Create a Post
Showing results for 
Search instead for 
Did you mean: 

API Query - 1004 NOT_FOUND

Hi there,

I'm using API with R77.30 Local Sandblast Appliances. After successfully uploading files I get 1004 NOT_FOUND when I try Query. 

If I query with just sha1 hash the response includes all 3 file hashes (md5 sha1 & sha256) but but fails to return AV & Extraction results while TE can find file and returns a verdict.

I can see new file handled in ted.elg and stored in te_tmp_files and Emulation returning 'Benign' verdict.  With debug I also see AV scan request and response in log for KavRpcScanFile (assume this is Kaspersky) and BdRpcSan (?) - both log Clean status but this result is never returned in API query. Can't find any logging related to Extraction...

I've attached API queries and responses.



1 Reply
Employee Alumnus
Employee Alumnus


Unfortunately today the TPAPI on the GW does not support AV and Threat Extraction officially. We support this API only in the cloud and we plan to extend this support to GW's as well but without a concrete date yet.  

There is un-official EA support for extraction via API on the GW. If u need this capability you can contact support to get explanation on the configuration but note that the process will change once we will move to GA. 




Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events