Palo Alto Networks · Schema
SandboxReport
Analysis results from a single sandbox execution environment.
Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR
Properties
| Name | Type | Description |
|---|---|---|
| platform | string | Platform identifier (e.g., 100 for Windows XP SP3). |
| software | string | Sandbox software environment. |
| version | string | |
| summary | object | |
| network | object | |
| process_list | object |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"title": "SandboxReport",
"description": "Analysis results from a single sandbox execution environment.",
"$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/wildfire-api-sandbox-report-schema.json",
"type": "object",
"properties": {
"platform": {
"type": "string",
"description": "Platform identifier (e.g., 100 for Windows XP SP3)."
},
"software": {
"type": "string",
"description": "Sandbox software environment."
},
"version": {
"type": "string"
},
"summary": {
"type": "object",
"properties": {
"@verdict": {
"type": "string",
"enum": [
"benign",
"malware",
"grayware",
"phishing"
]
}
}
},
"network": {
"type": "object",
"properties": {
"dns": {
"type": "array",
"items": {
"type": "object",
"properties": {
"@query": {
"type": "string"
},
"@response": {
"type": "string"
}
}
}
},
"tcp": {
"type": "array",
"items": {
"type": "object",
"properties": {
"@ip": {
"type": "string"
},
"@port": {
"type": "integer"
},
"@country": {
"type": "string"
}
}
}
},
"http": {
"type": "array",
"items": {
"type": "object",
"properties": {
"@request": {
"type": "string"
},
"@response": {
"type": "string"
}
}
}
}
}
},
"process_list": {
"type": "object",
"properties": {
"process": {
"type": "array",
"items": {
"type": "object",
"properties": {
"@name": {
"type": "string"
},
"@pid": {
"type": "string"
},
"@text": {
"type": "string"
}
}
}
}
}
}
}
}