# File Malware Scanner

## API to be implemented by the customer.

<mark style="color:orange;">`PUT`</mark> `https://your-malware-scanner-domain.com/malware-scanner/v1/file`

Symproxy uses this API to submit the attachment for malware scanning.

Malware Scanner implementation should initiate the malware scanning of the attachment after receiving the file successfully.

:information\_source: • It is highly recommended that the API call does not enforce the malware-scanning operation synchronously. Instead, queue the request to some internal queue and return the response back, unblocking the client (Symproxy). • The service should be idempotent. There could be multiple submissions for the same file.

:construction: When invoking the `malware-scanner/v1/file` endpoint on the scanner, symproxy will wait a maximum of 10 seconds for a response from the scanner. If it does not get a response in 10 seconds, it will retry. It will try three times to invoke the `malware-scanner/v1/file` endpoint on the scanner if each previous attempt is unsuccessful.

#### Headers

| Name        | Type    | Description                                                                                                                                                                                                                                   |
| ----------- | ------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| X-Trace-Id  | string  | Trace ID that shall be returned back in header when updating the malware scan state for the file. This field is not required, being used for debugging purposes only.                                                                         |
| X-Ping-Scan | boolean | For diagnostic purposes only. If this header is set to true, the Malware Scanner shall not perform any scanning and just return HTTP 200 OK. This is required (mandatory) to check the connectivity between Symproxy and the Malware Scanner. |

#### Request Body

| Name                                      | Type   | Description                            |
| ----------------------------------------- | ------ | -------------------------------------- |
| content<mark style="color:red;">\*</mark> | string | Attachment body, binary string format. |

{% tabs %}
{% tab title="200: OK Result" %}

```javascript
//Successfully initiated the malware scan of the given file.
```

{% endtab %}

{% tab title="400: Bad Request Result" %}

```javascript
//Bad Request. See response body for further details.
```

{% endtab %}

{% tab title="429: Too Many Requests Result" %}

```javascript
//Too many requests. See response body for further details.
```

{% endtab %}

{% tab title="500: Internal Server Error Result" %}

```javascript
//Server error. See response body for further details.
```

{% endtab %}
{% endtabs %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://rest-api.symphony.com/main/malware-scanner/customer-malware-scanner-apis/file-malware-scanner.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.