

Get a summary report:

>>> zia.sandbox.get_report('8350dED6D39DF158E51D6CFBE36FB012')

Get a full report:

>>> zia.sandbox.get_report('8350dED6D39DF158E51D6CFBE36FB012', 'full')

submit_file(file, force=False)

Submits a file to the ZIA Advanced Cloud Sandbox for analysis.

Parameters:

• file (str) – The filename that will be submitted for sandbox analysis.

• force (bool) – Force ZIA to analyse the file even if it has been submitted previously.

Returns:

The Cloud Sandbox submission response information.

Return type:

Box

Examples

Submit a file in the current directory called malware.exe to the cloud sandbox, forcing analysis.

>>> zia.sandbox.submit_file('malware.exe', force=True)