Commandements Vectra AI

Copier toutes les commandes Générer PDF

Commandes et flux de travail complets de la plateforme Vectra AI pour la détection et la réponse réseau (NDR).

Authentification de l'API de la plateforme

Command	Description
curl -H "Authorization: Token <token>" <endpoint>	API authentication
vectra-cli auth login	Login to Vectra platform
vectra-cli auth logout	Logout from platform
vectra-cli auth status	Check authentication status
export VECTRA_TOKEN=<token>	Set environment token
export VECTRA_URL=<url>	Set platform URL

Gestion de la détection

Command	Description
GET /api/v3.3/detections	List all detections
GET /api/v3.3/detections/{id}	Get detection details
PATCH /api/v3.3/detections/{id}	Update detection
DELETE /api/v3.3/detections/{id}	Delete detection
GET /api/v3.3/detections?state=active	Filter active detections
GET /api/v3.3/detections?certainty=high	Filter by certainty

Gestion de l'hôte

Command	Description
GET /api/v3.3/hosts	List all hosts
GET /api/v3.3/hosts/{id}	Get host details
PATCH /api/v3.3/hosts/{id}	Update host information
GET /api/v3.3/hosts?threat_score_gte=50	Filter by threat score
GET /api/v3.3/hosts?certainty_score_gte=80	Filter by certainty score

Gestion des comptes

Command	Description
GET /api/v3.3/accounts	List all accounts
GET /api/v3.3/accounts/{id}	Get account details
PATCH /api/v3.3/accounts/{id}	Update account
GET /api/v3.3/accounts?privilege_level=admin	Filter by privilege level
GET /api/v3.3/accounts?threat_score_gte=50	Filter by threat score

Gestion des campagnes

Command	Description
GET /api/v3.3/campaigns	List all campaigns
GET /api/v3.3/campaigns/{id}	Get campaign details
PATCH /api/v3.3/campaigns/{id}	Update campaign
GET /api/v3.3/campaigns?state=active	Filter active campaigns

Gestion des missions

Command	Description
GET /api/v3.3/assignments	List assignments
POST /api/v3.3/assignments	Create assignment
GET /api/v3.3/assignments/{id}	Get assignment details
PATCH /api/v3.3/assignments/{id}	Update assignment
DELETE /api/v3.3/assignments/{id}	Delete assignment

Renseignements sur les menaces

Command	Description
GET /api/v3.3/threat_feeds	List threat feeds
POST /api/v3.3/threat_feeds	Create threat feed
GET /api/v3.3/threat_feeds/{id}	Get threat feed details
PATCH /api/v3.3/threat_feeds/{id}	Update threat feed
DELETE /api/v3.3/threat_feeds/{id}	Delete threat feed

Recherche et filtrage

Command	Description
GET /api/v3.3/search/detections	Search detections
GET /api/v3.3/search/hosts	Search hosts
GET /api/v3.3/search/accounts	Search accounts
GET /api/v3.3/detections?ordering=-threat_score	Order by threat score
GET /api/v3.3/detections?page_size=100	Set page size

Intégration du serveur MCP

Command	Description
vectra-mcp install	Install Vectra MCP server
vectra-mcp configure	Configure MCP server
vectra-mcp start	Start MCP server
vectra-mcp stop	Stop MCP server
vectra-mcp status	Check MCP server status

Commandements adjoints AI

Command	Description
vectra-mcp claude connect	Connect to Claude Desktop
vectra-mcp cursor connect	Connect to Cursor IDE
vectra-mcp chat enable	Enable chat interface
vectra-mcp investigate <query>	AI-assisted investigation
vectra-mcp visualize <data>	Generate visualizations

Enquête sur les incidents

Command	Description
vectra-cli investigate --host <host-id>	Investigate host
vectra-cli investigate --detection <detection-id>	Investigate detection
vectra-cli timeline --host <host-id>	Generate host timeline
vectra-cli timeline --account <account-id>	Generate account timeline
vectra-cli correlate --detection <detection-id>	Correlate detections

Mesures prises

Command	Description
vectra-cli response block --host <host-id>	Block host
vectra-cli response isolate --host <host-id>	Isolate host
vectra-cli response quarantine --account <account-id>	Quarantine account
vectra-cli response whitelist --host <host-id>	Whitelist host
vectra-cli response unblock --host <host-id>	Unblock host

Rapports et analyses

Command	Description
GET /api/v3.3/reports	List available reports
POST /api/v3.3/reports	Generate report
GET /api/v3.3/reports/{id}	Get report details
GET /api/v3.3/analytics/summary	Get analytics summary
GET /api/v3.3/analytics/trends	Get trend analysis

Gestion de la configuration

Command	Description
GET /api/v3.3/settings	Get platform settings
PATCH /api/v3.3/settings	Update settings
GET /api/v3.3/sensors	List sensors
GET /api/v3.3/sensors/{id}	Get sensor details
PATCH /api/v3.3/sensors/{id}	Update sensor configuration

Gestion des utilisateurs et des rôles

Command	Description
GET /api/v3.3/users	List users
POST /api/v3.3/users	Create user
GET /api/v3.3/users/{id}	Get user details
PATCH /api/v3.3/users/{id}	Update user
DELETE /api/v3.3/users/{id}	Delete user

Gestion des alertes

Command	Description
GET /api/v3.3/alerts	List alerts
POST /api/v3.3/alerts	Create alert rule
GET /api/v3.3/alerts/{id}	Get alert details
PATCH /api/v3.3/alerts/{id}	Update alert rule
DELETE /api/v3.3/alerts/{id}	Delete alert rule

Gestion de l'intégration

Command	Description
GET /api/v3.3/integrations	List integrations
POST /api/v3.3/integrations	Create integration
GET /api/v3.3/integrations/{id}	Get integration details
PATCH /api/v3.3/integrations/{id}	Update integration
DELETE /api/v3.3/integrations/{id}	Delete integration

Exportation de données

Command	Description
vectra-cli export detections --format json	Export detections
vectra-cli export hosts --format csv	Export hosts
vectra-cli export accounts --format json	Export accounts
vectra-cli export --start-date 2025-01-01	Export with date filter
vectra-cli export --threat-score-min 50	Export with score filter

Surveillance et santé

Command	Description
GET /api/v3.3/health	Check platform health
GET /api/v3.3/system/status	Get system status
GET /api/v3.3/sensors/health	Check sensor health
GET /api/v3.3/system/metrics	Get system metrics
GET /api/v3.3/system/logs	Get system logs

Demandes de renseignements avancées

Command	Description
GET /api/v3.3/detections?detection_type=command_and_control	Filter by detection type
GET /api/v3.3/detections?src_ip=192.168.1.100	Filter by source IP
GET /api/v3.3/detections?dst_port=443	Filter by destination port
GET /api/v3.3/hosts?last_detection_timestamp_gte=2025-01-01	Filter by timestamp

Opérations en vrac

Command	Description
vectra-cli bulk assign --detections <file>	Bulk assign detections
vectra-cli bulk update --hosts <file>	Bulk update hosts
vectra-cli bulk export --query <query>	Bulk export with query
vectra-cli bulk remediate --actions <file>	Bulk remediation actions

Automatisation et écriture

Command	Description
vectra-cli script run --file <script>	Run automation script
vectra-cli script validate --file <script>	Validate script
vectra-cli workflow create --name <name>	Create workflow
vectra-cli workflow run --id <workflow-id>	Run workflow

Optimisation des performances

Command	Description
vectra-cli optimize --cache-size 1GB	Set cache size
vectra-cli optimize --parallel 10	Set parallel processing
vectra-cli optimize --timeout 300	Set timeout
vectra-cli cache clear	Clear cache
vectra-cli cache status	Check cache status

Débogue et dépannage

Command	Description
vectra-cli debug --log-level debug	Enable debug logging
vectra-cli debug connectivity	Test connectivity
vectra-cli debug api --endpoint <endpoint>	Test API endpoint
vectra-cli debug permissions	Check permissions
vectra-cli logs --tail 100	View recent logs

Variables d'environnement

Variable	Description
VECTRA_TOKEN	API authentication token
VECTRA_URL	Platform URL
VECTRA_TIMEOUT	Request timeout
VECTRA_LOG_LEVEL	Logging level
VECTRA_CACHE_DIR	Cache directory

Fichiers de configuration

File	Description
vectra.config.json	Main configuration file
vectra-rules.yml	Detection rules
vectra-integrations.yml	Integration settings
.vectra-credentials	Stored credentials

Types de détection courants

Type	Description
command_and_control	C2 communication
lateral_movement	Lateral movement activity
data_exfiltration	Data exfiltration attempts
reconnaissance	Network reconnaissance
privilege_escalation	Privilege escalation