RTR Read Only Analyst
.RTR Active Responder
.RTR Administrator
.Falcon Administrator
.Parameter | Description |
---|---|
Sessions IDs | The session IDs to get details of. You can obtain the session IDs by running the List RTR Sessions in the “resources” field. |
{
"meta": {
"query_time": 2,
"powered_by": "<string>",
"trace_id": "<string>"
},
"resources": [
{
"id": "<string>",
"created_at": "2010-05-17T08:00:15.321Z",
"updated_at": "2006-07-10T10:19:38.460Z",
"deleted_at": null,
"cloud_request_ids": [
"<string>"
],
"cid": "<string>",
"device_id": "<string>",
"hostname": "<string>",
"user_id": "<string>",
"user_uuid": "<string>",
"duration": 1,
"origin": "<string>",
"logs": [
{
"id": 0,
"created_at": "2022-10-11T14:11:33.213Z",
"updated_at": "2022-10-11T14:11:33.213Z",
"session_id": "<string>",
"command_string": "<string>",
"current_directory": "<string>",
"base_command": "<string>",
"cloud_request_id": "<string>"
}
],
"offline_queued": false,
"commands_queued": false
}
],
"errors": []
}
Was this page helpful?