Get memory protection event
Request details for a specific memory protection event.
|
Service endpoint |
/memoryprotection/v2/{device_image_file_event_id} |
|
Optional query string parameters |
— |
|
Example |
https://protectapi.cylance.com/memoryprotection/v2/40d04bf5-c5d7-495f-805a-28c6fc8ac12chttps://protectapi.cylance.com/users/v2 |
|
Method |
HTTP/1.1 GET |
|
Request headers |
|
Request
None
Response
Please see the Response status codes for more information.
Response JSON schema
| Field Name | Description |
|---|---|
|
action |
This is the action take on the memory protection event.
|
|
agent_event_id |
This is the unique identifier for the memory protection event, created by the agent. |
|
created |
This is the date and time the memory protection event was created. |
|
device_id |
This is the unique identifier for the device. |
|
device_image_file_event_id |
This is the unique identifier for the memory protection event. Use this information for get memory protection event. |
|
dll_version |
This is the agent version that identified the memory protection event. |
|
file_hash_id |
This is the SHA256 hash for the threat. |
|
file_version |
This is the version number of the file that caused the memory protection event. |
|
groups |
These are the groups the user belongs to. |
|
image_name |
This is the path and name of the file that triggered the memory protection event. |
|
process_id |
This is the process ID of the memory protection event. It is generated by the operating system. |
|
sid |
This is the security identifier for the user, group, or other security principal. It is generated by the operating system. |
|
username |
This is the name of the user who was logged in to the device when the memory protection event occurred. |
|
violation_type |
This is the violation type number for the memory protection event. See Memory violation types for more information. |