Cloud Sandbox file submission API example

Hello Zscaler Cloud Sandbox users,
I was recently presented with a request to submit files to our Cloud Sandbox using our recently released API.
While our documentation covers everything a developer would need to know, there was not a simple walkthrough of how to submit a file.
https://help.zscaler.com/zia/api
https://help.zscaler.com/zia/getting-started-zia-api

For starters, Cloud Sandbox uses a different API base URL.

If you are accessing the Cloud Sandbox Submission API, your host and basePath is csbapi.<Zscaler Cloud Name>/zscsb . (e.g., csbapi.zscalerbeta.net/zscsb ).

Cloud Sandbox also uses a different API key than the rest of the public APIs and must be enabled separately. For subscribers of Zscaler’s Advanced Cloud Sandbox SKU, a support ticket requesting this API key is all that is needed. When opening a support ticket mention that you need the “Cloud Sandbox file submission API key.”

Sandbox API key

Click on the eyeball to view the API key.

You can then use a CURL command to send a file to sandbox using the following command:

curl -k --location --request POST “https://csbapi.zscalertwo.net/zscsb/submit?force=0&api_token=XXXXXXXXX” --data-binary @MalDoc.docx

Replace zscalertwo with the actual cloud name and the X’s with the API token.

If the command was successful, the API service should receive a 200 OK and the MD5 of the file.

chris@ % curl -k --location --request POST “https://csbapi.zscalertwo.net/zscsb/submit?force=0&api_token=XXXXXXXXXXX” --data-binary @MalDoc.docx
{
“code”: 200,
“message”: “/submit response OK”,
“virusName”: “CVE180802”,
“virusType”: “Virus”,
“fileType”: “encrpt”,
“md5”: “BD74930ECC1B91CAFA74E1B0268650AF”,
“sandboxSubmission”: “Virus”
}%

Hope this helps!

Warm Regards,
Chris

4 Likes

@Chris_Louie this is EXCELLENT! Works like a charm. FYI, this will not work on a TRIAL license of Z-BA until https://jira.corp.zscaler.com/browse/BUG-105588 is resolved.