Hunters.AI
App Vendor: Hunters
App Category: Endpoint Security / Security Operations
Connector Version: 1.0.1
API Version: 1.0.0
About App
Hunters.AI app empowers security teams to address and automate security operation workflows to triage and prioritize alerts and stories, and enables teams to perform entity search and investigation.
Hunters.AI app is configured with Orchestrate to perform the following actions:
Action Name | Description |
|---|---|
Add Lead Comment | This action adds comments to a particular lead. |
Get Lead Mega Entities | This action retrieves mega lead entities. |
Get Leads | This action retrieves the leads. |
Set Lead Assignee | This action sets an assignee to a lead. |
Set Lead Status | This action sets the lead status. |
Configuration Parameters
The following configuration parameters are required for the Hunters.AI app to communicate with the Hunters.AI enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Base URL | Enter a base URL to connect to the Hunters.AI app. Example: "https://api.{region}.hunters.ai/v1", where region can be us or eu | Text | Required | |
Client ID | Enter the client ID to connect to the Hunters.AI application. Example: “09cxx5c9-29b3-99ff-b49z-4123xxx5b427” | Text | Required | |
Client Secret | Enter the client secret to authenticate with the Hunters.AI application. Example: “2345~123245xxx3245abc~abc12xx512345abc” | Password | Required |
Action: Add Lead Comment
This action adds a comment to a particular lead.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Lead UUID | Enter the lead UUID to add a comment to the lead. Example: "095be615-a8ad-4c33-8e9c-c7612fbf6c9f" | Text | Required | You can retrieve the lead UUID using the action Get Leads. |
Comment | Enter a comment to add to a lead. Example: "This lead is for a test" | Text | Required |
Action: Get Lead Mega Entities
This action retrieves the mega lead entities.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Lead UUID | Enter the lead UUID to retrieve the mega lead entities. Example: "095be615-a8ad-4c33-8e9c-c7612fbf6c9f" | Text | Required | You can retrieve the lead UUID using the action Get Leads. |
Created at | Enter the creation date of the lead. Example: 2022-08-23 | Text | Optional | |
With Drilldowns | Enter true to drill down the result or false to deny the drill down result. Example: true | Boolean | Optional | Default value: true Allowed values:
|
Action: Get Leads
This action retrieves the leads.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Limit | Enter the maximum number of items to be returned in the response. Example: 50 | Integer | Optional | |
Data source | Enter to filter leads by data sources. Example: $LIST[okta-logs] | List | Optional | |
Offset | Enter the starting point for the paged response. Example: 1 | Integer | Optional | |
Risk | Enter the risk value to filter results based on risk levels. Example: "low" | Text | Optional | Allowed values:
|
Extra params | Enter additional query parameters to filter results. Example: "status":"open" | Key Value | Optional | Allowed keys:
|
Action: Set Lead Assignee
This action sets an assignee to a lead.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Lead UUID | Enter the lead UUID to set an assignee. Example: "095be615-a8ad-4c33-8e9c-c7612fbf6c9f" | Text | Required | You can retrieve the lead UUID using the action Get Leads. |
Enter an email to assign the lead. Example: "sampleuser@testuser.com" | Text | Required |
Action: Set Lead Status
This action sets the lead status.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Lead UUID | Enter the lead UUID to set the status. Example: '095be615-a8ad-4c33-8e9c-c7612fbf6c9f' | Text | Required | You can retrieve the lead UUID using the action Get Leads. |
Status | Enter a value to set the status of a lead. Example: "open" | Text | Required | Allowed values:
|