From the Actions table, you can view the search status of all the artifacts for the triage.
You can drill down to the Actions table from the status link of the triage to view the search the status of all the artifacts for the triage.
Field | Description |
---|---|
Endpoint name | Agent hostname. |
Endpoint ID | Agent unique ID. |
Action ID | Unique identifier for this agent action. |
Type | Type of collection. Example: |
Path | Path for files, registry path for registry artifacts. |
Status | Displays one of the following statuses of the search:
|
Details | Shows the detailed output from the ingestion script. Example: |
Collected | Time the data was collected. |
Download expiration | Time when bucket data (raw files) is to be deleted. |
Preset | Name of the triage configuration. |
Collection Type | Collection type. |
Triage ID | Unique ID associated with this triage data. |