Skip to main content

List Families

GET /families
Returns a collection of all families in the system.
start
integer
default:"0"
Starting index for pagination
limit
integer
default:"0"
Maximum number of families to return (0 for all)
status
string
Response status
data
object
Dictionary of families keyed by family_id
{
  "status": "successful",
  "data": {
    "1": {
      "family_id": 1,
      "family_name": "emotet",
      "num_samples": 42,
      "is_library": false
    }
  }
}

Get Family

GET /families/{family_id}
Returns detailed information about a specific family.
family_id
integer
required
ID of the family to retrieve
with_samples
boolean
default:"true"
Include detailed sample information in the response
status
string
Response status
data
object
Family details including metadata and optionally samples
{
  "status": "successful",
  "data": {
    "family_id": 1,
    "family_name": "emotet",
    "num_samples": 42,
    "is_library": false,
    "samples": {
      "1": {
        "sample_id": 1,
        "sha256": "abc123...",
        "version": "1.0"
      }
    }
  }
}

Update Family

PUT /families/{family_id}
Updates metadata for an existing family.
family_id
integer
required
ID of the family to update
family_name
string
New family name (0-64 alphanumeric chars with single dots, dashes, underscores)
is_library
boolean
Whether the family is a library
status
string
Response status
data
object
Confirmation message
{
  "status": "successful",
  "data": {
    "message": "Family modified."
  }
}

Delete Family

DELETE /families/{family_id}
Deletes a family and optionally its samples.
family_id
integer
required
ID of the family to delete
keep_samples
boolean
default:"false"
Keep samples but remove them from the family
status
string
Response status
data
boolean
Whether the deletion was successful
By default, deleting a family also deletes all its samples. Set keep_samples=true to preserve samples.

Build docs developers (and LLMs) love

Get started for freeTalk to us