Palo Alto Networks · Schema
ScanResponse
ScanResponse schema from Palo Alto Networks Prisma AIRS API
Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR
Properties
| Name | Type | Description |
|---|---|---|
| scan_id | string | Unique identifier of the scan. |
| status | string | Current or final status of the scan. |
| report_id | string | Identifier for the detailed scan report. |
| scan_category | string | Highest severity threat category detected. |
| results | array | Per-content scan results corresponding to each submitted content item. |
| tr_id | string | Transaction ID echoed from the request if provided. |
| created_at | string | Timestamp when the scan was submitted. |
| completed_at | string | Timestamp when the scan completed. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"title": "ScanResponse",
"description": "ScanResponse schema from Palo Alto Networks Prisma AIRS API",
"$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/prisma-airs-api-scan-response-schema.json",
"type": "object",
"properties": {
"scan_id": {
"type": "string",
"description": "Unique identifier of the scan."
},
"status": {
"type": "string",
"enum": [
"pending",
"processing",
"completed",
"error"
],
"description": "Current or final status of the scan."
},
"report_id": {
"type": "string",
"description": "Identifier for the detailed scan report."
},
"scan_category": {
"type": "string",
"description": "Highest severity threat category detected."
},
"results": {
"type": "array",
"description": "Per-content scan results corresponding to each submitted content item.",
"items": {
"type": "object",
"properties": {
"prompt_detected": {
"type": "object",
"description": "Threats detected in the prompt field.",
"properties": {
"url_cats": {
"type": "boolean",
"description": "Malicious URL categories detected in prompt."
},
"dlp": {
"type": "boolean",
"description": "Data loss prevention triggers in prompt."
},
"injection": {
"type": "boolean",
"description": "Prompt injection detected."
}
}
},
"response_detected": {
"type": "object",
"description": "Threats detected in the response field.",
"properties": {
"url_cats": {
"type": "boolean",
"description": "Malicious URL categories detected in response."
},
"dlp": {
"type": "boolean",
"description": "Data loss prevention triggers in response."
},
"toxic_content": {
"type": "boolean",
"description": "Toxic or harmful content detected in response."
}
}
},
"verdict": {
"type": "string",
"enum": [
"benign",
"malicious"
],
"description": "Overall verdict for this content pair."
},
"action": {
"type": "string",
"enum": [
"allow",
"block"
],
"description": "Action taken based on the security profile configuration."
}
}
}
},
"tr_id": {
"type": "string",
"description": "Transaction ID echoed from the request if provided."
},
"created_at": {
"type": "string",
"format": "date-time",
"description": "Timestamp when the scan was submitted."
},
"completed_at": {
"type": "string",
"format": "date-time",
"description": "Timestamp when the scan completed."
}
}
}