GRR
Version: 2.0.6
GRR Rapid Response is an incident response framework focused on remote live forensics.
Connect GRR Authentication Information with LogicHub
- Navigate to Automations > Integrations.
- Search for GRR Rapid Response.
- Click Details, then the + icon. Enter the required information in the following fields.
- Label: Enter a connection name.
- Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
- Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
- Remote Agent: Run this integration using the LogicHub Remote Agent.
- End Point: The URI of your GRR server.
- Username: Username for the GRR server.
- Password: Password for the GRR server.
- After you've entered all the details, click Connect.
Actions for GRR Authentication Information
List Hunts
Retrieve all the hunts.
Input Field
Choose a connection that you have previously created to complete the connection.
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: Runs thorough analysis.
{
"has_error": false,
"results": [
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1611292558530927",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:7C6B11F9",
"isRobot": true,
"huntId": "H:7C6B11F9",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1610687599751721",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:AE8B5617",
"isRobot": true,
"huntId": "H:AE8B5617",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1610082709345848",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:862C8EDA",
"isRobot": true,
"huntId": "H:862C8EDA",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1609477806512844",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:B447D00B",
"isRobot": true,
"huntId": "H:B447D00B",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1608872932791601",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:5A2CE614",
"isRobot": true,
"huntId": "H:5A2CE614",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1608268087045480",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:75203EFD",
"isRobot": true,
"huntId": "H:75203EFD",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1607663277947203",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:92B387DC",
"isRobot": true,
"huntId": "H:92B387DC",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1607058318005482",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:212D46B4",
"isRobot": true,
"huntId": "H:212D46B4",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1606453388159662",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:6D3A5C86",
"isRobot": true,
"huntId": "H:6D3A5C86",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1605848470571387",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:79D67F34",
"isRobot": true,
"huntId": "H:79D67F34",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1605243573906389",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:B411B97D",
"isRobot": true,
"huntId": "H:B411B97D",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1604638727516701",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:DFBF392",
"isRobot": true,
"huntId": "H:DFBF392",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1604033891283618",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:7F32F7AC",
"isRobot": true,
"huntId": "H:7F32F7AC",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1603429076438226",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:210FC002",
"isRobot": true,
"huntId": "H:210FC002",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1602824275244959",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:6B24A7F3",
"isRobot": true,
"huntId": "H:6B24A7F3",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1602219260109136",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:49A086B1",
"isRobot": true,
"huntId": "H:49A086B1",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1601614439321280",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:251CD19C",
"isRobot": true,
"huntId": "H:251CD19C",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1601009502020898",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:9F8F224A",
"isRobot": true,
"huntId": "H:9F8F224A",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1600404681243083",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:CC18B0A7",
"isRobot": true,
"huntId": "H:CC18B0A7",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1599799730594210",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:2B5C294A",
"isRobot": true,
"huntId": "H:2B5C294A",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1599194930320260",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:37DB75E5",
"isRobot": true,
"huntId": "H:37DB75E5",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1598590004978922",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:B6292DF9",
"isRobot": true,
"huntId": "H:B6292DF9",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1597985047082265",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:8B8593D6",
"isRobot": true,
"huntId": "H:8B8593D6",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1597380106241883",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:32C35A5F",
"isRobot": true,
"huntId": "H:32C35A5F",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1596775191063844",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:79ECD30D",
"isRobot": true,
"huntId": "H:79ECD30D",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1596170280927853",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:3397BCF3",
"isRobot": true,
"huntId": "H:3397BCF3",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1595565390773649",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:9D8C3578",
"isRobot": true,
"huntId": "H:9D8C3578",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1594960382844155",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:A2999B02",
"isRobot": true,
"huntId": "H:A2999B02",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1594355577224897",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:5D2C6584",
"isRobot": true,
"huntId": "H:5D2C6584",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1593750735039424",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:D6635800",
"isRobot": true,
"huntId": "H:D6635800",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1593145912502496",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:13BA5488",
"isRobot": true,
"huntId": "H:13BA5488",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1592541110374129",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:DEA586DA",
"isRobot": true,
"huntId": "H:DEA586DA",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1591936142636404",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:B3C996C8",
"isRobot": true,
"huntId": "H:B3C996C8",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1591331307366035",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:9A6A4156",
"isRobot": true,
"huntId": "H:9A6A4156",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1590726334841924",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:FFD1FF3C",
"isRobot": true,
"huntId": "H:FFD1FF3C",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1590121300362758",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:415E7313",
"isRobot": true,
"huntId": "H:415E7313",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1589516305553250",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:ADA4E758",
"isRobot": true,
"huntId": "H:ADA4E758",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1588911309980007",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:65BCA25D",
"isRobot": true,
"huntId": "H:65BCA25D",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1588306379935197",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:2E05B7EA",
"isRobot": true,
"huntId": "H:2E05B7EA",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1587701413694968",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:216A3226",
"isRobot": true,
"huntId": "H:216A3226",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1587096491593326",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:F6387A53",
"isRobot": true,
"huntId": "H:F6387A53",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1586491580481402",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:25F19A15",
"isRobot": true,
"huntId": "H:25F19A15",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1585886680811353",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:95483725",
"isRobot": true,
"huntId": "H:95483725",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1585281790430823",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:892376C3",
"isRobot": true,
"huntId": "H:892376C3",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1584676912500267",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:68F9C9AD",
"isRobot": true,
"huntId": "H:68F9C9AD",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1584072082810107",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:3FABE0F0",
"isRobot": true,
"huntId": "H:3FABE0F0",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1583467272628928",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:191EA8E5",
"isRobot": true,
"huntId": "H:191EA8E5",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1582862472697919",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:B907F246",
"isRobot": true,
"huntId": "H:B907F246",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1582257387413218",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:535ABEE0",
"isRobot": true,
"huntId": "H:535ABEE0",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1581652320662200",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:7193F2AC",
"isRobot": true,
"huntId": "H:7193F2AC",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1581047267770513",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:24CB1587",
"isRobot": true,
"huntId": "H:24CB1587",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1580442244314320",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:20BFC641",
"isRobot": true,
"huntId": "H:20BFC641",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1579837225215904",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:214A1D93",
"isRobot": true,
"huntId": "H:214A1D93",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1579232225517664",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:8F8044C6",
"isRobot": true,
"huntId": "H:8F8044C6",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1578627250163919",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:5D0648CA",
"isRobot": true,
"huntId": "H:5D0648CA",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1578022283523996",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:B7151968",
"isRobot": true,
"huntId": "H:B7151968",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1577417343077075",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:3FB8C569",
"isRobot": true,
"huntId": "H:3FB8C569",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1576812416718393",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:50E5D109",
"isRobot": true,
"huntId": "H:50E5D109",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1576207504148655",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:58145FC1",
"isRobot": true,
"huntId": "H:58145FC1",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1575602609545281",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:37427662",
"isRobot": true,
"huntId": "H:37427662",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1574997734355694",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:FF98AC45",
"isRobot": true,
"huntId": "H:FF98AC45",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1574392875121768",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:41C859E5",
"isRobot": true,
"huntId": "H:41C859E5",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1573788034125771",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:97506ECE",
"isRobot": true,
"huntId": "H:97506ECE",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1573183206900029",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:82105047",
"isRobot": true,
"huntId": "H:82105047",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1572578394332167",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:93CC3D9E",
"isRobot": true,
"huntId": "H:93CC3D9E",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1571973297834358",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:8A936991",
"isRobot": true,
"huntId": "H:8A936991",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1571368217797222",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:99A2D4C7",
"isRobot": true,
"huntId": "H:99A2D4C7",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1570763152080356",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:846ACF17",
"isRobot": true,
"huntId": "H:846ACF17",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
},
{
"crashLimit": "100",
"clientsWithResultsCount": "0",
"clientLimit": "100",
"name": "GenericHunt",
"created": "1570506575043948",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:E3D9A43",
"isRobot": false,
"huntId": "H:E3D9A43",
"clientRate": 20.5,
"state": "PAUSED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "admin",
"totalNetUsage": "0",
"description": "A1007_2 des"
},
{
"crashLimit": "100",
"clientsWithResultsCount": "0",
"clientLimit": "50",
"name": "GenericHunt",
"created": "1570506538591731",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:F5946E7E",
"isRobot": false,
"huntId": "H:F5946E7E",
"clientRate": 20.5,
"state": "PAUSED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "admin",
"totalNetUsage": "0",
"description": "A1007_1 des"
},
{
"crashLimit": "500",
"clientsWithResultsCount": "0",
"clientLimit": "0",
"name": "GenericHunt",
"created": "1570158101015213",
"totalCpuUsage": 0,
"urn": "aff4:/hunts/H:A232CC80",
"isRobot": true,
"huntId": "H:A232CC80",
"clientRate": 50,
"state": "STARTED",
"resultsCount": "0",
"clientsQueuedCount": "0",
"creator": "GRRWorker",
"totalNetUsage": "0",
"description": "Interrogate run by cron to keep hostinfo fresh."
}
],
"error": null
}
Search Clients
Retrieve the clients using an optional query.
Input Field
| Input Name | Description | Required |
|---|---|---|
| Query | A query that will be used to filter clients, such as 'host:suspicious.corp.com' (default is Empty value). | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: Runs a query.
{
"has_error": false,
"results": [],
"error": null
}
Get Client
Retrieves the properties of a client by ID.
Input Field
| Input Name | Description | Required |
|---|---|---|
| Column Name | The name of the column holding the id of the client to retrieve. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
{
"has_error": true,
"error": "An error occurred: client_id can't be empty."
}
Get Hunt
Retrieves the properties of a hunt by ID.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Column Name | The name of the column holding the id of the hunt to retrieve. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
{
"has_error": true,
"error": "An error occurred: hunt_id can't be empty."
}
Create a Hunt
Create a Hunt.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Flow Name Column | The name of the column that holds the name of the flow. | Required |
| Flow Args Template | A Jinja template of the JSON representation of the flow arguments. | Required |
| Flow Name Template | A Jinja template of the JSON representation of the flow arguments. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
Release Notes
v2.0.6- Changed from python2 to python3 for vulnerability fix.v2.0.0- Updated architecture to support IO via filesystemv1.0.10- Added documentation link in the automation library.
Updated about 1 year ago