Skip to main content

Cyware Orchestrate

Velociraptor

App Vendor: Velociraptor

App Category: IT Services

Connector Version: 1.0.0

API Version: N/A

About App

Velociraptor actions and vql queries.

The Velociraptor connector app is configured with the CSOL application to perform the following actions:

Action Name

Description

Execute Query

This app action takes in a vql query string and returns a list of results.

List Clients

This app action lists all velociraptor clients.

List Windows Client Users

This app action returns a windows client's local users.

List Client Processes

This app action returns a client's running processes.

Add Client Labels

This app action adds supplied list of labels to a client.

Remove Client Labels

This app action removes supplied list of labels from client.

Quarantine Client

This app action quarantines a client.

Remove Quarantined Client

This app action removes a client from quarantine.

Get Client Info

This app action returns a client's info.

Configuration Parameters

The following configuration parameters are required for the Velociraptor connector app to communicate with the Velociraptor enterprise application. The parameters can be configured by creating instances in the connector app.

Parameter

Description

Field Type

Required/Optional

Comments

Server

Velociraptor server address

Text

Required

Port

Velociraptor server api port

Integer

Required

CA Certificate

Api client ca certificate

File

Required

Client Private Key

Api client private key

File

Required

Client Certificate

api client certificate

File

Required

Action: Execute Query

This app action takes in a vql query string and returns a list of results.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Query

Accepts a vql query string as a single argument.

Text

Required

Max wait

Optional parameter for maximum query execution wait.

Integer

Optional

Max row

Optional parameter for maximum rows in return by query.

Integer

Optional

Example Request

Action: List Clients

This app action lists all velociraptor clients.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Example Request

Action: List Windows Client Users

This app action returns a windows client's local users.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Client id

Accepts a client id as a str.

Text

Required

Example Request

Action: List Client Processes

This app action returns a client's running processes.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Client id

Accepts a client id as a str.

Text

Required

Example Request

Action: Add Client Labels

This app action adds supplied list of labels to a client.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Client id

Accepts a client id as a str.

Text

Required

Labels

Accepts list of labels to add to client

List

Required

Example Request

Action: Remove Client Labels

This app action removes supplied list of labels from client.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Client id

Accepts a client id as a str.

Text

Required

Labels

Accepts list of labels to remove from client

List

Required

Example Request

Action: Quarantine Client

This app action quarantines a client.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Client id

Accepts a client id as a str.

Text

Required

Example Request

Action: Remove Quarantined Client

This app action removes a client from quarantine.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Client id

Accepts a client id as a str.

Text

Required

Example Request

Action: Get Client Info

This app action returns a client's info.

Action Input Parameters

Parameter

Description

Field Type

Required/Optional

Comments

Client id

Accepts a client id as a str.

Text

Required

Example Request