You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+15-1Lines changed: 15 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -81,7 +81,21 @@ curl -X POST -F "file=@/path/to/your/triage.zip" http://$IP_ADDRESS:5000/api/pla
81
81
```
82
82
83
83
#### With Velociraptor
84
-
In the repo, we've provided [several Velociraptor artifacts](./velociraptor). Add them in the Velociraptor GUI in the `View Artifacts` section.
84
+
In the repo, we've provided [several Velociraptor artifacts](./velociraptor).
85
+
86
+
You can add them in the Velociraptor GUI in one of two ways:
87
+
* In the `View Artifacts` section, click the `Add an Artifact` button and manually copy paste each one and save it
88
+
* Via the Artifact Exchange
89
+
* Click `Server Artifacts`
90
+
* Click `New Collection`
91
+
* Select `Server.Import.ArtifactExchange`
92
+
* Click `Configure Parameters`
93
+
* Click on `Server.Import.ArtifactExchange`
94
+
* For the `ExchangeURL` enter the URL of `velociraptor_artifacts.zip` found [here](https://github.com/Digital-Defense-Institute/openrelik-pipeline/releases/latest)
95
+
* For the prefix, choose something relevant, like `OpenRelikPipeline.`
96
+
* Leave `ArchiveGlob` as is
97
+
* Click `Launch`
98
+
* You should now see all of them as `Server Monitoring` artifacts in the `Artifacts` page
85
99
86
100
These are configured to hit each available endpoint:
0 commit comments