GET /service/api/console/gsm/{gsmKey}/sites/{siteId}/groups/{groupId}/threathistory
?startDate={startDate}
&endDate={endDate}
&returnedInfo={returnedInfo}
&pageSize={pageSize}
&pageNr={pageNr}

Gets threat history information for endpoints on a group.

NOTE: The maximum allowed time difference between 'startDate' and 'endDate' is 3 calendar months.

Request Information

URI Parameters

Name	Description	Type	Additional Information
gsmKey	The GSM console keycode.	string	Required
siteId	The site identifier.	string	Required
groupId	The group identifier.	string	Required
startDate	If specified, returns all threat history records after (or at) the given date. If omitted, defaults to 'endDate' minus 24 hours.	date	None.
endDate	If specified, returns all threat history records before (or at) the given date. If omitted, defaults to the current date and time.	date	None.
returnedInfo	A comma separated list of classes of information to be provided in response data. Currently only the "ExtendedInfo" class is supported as a value. If omitted, general threat record information is returned only.	string	None.
pageSize	Specifies the number of records to return.	integer	Default value is 50
pageNr	Specifies the page number. Can be used to retrieve the next batch of records.	integer	Default value is 1

URI Sample(s)


GET	https://unityapi.webrootcloudav.com/service/api/console/gsm/3515-3EC8-3018-4DAB-A776/sites/3c5b599c-f244-4c7e-a78b-b3e9f252fac8/groups/4f08f3ad-7688-4d40-98a6-89bbf7df3daf/threathistory
GET	https://unityapi.webrootcloudav.com/service/api/console/gsm/3515-3EC8-3018-4DAB-A776/sites/3c5b599c-f244-4c7e-a78b-b3e9f252fac8/groups/4f08f3ad-7688-4d40-98a6-89bbf7df3daf/threathistory?returnedInfo=ExtendedInfo
GET	https://unityapi.webrootcloudav.com/service/api/console/gsm/3515-3EC8-3018-4DAB-A776/sites/3c5b599c-f244-4c7e-a78b-b3e9f252fac8/groups/4f08f3ad-7688-4d40-98a6-89bbf7df3daf/threathistory?startDate=2018-09-01&endDate=2018-09-30&pageSize=100&pageNr=3

Body Parameters

None.

Response Information

Resource Description

Information about matching threat history records.

GetThreatHistoryResponseModel

Name	Description	Type	Additional Information
MoreAvailable	Value indicating whether more records are available in the queried time window. Increment the page number in the query to obtain additional threat history records.	boolean	None.
PageNr	The number of the page that was requested.	integer	None.
PageSize	The size of the page that was requested.	integer	None.
StartDate	Start date for returned records. Threat history entries after (or at) this date are contained in the response.	date	None.
EndDate	End date for returned records. Threat history entries before (or at) this date are contained in the response.	date	None.
ThreatRecords	List of threat history records.	Collection of GetThreatHistoryResponseModel_Record	None.

Sample Response

{
  "MoreAvailable": false,
  "PageNr": 1,
  "PageSize": 50,
  "StartDate": "2026-02-12T19:11:39.8930966Z",
  "EndDate": "2026-05-12T19:11:39.8930966Z",
  "ThreatRecords": [
    {
      "EndpointId": "b8808366-91c3-4e96-80d9-f62608da527f",
      "MachineId": "D090491283524268996E32C92EB8E7F1:::0A42900C7DE9463E9D1DB56A99ACCFF5:::0A42900C7DE9463E9D1DB56A99ACCFF5",
      "HostName": "MyComputer1",
      "FileName": "eicar.com",
      "PathName": "?:\\users\\user1\\desktop",
      "MalwareGroup": "Anti-Malware Testfile",
      "FirstSeen": "2026-04-29T19:11:39.8930966Z",
      "LastSeen": "2026-05-10T19:11:39.8930966Z",
      "ExtendedInfo": {
        "DwellTime": 500,
        "FileMD5": "35F6086B689B44CDB63A9E029E09D1C4",
        "FileSize": 68,
        "UserName": "User1",
        "IPAddress": "95.0.139.30",
        "Determination": "B",
        "FileVendor": "",
        "FileProduct": "",
        "FileVersion": ""
      }
    },
    {
      "EndpointId": "9622bbff-4587-4026-b666-45e48d4c4b76",
      "MachineId": "97282FB90609468F9220F76F5A5FE289:::5F7AD5B027374594906FA0FE419A0DD3:::5F7AD5B027374594906FA0FE419A0DD3",
      "HostName": "MyComputer2",
      "FileName": "eicar.com",
      "PathName": "?:\\users\\user2\\desktop",
      "MalwareGroup": "Anti-Malware Testfile",
      "FirstSeen": "2026-04-29T19:11:39.8930966Z",
      "LastSeen": "2026-05-10T19:11:39.8930966Z",
      "ExtendedInfo": {
        "DwellTime": 574,
        "FileMD5": "2F674B4D13B2425FAB8970E6E2A1FDAD",
        "FileSize": 68,
        "UserName": "User2",
        "IPAddress": "95.104.37.248",
        "Determination": "B",
        "FileVendor": "",
        "FileProduct": "",
        "FileVersion": ""
      }
    }
  ]
}

<GetThreatHistoryResponseModel xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.datacontract.org/2004/07/Webroot.UnityAPI.ServiceExtension.Console.Models">
  <EndDate>2026-05-12T19:11:39.8930966Z</EndDate>
  <MoreAvailable>false</MoreAvailable>
  <PageNr>1</PageNr>
  <PageSize>50</PageSize>
  <StartDate>2026-02-12T19:11:39.8930966Z</StartDate>
  <ThreatRecords>
    <GetThreatHistoryResponseModel_Record>
      <EndpointId>b8808366-91c3-4e96-80d9-f62608da527f</EndpointId>
      <ExtendedInfo>
        <Determination>B</Determination>
        <DwellTime>500</DwellTime>
        <FileMD5>35F6086B689B44CDB63A9E029E09D1C4</FileMD5>
        <FileProduct></FileProduct>
        <FileSize>68</FileSize>
        <FileVendor></FileVendor>
        <FileVersion></FileVersion>
        <IPAddress>95.0.139.30</IPAddress>
        <UserName>User1</UserName>
      </ExtendedInfo>
      <FileName>eicar.com</FileName>
      <FirstSeen>2026-04-29T19:11:39.8930966Z</FirstSeen>
      <HostName>MyComputer1</HostName>
      <LastSeen>2026-05-10T19:11:39.8930966Z</LastSeen>
      <MachineId>D090491283524268996E32C92EB8E7F1:::0A42900C7DE9463E9D1DB56A99ACCFF5:::0A42900C7DE9463E9D1DB56A99ACCFF5</MachineId>
      <MalwareGroup>Anti-Malware Testfile</MalwareGroup>
      <PathName>?:\users\user1\desktop</PathName>
    </GetThreatHistoryResponseModel_Record>
    <GetThreatHistoryResponseModel_Record>
      <EndpointId>9622bbff-4587-4026-b666-45e48d4c4b76</EndpointId>
      <ExtendedInfo>
        <Determination>B</Determination>
        <DwellTime>574</DwellTime>
        <FileMD5>2F674B4D13B2425FAB8970E6E2A1FDAD</FileMD5>
        <FileProduct></FileProduct>
        <FileSize>68</FileSize>
        <FileVendor></FileVendor>
        <FileVersion></FileVersion>
        <IPAddress>95.104.37.248</IPAddress>
        <UserName>User2</UserName>
      </ExtendedInfo>
      <FileName>eicar.com</FileName>
      <FirstSeen>2026-04-29T19:11:39.8930966Z</FirstSeen>
      <HostName>MyComputer2</HostName>
      <LastSeen>2026-05-10T19:11:39.8930966Z</LastSeen>
      <MachineId>97282FB90609468F9220F76F5A5FE289:::5F7AD5B027374594906FA0FE419A0DD3:::5F7AD5B027374594906FA0FE419A0DD3</MachineId>
      <MalwareGroup>Anti-Malware Testfile</MalwareGroup>
      <PathName>?:\users\user2\desktop</PathName>
    </GetThreatHistoryResponseModel_Record>
  </ThreatRecords>
</GetThreatHistoryResponseModel>

GET /service/api/console/gsm/{gsmKey}/sites/{siteId}/groups/{groupId}/threathistory ?startDate={startDate} &endDate={endDate} &returnedInfo={returnedInfo} &pageSize={pageSize} &pageNr={pageNr}