Registration is removed
Success
Success
A list of all possible values of affected file modification types
ID of returned value
Descriptive name of this value
A collection of all file system event types
ID of returned value
Descriptive name of this value
A list of all currently added tags
Success
Success
Current block list data
A timestamp which indicates when the block list was last updated
Count of pattern/file groups
Current honeypot configuration
Honeypot files source path
File placement path collection
Excluded path identifier
Excluded path was removed
A list of all detected security incidents
Identifier of the incident
User for whom the incident was opened
Incident start time
Incident end time, or null if it is still ongoing
Current file system events configuration
Controls the frequency of the execution of queries that access file system events, like all detection strategies
Indicates how often the events are saved to the database
Security incident detection configuration update response
No Content
Tag was removed
Success
Excluded path identifier
Path to exclude
Username for which the path should be excluded from monitoring
Skip list pattern identifier
Skip pattern was removed
An updated honeypot configuration without the selected placement path
Honeypot files source path
File placement path collection
Current SMB monitoring configuration
Indicates whether the SMB listener is enabled or disabled
File integrity configuration
Indicates if the file integrity strategy is enabled
List of monitored paths
Current skip list
List of skip list filter patterns
Scan was successfully stopped
Incident identifier
A list of affected files connected to an incident with a given identifier
Path to affected file before the incident started
Last registered path to affected file
Time of the first suspicious modification of this affected file
Represents enumeration values, defined by ID and name
Collection of path filters
Skip list patterns updated
Password was successfully updated
Excluded path identifier
A single excluded path
Excluded path identifier
Path to exclude
Username for which the path should be excluded from monitoring
Path was successfully removed
Indicates if the file integrity strategy is enabled
List of monitored paths
Incident identifier
A collection of events connected to an incident with a given identifier
Updated file system events configuration
Controls the frequency of the execution of queries that access file system events, like all detection strategies
Indicates how often the events are saved to the database
Security incident detection configuration update response
The timestamp which will be set as the 'last update time' for the block list
Collection of path filters
Block list patterns were updated
Paths that will be recursively scanned
Indicates if file names found during scan should be analyzed to find files with names often used by ransomware
If true, Agent will raise alert on suspicious file found
Returns a newly created scan
Current listing of excluded paths
A collection of excluded paths
An updated honeypot configuration with the new placement path
Honeypot files source path
File placement path collection
Success
Success
A collection of file system events
Updated SMB monitoring configuration
Indicates whether the SMB listener is enabled or disabled
A set of placement paths
Updated honeypot configuration
Honeypot files source path
File placement path collection
File path pattern
Skip pattern added
Request received
Indicates if the file integrity strategy is enabled
Success
Indicates if the file integrity strategy is enabled
List of monitored paths
ID of path to update
Request received
Indicates if the file contents are checked to reduce number of false positives
Success
Indicates if the file integrity strategy is enabled
List of monitored paths
Returns a scan with provided ID
Identifier of the scan
Scan start time
Scan end time if it has ended, or null otherwise
Last file path scanned by this scan, or null if no files were scanned yet
Number of files that were scanned
Number of suspicious files found
Represents enumeration values, defined by ID and name
Paths requested by the user to be scanned
Returns a list of all scans, both ended and ongoing
Identifier of the scan
Scan start time
Scan end time if it has ended, or null otherwise
Last file path scanned by this scan, or null if no files were scanned yet
Number of files that were scanned
Number of suspicious files found
Represents enumeration values, defined by ID and name
Paths requested by the user to be scanned
Success
Tag was successfully added
Current threshold configuration
Indicates if magic number check is enabled and how many files per user are checked
Number of threshold buckets
Limit of data points to analyze
Indicates the threshold levels of a given setting
Indicates the threshold levels of a given setting
Request received
Path prefix to monitor
Indicates if the file contents are checked to reduce number of false positives
Success
Indicates if the file integrity strategy is enabled
List of monitored paths
Returns a list of suspicious files found by this scan
Identifier of the scan
Scan start time
Scan end time if it has ended, or null otherwise
Last file path scanned by this scan, or null if no files were scanned yet
Number of files that were scanned
Number of suspicious files found
Represents enumeration values, defined by ID and name
Paths requested by the user to be scanned
Path to exclude
Username for which the path should be excluded from monitoring
An excluded path entry was created
Excluded path identifier
Path to exclude
Username for which the path should be excluded from monitoring
Path to exclude
Username for which the path should be excluded from monitoring
Created
Registration request
Agent instance identifier
The Guard Mode management server address/host
API key identifier
API key secret
Registration response with an extra data about the node
Fully qualified domain name of the registered agent
Agent's operating system
Indicates if magic number check is enabled and how many files per user are checked
Number of threshold buckets
Limit of data points to analyze
Indicates the threshold levels of a given setting
Indicates the threshold levels of a given setting
Updated threshold configuration
Indicates if magic number check is enabled and how many files per user are checked
Number of threshold buckets
Limit of data points to analyze
Indicates the threshold levels of a given setting
Indicates the threshold levels of a given setting
