Operations
MetaDefender Storage Security allows users to manually initiate a new scan for files. This feature provides control and flexibility, enabling rescans for the following scenarios:
- Investigating potential false positives
- Re-evaluating a file after anti-malware definition updates
- Re-processing a file after a policy configuration change
- Attempting to scan an encrypted file by providing the correct password(s)
Files can be rescanned using either the graphical user interface (GUI) or the Application Programming Interface (API).
Using the GUI
You can initiate a rescan directly from the MetaDefender Storage Security web interface:
- Navigate to the Active Scans page or the Reports page.
- Locate the specific file you wish to rescan within the list (status is indicated by icons or labels).
- Click the Reprocess File button in the actions column for the blocked or failed file. For encrypted files, click the lock icon, enter the passwords, and click the rescan icon.
- The file will be re-queued for processing using the currently applicable workflow.
- Monitor the scan progress and final result on the Reports page.
Alternatively, navigate to the file’s detail page and use the Scan Again option there.
Using the API
- Files can be programmatically submitted for rescan using the PUT - Scan a File On-DemandAPI from the MetaDefender Storage Security API. This is useful for automation or integration with other systems.
- You will need the unique identifier (
fileId) of the blocked file you wish to rescan. This ID can typically be retrieved from scan reports or event logs associated with the initial block action. - Missing Information : the specific endpoint for triggering a rescan of any blocked file in MDSS based on
fileIdshould be documented here / link to it - Send an API request (POST) to the determined endpoint. The request body should be in JSON format (below)
- The API should return a response indicating whether the rescan request was successfully submitted (a success message, perhaps a new
data_idor task ID for tracking or whatever it is). The actual scan results will be available asynchronously and can be retrieved via subsequent API calls or viewed in the GUI.
For standard rescan
{ "fileId": "{string}", "scanId": "{string}", "storageProtocolType": "{int32}",}For encrypted blocked files
{ "fileId": "{string}", "scanId": "{string}", "storageProtocolType": "{int32}", "passwords": ["password_1","password_2"]}Full API documentation is available to guide your implementation.
Was this page helpful?
