Palo Alto Networks · Schema
AtpReport
Advanced Threat Prevention inline analysis report.
Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR
Properties
| Name | Type | Description |
|---|---|---|
| id | string | Unique report identifier. |
| sha256 | string | SHA-256 hash of the analyzed sample. |
| status | string | |
| verdict | string | |
| create_time | string | |
| report | object | Detailed behavioral analysis data. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"title": "AtpReport",
"description": "Advanced Threat Prevention inline analysis report.",
"$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/threat-vault-api-atp-report-schema.json",
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "Unique report identifier."
},
"sha256": {
"type": "string",
"description": "SHA-256 hash of the analyzed sample."
},
"status": {
"type": "string",
"enum": [
"pending",
"complete",
"error"
]
},
"verdict": {
"type": "string",
"enum": [
"benign",
"malware",
"grayware",
"phishing",
"unknown"
]
},
"create_time": {
"type": "string",
"format": "date-time"
},
"report": {
"type": "object",
"description": "Detailed behavioral analysis data.",
"properties": {
"file_type": {
"type": "string"
},
"size": {
"type": "integer"
},
"behaviors": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"description": {
"type": "string"
},
"severity": {
"type": "string"
}
}
}
},
"network": {
"type": "object",
"properties": {
"dns_queries": {
"type": "array",
"items": {
"type": "string"
}
},
"http_requests": {
"type": "array",
"items": {
"type": "string"
}
},
"connections": {
"type": "array",
"items": {
"type": "object",
"properties": {
"dst_ip": {
"type": "string"
},
"dst_port": {
"type": "integer"
},
"protocol": {
"type": "string"
}
}
}
}
}
}
}
}
}
}