In the Actions table, you can scroll or use the filters to see the status of any search within a hunt across any of the targeted endpoints.
Hunts consist of searches across multiple endpoints and those searches can take time to return results from all of the targeted endpoints. To view the status of all of the searches contained within a hunt, click on the Actions link within the Status column for that hunt on the Collections page. This will launch a new browser tab displaying the Actions table. Within the Actions table, you can scroll or use the filters to see the status of any search within a hunt across any of the targeted endpoints.
Using this information, you can identify the successful and failed searches and take the necessary action.
Field | Description |
|---|---|
Endpoint name | Agent hostname. |
Endpoint ID | Agent unique ID. |
Action ID | A unique identifier for the agent action. |
Name | Name of search. |
Status | Shows one of the following statuses of the search:
|
Artifact category | Name of category for the search. Example: |
Artifact | Artifact targeted by this search. Example: |
Results | Number of results received for the search. |
Last updated | The last time results were received for this action. |
Parameters | The string that describes the search parameters. Example: |
Creation time | The timestamp when the search was created. |