startThreatHunt
Start a threat hunt on a cluster.
Arguments
Returns
StartThreatHuntReply!
Sample
mutation StartThreatHunt($input: StartThreatHuntInput!) {
startThreatHunt(input: $input) {
huntId
isSyncSuccessful
}
}
{
"input": {
"clusterUuid": "00000000-0000-0000-0000-000000000000",
"indicatorsOfCompromise": [
{
"iocKind": "IOC_FILE_PATTERN",
"iocValue": "example-string"
}
],
"name": "example-string",
"objectFids": [
"00000000-0000-0000-0000-000000000000"
]
}
}
{
"data": {
"startThreatHunt": {
"huntId": "example-string",
"isSyncSuccessful": true,
"huntStatus": {
"endTime": "2024-01-01T00:00:00.000Z",
"id": "example-string",
"nodeId": "example-string",
"progress": 0.0,
"result": "example-string",
"startTime": "2024-01-01T00:00:00.000Z"
}
}
}
}