Table of contents
Topics on this page

GCP Cloud Storage scans and tags

Scan a file

To scan a file, upload it to the Cloud Storage bucket:

  1. In GCP, go to Products > Cloud Storage and find your bucket to scan.
  2. Under the Objects tab, select Upload Files to add your file to the bucket.

    File Storage Security detects that a file has been added to the bucket and scans the file. For details on the scanning process, see this Architecture diagram.

You can now view the metadata within the GCP environment.

You can also view scan results in Cloud Logging and be notified of scan results through the Pub/Sub topic.

View the metadata

File Storage Security adds GCP metadata to the files it scans. The metadata contains a short description of the scan results, and starts with the prefix fss-*. You'll only see the fss-* metadata pertaining to the latest scan; tags from past scans are not kept. Additionally, all non-fss-* tags are preserved.

Below is an image of the tags, as they appear in GCP Cloud Storage.

GCP Cloud Storage tags

To view the metadata added by File Storage Security:

  1. In GCP, go to Product > Cloud Storage and find your valid bucket to scan.
  2. Under the Objects tab, select a file that has been scanned.
  3. Select Edit Metadata.
  4. Scroll to the Custom metadata section.

    The metadata added by File Storage Security should appear. They are:

    • fss-error-message: Appears if the fss-scan-result tag value is failure. Shows error message text.
    • fss-scan-date: Shows the date and time in UTC that the file was scanned. -fss-scan-result: Shows the scan result. Possible values are:

      • no issues found: Indicates that no malware was detected.
      • malicious: Indicates that known malware was detected.
      • failure: Indicates that the scan failed. (A failure does not necessarily mean that File Storage Security failed.)
    • fss-scan-detail-code: Appears if fss-scan-result is not failure. It shows the status code that indicates the details of the scan.

      • 0: Scan completed without any more details.
      • 100~199: Some scans are skipped due to existing parameters. Contact support if you need assistance.
    • fss-scan-detail-message: Contains text if fss-scan-result is not failure. It shows the status code message corresponding to fss-scan-detail-code.

    • fss-scanned: Indicates whether the file was scanned by File Storage Security. Possible values are true and false.

    If you don't see the above metadata, it means that the file has not been scanned.