Overview MetaDefender Sandbox API Reference Release Notes
Getting Started
Deployment & Usage
Support
Configuration
3.1.1
Search this version
Configuration
Configuration
Architectural Overview
FRONTEND CONFIGURATION
BACKEND CONFIGURATION
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
Email Notifications
Copy Markdown
Open in ChatGPT
Open in Claude
It is possible to get email notifications about completed scan reports. This can also be done selectively for reports with specific verdicts.
Please use your SMTP server credentials when configuring the following properties in /home/sandbox/sandbox/broker.cfg:
#############################
# Email Notification settings
#
# Note: use '--test-email' CLI to test the smtp settings
#############################
smtpServer=
smtpPort=465
smtpUser=
smtpPass=
smtpUseSSL=true
smtpUseStartTLS=false
smtpDebugEnabled=true
# Note: specify a list of emails separated by comma (e.g. "analyst1@domain.com,analyst2@domain.com")
notifyEmails=
notifyEmailsIgnoreDomains=
# Note: use 'ALL' to notify on any verdict
notifyEmailsOnVerdicts=LIKELY_MALICIOUS,MALICIOUS
# Note: if enabled, whenever a report is generated for a msg/eml/rfc822 file, the "to" address is notified in addition to 'notifyEmails'
notifyEmailSenderOfEmailFiles=false
notifyEmailReceiverOfEmailFiles=false
notifyEmailsDefaultSender=noreply@mydomain.com
# Note: if enabled, whenever a report is generated for a msg/eml/rfc822 file, the "from" header will be set to the original sender
notifyEmailsUseOriginalSender=false
# Note: the following placeholder may be used: $SHA-256
# e.g. notifyEmailsIncludeUrlInAlert=https://www.filescan.io/search-result?query=$SHA-256
notifyEmailsIncludeUrlInAlert=
This is an excerpt from an example email notification about a likely malicious scan report:
From: <noreply@filescan.io>
Subject: [FSIO] Completed analysis for 'pafish.exe' (Task ID: 5f709158-c08f-4fb9-a43f-597873aedef2): { "verdict": "LIKELY_MALICIOUS", "threatLevel": 0.75, "confidence": 1 }
---------------------------- Analysis Overview ----------------------------
fsBroker version: 1.1.0-2f62d72
SHA-256: 9e7d694ed87ae95f9c25af5f3a5cea76188cd7c1c91ce49c92e25585f232d98e
Submit ID: d6809fa3-e226-4484-b07b-1f68ba259a46
Task ID: 5f709158-c08f-4fb9-a43f-597873aedef2
Date: 2023-10-291 07:52+0000291
submitName: pafish.exe
mediaType:
{
"string": "application/x-msdownload; format\u003dpe32",
"slash": 11,
"semicolon": 24,
"parameters": {
"format": "pe32"
}
}
---------------------------- Report Overview ----------------------------
overallState:
"SUCCESS"
finalVerdict:
{
"verdict": "LIKELY_MALICIOUS",
"threatLevel": 0.75,
"confidence": 1
}
allTags:
[
{
"source": "YARA_RULE",
"sourceIdentifier": "9e7d694ed87ae95f9c25af5f3a5cea76188cd7c1c91ce49c92e25585f232d98e",
"isRootTag": false,
"tag": {
"name": "anti-vm",
"synonyms": [],
"descriptions": [],
"verdict": {
"verdict": "UNKNOWN",
"threatLevel": 0,
"confidence": 1
}
}
},
{
"source": "OSINT_LOOKUP",
"sourceIdentifier": "9e7d694ed87ae95f9c25af5f3a5cea76188cd7c1c91ce49c92e25585f232d98e",
"tag": {
"name": "hlux",
"synonyms": [],
"descriptions": [],
"verdict": {
"verdict": "LIKELY_MALICIOUS",
"threatLevel": 0.75,
"confidence": 1
}
}
},
{
"source": "OSINT_LOOKUP",
"sourceIdentifier": "9e7d694ed87ae95f9c25af5f3a5cea76188cd7c1c91ce49c92e25585f232d98e",
"tag": {
"name": "khalesi",
"synonyms": [
"KPOT Stealer",
"kpot"
],
"verdict": {
"verdict": "LIKELY_MALICIOUS",
"threatLevel": 0.75,
"confidence": 1
}
}
}
]
Last updated on
Was this page helpful?
Next to read:
FeaturesSee the "Technical Datasheet" for a complete list of features: https://docs.opswat.com/filescan/datasheet/technical-datasheet
Discard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message