Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

diagnose antivirus quarantine

Syntax

diagnose antivirus quarantine delete <checksum>

diagnose antivirus quarantine list { all | infected | http | https | smtp }

diagnose antivirus quarantine purge

delete

Delete the files which checksum is as specified.

list

List quarantine files by filters.

all - list all files.

infected - list the files which status is 'infected'.

http - list the files which service is 'http'.

https - list the files which service is 'https'.

smtp - list the files which service is 'smtp'.

purge Delete all quarantine files.

Example

FortiADC-VM # diagnose antivirus quarantine list all

Quarantine List (Count = 6)

-----------------------------

CHECKSUM SIZE FIRST-TIMESTAMP LAST-TIMESTAMP SERVICE STATUS DC TTL FILENAME DESCRIPTION

4c9bf9c5 22528 2018-12-05 17:54 2018-12-05 17:54 HTTP Infected 0 335:56 '4c9bf9c5.HTTP' 'W32/Bika.1910'

4c9bf9c5 22528 2018-12-05 17:54 2018-12-05 17:54 HTTPS Infected 0 335:56 '4c9bf9c5.HTTPS' 'W32/Bika.1910'

4c9bf9c5 22528 2018-12-05 17:54 2018-12-05 17:54 SMTP Infected 0 335:56 '4c9bf9c5.SMTP' 'W32/Bika.1910'

b2c5aca8 8192 2018-12-05 17:54 2018-12-05 17:54 HTTP Infected 0 335:56 'b2c5aca8.HTTP' 'W32/Borges.8192.B'

b2c5aca8 8192 2018-12-05 17:54 2018-12-05 17:54 HTTPS Infected 0 335:56 'b2c5aca8.HTTPS' 'W32/Borges.8192.B'

b2c5aca8 8192 2018-12-05 17:54 2018-12-05 17:54 SMTP Infected 0 335:56 'b2c5aca8.SMTP' 'W32/Borges.8192.B'

FortiADC-VM # diagnose antivirus quarantine delete b2c5aca8

FortiADC-VM # diagnose antivirus quarantine list all

Quarantine List (Count = 3)

-----------------------------

CHECKSUM SIZE FIRST-TIMESTAMP LAST-TIMESTAMP SERVICE STATUS DC TTL FILENAME DESCRIPTION

4c9bf9c5 22528 2018-12-05 17:54 2018-12-05 17:54 HTTP Infected 0 335:55 '4c9bf9c5.HTTP' 'W32/Bika.1910'

4c9bf9c5 22528 2018-12-05 17:54 2018-12-05 17:54 HTTPS Infected 0 335:55 '4c9bf9c5.HTTPS' 'W32/Bika.1910'

4c9bf9c5 22528 2018-12-05 17:54 2018-12-05 17:54 SMTP Infected 0 335:55 '4c9bf9c5.SMTP' 'W32/Bika.1910'

diagnose antivirus quarantine

Syntax

diagnose antivirus quarantine delete <checksum>

diagnose antivirus quarantine list { all | infected | http | https | smtp }

diagnose antivirus quarantine purge

delete

Delete the files which checksum is as specified.

list

List quarantine files by filters.

all - list all files.

infected - list the files which status is 'infected'.

http - list the files which service is 'http'.

https - list the files which service is 'https'.

smtp - list the files which service is 'smtp'.

purge Delete all quarantine files.

Example

FortiADC-VM # diagnose antivirus quarantine list all

Quarantine List (Count = 6)

-----------------------------

CHECKSUM SIZE FIRST-TIMESTAMP LAST-TIMESTAMP SERVICE STATUS DC TTL FILENAME DESCRIPTION

4c9bf9c5 22528 2018-12-05 17:54 2018-12-05 17:54 HTTP Infected 0 335:56 '4c9bf9c5.HTTP' 'W32/Bika.1910'

4c9bf9c5 22528 2018-12-05 17:54 2018-12-05 17:54 HTTPS Infected 0 335:56 '4c9bf9c5.HTTPS' 'W32/Bika.1910'

4c9bf9c5 22528 2018-12-05 17:54 2018-12-05 17:54 SMTP Infected 0 335:56 '4c9bf9c5.SMTP' 'W32/Bika.1910'

b2c5aca8 8192 2018-12-05 17:54 2018-12-05 17:54 HTTP Infected 0 335:56 'b2c5aca8.HTTP' 'W32/Borges.8192.B'

b2c5aca8 8192 2018-12-05 17:54 2018-12-05 17:54 HTTPS Infected 0 335:56 'b2c5aca8.HTTPS' 'W32/Borges.8192.B'

b2c5aca8 8192 2018-12-05 17:54 2018-12-05 17:54 SMTP Infected 0 335:56 'b2c5aca8.SMTP' 'W32/Borges.8192.B'

FortiADC-VM # diagnose antivirus quarantine delete b2c5aca8

FortiADC-VM # diagnose antivirus quarantine list all

Quarantine List (Count = 3)

-----------------------------

CHECKSUM SIZE FIRST-TIMESTAMP LAST-TIMESTAMP SERVICE STATUS DC TTL FILENAME DESCRIPTION

4c9bf9c5 22528 2018-12-05 17:54 2018-12-05 17:54 HTTP Infected 0 335:55 '4c9bf9c5.HTTP' 'W32/Bika.1910'

4c9bf9c5 22528 2018-12-05 17:54 2018-12-05 17:54 HTTPS Infected 0 335:55 '4c9bf9c5.HTTPS' 'W32/Bika.1910'

4c9bf9c5 22528 2018-12-05 17:54 2018-12-05 17:54 SMTP Infected 0 335:55 '4c9bf9c5.SMTP' 'W32/Bika.1910'