Check Brief Status

This URL checks the analysis status.

Resource URL

GET https://<MATD_IP>/php/samplestatus.php

This URL takes iTaskId or jobId

iTaskId Parameter:

  • The iTaskId must be previously returned value in the File/URL submission step.
  • Retrieve the istate or status value from the response of samplestatus.php.
    • When analysis is complete, the istate=1 or 2.
    • When sample is waiting in the queue, the istate=4.
    • When sample is being analyzed, the istate=3.
    • When analysis is failed, istate=-1.
  • Only when the istate=1 or 2, continue to get the results.

Input parameters

Input parameter Description Data type
iTaskId This is the returned iTaskId value in the submission step. Number

Output parameters

Output parameter Description Data type
success Success is true if the request is processed successfully else false. String
taskid Task ID of the submitted sample file. Numeric
istate istate is a numeric value as explained above. Numeric
status Current status of the sample.

Example: waiting / analyzing / completed.

String
filename Name of the sample file. String
md5 The MD5 hash value of the sample file as calculated by McAfee Advanced Threat Defense. Hexadecimal
vmProfile The internally assigned ID for the VM Profile that was used. Numeric
jobid Job ID of the submitted sample file. Numeric
submitTime Time when the sample was uploaded for analysis. Timestamp
summaryFiles Summary file available. This field is valid only when istate is either 1 or 2.
useLogs User logs available. This field is valid only when istate is either 1 or 2.
asmListing Disassembly result available. This field is valid only when istate is either 1 or 2.
PEInfo PE information available. This field is valid only when istate is either 1 or 2.
family Family similarity available. This field is valid only when istate is either 1 or 2.
userid User ID through which the files are submitted.
vmName VM name based on the operating system that was used for dynamic analysis. String
vmDesc The user-provided description for the analyzer VM that was used for dynamic analysis. String

jobId Parameter:

  1. When jobId is passed as parameter, output json response contains only one parameter 'status' and it contains below values.
    • 5 — completed
    • 3 — analyzing
    • 2 — waiting
    • -1 — failed
    • 0 — sample submitted but taskid not generated yet
  2. When jobId for a zip file is passed as parameter then the status value in the json is the minimum value of status of individual samples in the zip file.
  3. When jobId is passed as parameter, output json response contains parameter 'allEngineState' and it contains below values.
    • 1 — The sample is analyzed on all VMs submitted.
    • 0 — The analysis is failed or canceled in any of the VMs submitted.

Example

Input

https://<MATD_IP>/php/samplestatus.php?iTaskId=52

Output

{"success":true, "results":{"userid":1,"taskid":52,"istate":3,"status":"Analyzing",
"filename":"mv0107-2.exe","md5":"b01f5c6b23f5073228aa6d1e05579be4","vmProfile":"1","jobid":
55,
"submitTime":"2013-03-02 10:08:47","summaryFiles":"0","useLogs":"0",
"asmListing":"0","PEInfo":"0",
"family":"0","vmName":"Win-XP-SP3-32bit","vmDesc":"XP SP3 32-bit with all reports"} }

Input

https://<MATD_IP>/php/samplestatus.php?jobId=69

Output

{'status': 5, 'allEngineState': 1, 'severity': 5, 'success': 'true'}