search cancel

Testing Virus Total connectivity from the command line on Security Analytics

book

Article ID: 169258

calendar_today

Updated On:

Products

Security Analytics Security Analytics - VA

Issue/Introduction

How do you know if Virus Total is connecting correctly?  Is there a way to test connectivity via command line?
 

Resolution

A simple CURL command can be used to test connectivity and the VT API key.

# curl https://www.virustotal.com/vtapi/v2/file/report -F resource=1394942aef881f6fa872e0ce8c604bccb0ece22693b4fb5a5db0f5f2e6979f5e -F apikey=<vt-api-key>

The parameter "resource=" can be changed to the SHA256 hash of any file in the Virus Total database.

The parameter "apikey=" needs to be a valid Virus Total API key.

If connectivity is present and the API key is valid, a file report will be returned in JSON format.

If the API key is invalid, VT will return no text at all.

If connectivity is problematic, CURL will return an error such as "curl: (7)" for a connection failure.
CURL status codes may be found here: https://curl.haxx.se/libcurl/c/libcurl-errors.html