Vai al contenuto

Comandi Vectra AI

Traduzione: Copia tutti i comandi Traduzione: Generare PDF < > Comandi e flussi di lavoro completi della piattaforma Vectra AI per il rilevamento e la risposta della rete (NDR). ## Autenticazione API della piattaforma |Command|Description| |---------|-------------| |`curl -H "Authorization: Token " `|API authentication| |`vectra-cli auth login`|Login to Vectra platform| |`vectra-cli auth logout`|Logout from platform| |`vectra-cli auth status`|Check authentication status| |`export VECTRA_TOKEN=`|Set environment token| |`export VECTRA_URL=`|Set platform URL| ## Gestione della rilevazione |Command|Description| |---------|-------------| |`GET /api/v3.3/detections`|List all detections| |`GET /api/v3.3/detections/{id}`|Get detection details| |`PATCH /api/v3.3/detections/{id}`|Update detection| |`DELETE /api/v3.3/detections/{id}`|Delete detection| |`GET /api/v3.3/detections?state=active`|Filter active detections| |`GET /api/v3.3/detections?certainty=high`|Filter by certainty| ## Gestione host |Command|Description| |---------|-------------| |`GET /api/v3.3/hosts`|List all hosts| |`GET /api/v3.3/hosts/{id}`|Get host details| |`PATCH /api/v3.3/hosts/{id}`|Update host information| |`GET /api/v3.3/hosts?threat_score_gte=50`|Filter by threat score| |`GET /api/v3.3/hosts?certainty_score_gte=80`|Filter by certainty score| ## Gestione account |Command|Description| |---------|-------------| |`GET /api/v3.3/accounts`|List all accounts| |`GET /api/v3.3/accounts/{id}`|Get account details| |`PATCH /api/v3.3/accounts/{id}`|Update account| |`GET /api/v3.3/accounts?privilege_level=admin`|Filter by privilege level| |`GET /api/v3.3/accounts?threat_score_gte=50`|Filter by threat score| ## Gestione delle campagne |Command|Description| |---------|-------------| |`GET /api/v3.3/campaigns`|List all campaigns| |`GET /api/v3.3/campaigns/{id}`|Get campaign details| |`PATCH /api/v3.3/campaigns/{id}`|Update campaign| |`GET /api/v3.3/campaigns?state=active`|Filter active campaigns| ## Gestione delle assegnazioni |Command|Description| |---------|-------------| |`GET /api/v3.3/assignments`|List assignments| |`POST /api/v3.3/assignments`|Create assignment| |`GET /api/v3.3/assignments/{id}`|Get assignment details| |`PATCH /api/v3.3/assignments/{id}`|Update assignment| |`DELETE /api/v3.3/assignments/{id}`|Delete assignment| ## Threat Intelligence |Command|Description| |---------|-------------| |`GET /api/v3.3/threat_feeds`|List threat feeds| |`POST /api/v3.3/threat_feeds`|Create threat feed| |`GET /api/v3.3/threat_feeds/{id}`|Get threat feed details| |`PATCH /api/v3.3/threat_feeds/{id}`|Update threat feed| |`DELETE /api/v3.3/threat_feeds/{id}`|Delete threat feed| ## Ricerca e filtraggio |Command|Description| |---------|-------------| |`GET /api/v3.3/search/detections`|Search detections| |`GET /api/v3.3/search/hosts`|Search hosts| |`GET /api/v3.3/search/accounts`|Search accounts| |`GET /api/v3.3/detections?ordering=-threat_score`|Order by threat score| |`GET /api/v3.3/detections?page_size=100`|Set page size| ## Integrazione server MCP |Command|Description| |---------|-------------| |`vectra-mcp install`|Install Vectra MCP server| |`vectra-mcp configure`|Configure MCP server| |`vectra-mcp start`|Start MCP server| |`vectra-mcp stop`|Stop MCP server| |`vectra-mcp status`|Check MCP server status| ## Comandi Assistenti AI |Command|Description| |---------|-------------| |`vectra-mcp claude connect`|Connect to Claude Desktop| |`vectra-mcp cursor connect`|Connect to Cursor IDE| |`vectra-mcp chat enable`|Enable chat interface| |`vectra-mcp investigate `|AI-assisted investigation| |`vectra-mcp visualize `|Generate visualizations| ## Incident Investigation |Command|Description| |---------|-------------| |`vectra-cli investigate --host `|Investigate host| |`vectra-cli investigate --detection `|Investigate detection| |`vectra-cli timeline --host `|Generate host timeline| |`vectra-cli timeline --account `|Generate account timeline| |`vectra-cli correlate --detection `|Correlate detections| ## Azioni di risposta |Command|Description| |---------|-------------| |`vectra-cli response block --host `|Block host| |`vectra-cli response isolate --host `|Isolate host| |`vectra-cli response quarantine --account `|Quarantine account| |`vectra-cli response whitelist --host `|Whitelist host| |`vectra-cli response unblock --host `|Unblock host| ## Reporting e analisi |Command|Description| |---------|-------------| |`GET /api/v3.3/reports`|List available reports| |`POST /api/v3.3/reports`|Generate report| |`GET /api/v3.3/reports/{id}`|Get report details| |`GET /api/v3.3/analytics/summary`|Get analytics summary| |`GET /api/v3.3/analytics/trends`|Get trend analysis| ## Gestione della configurazione |Command|Description| |---------|-------------| |`GET /api/v3.3/settings`|Get platform settings| |`PATCH /api/v3.3/settings`|Update settings| |`GET /api/v3.3/sensors`|List sensors| |`GET /api/v3.3/sensors/{id}`|Get sensor details| |`PATCH /api/v3.3/sensors/{id}`|Update sensor configuration| ## Gestione utente e ruolo |Command|Description| |---------|-------------| |`GET /api/v3.3/users`|List users| |`POST /api/v3.3/users`|Create user| |`GET /api/v3.3/users/{id}`|Get user details| |`PATCH /api/v3.3/users/{id}`|Update user| |`DELETE /api/v3.3/users/{id}`|Delete user| ## Gestione degli avvisi |Command|Description| |---------|-------------| |`GET /api/v3.3/alerts`|List alerts| |`POST /api/v3.3/alerts`|Create alert rule| |`GET /api/v3.3/alerts/{id}`|Get alert details| |`PATCH /api/v3.3/alerts/{id}`|Update alert rule| |`DELETE /api/v3.3/alerts/{id}`|Delete alert rule| ## Gestione dell'integrazione |Command|Description| |---------|-------------| |`GET /api/v3.3/integrations`|List integrations| |`POST /api/v3.3/integrations`|Create integration| |`GET /api/v3.3/integrations/{id}`|Get integration details| |`PATCH /api/v3.3/integrations/{id}`|Update integration| |`DELETE /api/v3.3/integrations/{id}`|Delete integration| ## Esportazione dei dati |Command|Description| |---------|-------------| |`vectra-cli export detections --format json`|Export detections| |`vectra-cli export hosts --format csv`|Export hosts| |`vectra-cli export accounts --format json`|Export accounts| |`vectra-cli export --start-date 2025-01-01`|Export with date filter| |`vectra-cli export --threat-score-min 50`|Export with score filter| ## Monitoraggio e salute |Command|Description| |---------|-------------| |`GET /api/v3.3/health`|Check platform health| |`GET /api/v3.3/system/status`|Get system status| |`GET /api/v3.3/sensors/health`|Check sensor health| |`GET /api/v3.3/system/metrics`|Get system metrics| |`GET /api/v3.3/system/logs`|Get system logs| ## Domande avanzate |Command|Description| |---------|-------------| |`GET /api/v3.3/detections?detection_type=command_and_control`|Filter by detection type| |`GET /api/v3.3/detections?src_ip=192.168.1.100`|Filter by source IP| |`GET /api/v3.3/detections?dst_port=443`|Filter by destination port| |`GET /api/v3.3/hosts?last_detection_timestamp_gte=2025-01-01`|Filter by timestamp| ## Operazioni Bulk |Command|Description| |---------|-------------| |`vectra-cli bulk assign --detections `|Bulk assign detections| |`vectra-cli bulk update --hosts `|Bulk update hosts| |`vectra-cli bulk export --query `|Bulk export with query| |`vectra-cli bulk remediate --actions `|Bulk remediation actions| ## Automazione e scrittura |Command|Description| |---------|-------------| |`vectra-cli script run --file