Documentation Index
Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt
Use this file to discover all available pages before exploring further.
Get session metadata by session id.
One of the following roles is required to read the user’s own sessions details.
RTR Read Only Analyst.RTR Active Responder.RTR Administrator.
To read all users sessions, the following role is required:
Parameters
| Parameter | Description |
|---|
| Sessions IDs | The session IDs to get details of. You can obtain the session IDs by running the List RTR Sessions in the “resources” field. |
Example Output
{
"meta": {
"query_time": 2,
"powered_by": "<string>",
"trace_id": "<string>"
},
"resources": [
{
"id": "<string>",
"created_at": "2010-05-17T08:00:15.321Z",
"updated_at": "2006-07-10T10:19:38.460Z",
"deleted_at": null,
"cloud_request_ids": [
"<string>"
],
"cid": "<string>",
"device_id": "<string>",
"hostname": "<string>",
"user_id": "<string>",
"user_uuid": "<string>",
"duration": 1,
"origin": "<string>",
"logs": [
{
"id": 0,
"created_at": "2022-10-11T14:11:33.213Z",
"updated_at": "2022-10-11T14:11:33.213Z",
"session_id": "<string>",
"command_string": "<string>",
"current_directory": "<string>",
"base_command": "<string>",
"cloud_request_id": "<string>"
}
],
"offline_queued": false,
"commands_queued": false
}
],
"errors": []
}
Workflow Library Example
Get Rtr Sessions Details with Crowdstrike and Send Results Via Email
