Symantec Content Analysis
Integration version: 5.0
Configure Symantec Content Analysis to work with Google Security Operations
Authentication to the REST API is provided using API keys that administratorscan create and manage in the Content Analysis CLI interface. To generate an APIkey:
- Connect to the serial console or SSH to the Content Analysis appliance as auser with administrative privileges.
Enter the boldfaced commands below:
>enablePassword:<enterthepassword>#ma-actionsapi-keycreateadministratorUseoftheMAAPIisnotfullysupportedinCAS.Areyousureyouwanttoproceed?[yes,no]yes***MAAPIinCASisanexperimentalfeatureandnotfullytested;somefunctionsmaynotbehaveasexpected***Notethatkeysarenotstoredonthesysteminplaintextandcannotberetrievedlater.CreatednewAPIKey:<ThisistheAPIkey>(KeyID2)Copy the generated API key and save it in a text file, as it cannot beviewed later.
Configure Symantec Content Analysis integration in Google SecOps
For detailed instructions on how to configure an integration inGoogle SecOps, seeConfigureintegrations.
Actions
Get Hash Report
Description
Get samples for a hash (MD5 and SHA256).
Parameters
N/A
Run On
This action runs on the Filehash entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/APing
Description
Verifies that the user has a connection to Symantec Content Analysis via theuser's device.
Parameters
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/ASubmit File
Description
Upload a file to Symantec Content Analysis for a scan. Symantec provides a RESTAPI for submitting individual files to Content Analysis for evaluation using thecurrent configuration. The API is available to people or programs that want toknow how Content Analysis would evaluate a file, but don't want to translate itinto ICAP, the web-centric protocol that Content Analysis uses.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| File Path | String | N/A | Submit file from path. |
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| file_reputation_score | N/A | N/A |
JSON Result
N/ANeed more help?Get answers from Community members and Google SecOps professionals.
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2026-02-19 UTC.