Anzenna Public API
  1. data exfiltration
Anzenna Public API
  • data exfiltration
    • List file movement activities
      POST
    • Get file movement activity by id
      GET
    • List git events
      POST
    • Get a specific git event by id
      GET
    • List git repositories
      POST
    • Get a specific git repository
      GET
    • List files used with data exfiltration.
      POST
    • Get a specific data exfiltration file
      GET
    • Query database exfiltration events
      POST
  • api key
    • Get API key information
      GET
  • login events
    • List login events
      POST
    • Get a login event by ID
      GET
  • browser applications
    • Query all browser applications
      POST
    • List browser application instances
      POST
  • browser application instances
    • Get an browser application by id
      GET
    • Get a browser application by id
      GET
  • browser history
    • List browser history entries
      POST
  • data sharing
    • Query database share grants
      POST
    • Query database share user additions
      POST
    • List file sharing instances
      POST
    • List documents
      POST
    • Get document by id
      GET
  • devices
    • List devices
    • Get a device
    • Get a device
  • device policies
    • List device policies
    • Get a device policy
    • Get a device policy
  • device applications
    • List device applications
    • Get a device application
    • Get a device application
  • device infections
    • List device infections
    • Get a device infection
    • Get a device infection
  • ide applications
    • List IDE applications
    • Get an IDE application
    • Get an IDE application
  • ide application instances
    • Query IDE application instances.
  • mcp servers
    • List MCP servers
    • Get an MCP server
    • Get an MCP server
  • mcp server instances
    • Query MCP server installations
  • device application instances
    • Query device application instances.
  • mfa
    • Query all mfa statuses
  • oauth applications
    • Query all OAuth applications
    • Get an OAuth application by id
    • Get an OAuth application by id
  • oauth application instances
    • Query all OAuth application instances
  • passwords
    • Query all password reuse instances
  • people
    • Query all people
    • Get a person by id
    • Get a person by id
    • Add a category to multiple people
    • Remove a category from multiple people
  • account
    • List accounts
    • Get an account by id
    • Get an account by id
  • phishing interactions
    • Query all phishing interactions
  • company wide risk trends
    • Get company risk trends
  • high risk organizations
    • Get number of high risk organizations
  • detections
    • Get key finding detections
    • Get detection details
    • Get detection details
    • List users associated with a given detection
    • List users associated with a given detection
  • shadow it
    • Query all Shadow IT instances
  • advanced query
    • Execute an advanced query
  • events
    • List security events
  • sources
    • Query raw events
  • allowlist
    • Query all allowlists
    • Create a new allowlist
    • Update an allowlist
    • Delete an allowlist
  1. data exfiltration

Get file movement activity by id

GET
/data-exfiltration/file-movements/{id}
Get file movement

Request

Authorization
Bearer Token
Provide your bearer token in the
Authorization
header when making requests to protected resources.
Example:
Authorization: Bearer ********************
or
Path Params

Responses

🟢200
application/json
Successful operation
Body

🟠401
🟠403
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request GET '/data-exfiltration/file-movements/' \
--header 'Authorization: Bearer <token>'
Response Response Example
{
    "id": "string",
    "person_id": "8CA67511-744C-4D74-B26E-7281CF88712F",
    "person_email": "string",
    "person_name": "string",
    "timestamp": "2023-10-01T12:00:00Z",
    "file_id": "string",
    "file_name": "string",
    "exfiltration_suspected": true,
    "device_id": "string",
    "movement_type": "airdrop",
    "risk_score": 9.2,
    "remote_host": "dropbox.com",
    "remote_ip": "string",
    "risk_factors": [
        {
            "type": "sensitive_file",
            "magnitude": 40
        }
    ],
    "allowlisted": true
}
Modified at 2026-02-10 23:10:01
Previous
List file movement activities
Next
List git events
Built with