Search Analyses

Retrieve analyses that match the given search parameters.

Note: At least one of the search parameters is required to perform the search.

External Documentation

To learn more, visit the Joe Sandbox documentation.

Parameters

Parameter	Description
Detection	The type of detection to search for.
File Name	The name of the scanned file to search for.
MD5	The MD5 value to search for.
Query	A query to filter the search by. The query supports searching across multiple fields including md5, sha1, sha256, filename, threat name, URL, tags, and comments.
SHA1	The SHA1 value to search for.
SHA256	The SHA256 value to search for.
Search Method	Select whether to search by a query to search or use specific search properties.
URL	The scanned URL to search for.

Example Output

{
	"data": [
		{
			"webid": "<string>",
			"time": "2025-01-29T22:13:17+01:00",
			"runs": [
				{
					"detection": "<string>",
					"error": null,
					"system": "<string>",
					"yara": false,
					"sigma": false,
					"suricata": false,
					"score": 2
				},
				{
					"detection": "<string>",
					"error": null,
					"system": "<string>",
					"yara": false,
					"sigma": false,
					"suricata": false,
					"score": 68
				}
			],
			"tags": [],
			"encrypted": false,
			"analysisid": "<string>",
			"duration": 755,
			"md5": "<string>",
			"sha1": "<string>",
			"sha256": "<string>",
			"filename": "<string>",
			"scriptname": "<string>",
			"status": "<string>",
			"comments": "<string>",
			"classification": "<string>",
			"threatname": "<string>",
			"score": 50,
			"detection": "<string>",
			"has_malwareconfig": false
		},
		{
			"webid": "<string>",
			"time": "2025-01-29T22:13:17+01:00",
			"runs": [
				{
					"detection": "<string>",
					"error": null,
					"system": "<string>",
					"yara": false,
					"sigma": false,
					"suricata": true,
					"score": 1
				}
			],
			"tags": [],
			"encrypted": false,
			"analysisid": "<string>",
			"duration": 308,
			"md5": "<string>",
			"sha1": "<string>",
			"sha256": "<string>",
			"filename": "<string>",
			"scriptname": "<string>",
			"status": "<string>",
			"comments": "<string>",
			"classification": "<string>",
			"threatname": "<string>",
			"score": 0,
			"detection": "<string>",
			"has_malwareconfig": false
		}
	]
}

Workflow Library Example

Search Analyses with Joe Sandbox and Send Results Via Email

Preview this Workflow on desktop

Case Management

Automated Case Management

Case Management Dashboard

Case Management Interface

Triggers & Actions

Case Management Settings

Parameters

Example Output

Workflow Library Example

Case Management

Automated Case Management

Case Management Dashboard

Case Management Interface

Triggers & Actions

Case Management Settings

​Parameters

​Example Output

​Workflow Library Example

Parameters

Example Output

Workflow Library Example