Parameter | Description |
---|---|
Patterns | Specify an array of hex patterns or strings to search for within file contents at the byte level. Each pattern should be an object with “type” and “value” fields. For example: [ { "type":"hex", "value":"8948208b480833ca33f989502489482889782c8bd7" }, { "type":"ascii", "value":"suspicious_string" } ] |
Parameter | Description |
---|---|
File Types | A comma-separated list of file types to restrict search results by. For example: * EMAIL * PCAP * PDF * PE32 |
Limit | The maximum number of matching files to return in the response. |
Max Date | Only include files first observed before this date. |
Max Size | Only include files smaller than this size. Accepts values in bytes or with units. For example: * 128000 * 1.3KB * 8MB * 2GB |
Metadata Fields | A comma-separated list of metadata fields to include in results. For example: * sha256 * md5 * type * size * first_seen * label * family |
Min Date | Only include files first observed after this date. |
Min Size | Only include files larger than this size. Accepts values in bytes or with units. For example: * 128000 * 1.3KB * 8MB * 2GB |