Link Investigation to Host
complete
T
Tara Peterson
Display which host(s) were investigated
We don't have a way to show this currently. In addition to investigating suspicious/malicious items, we also use investigations to internally categorize legitimate applications such as security products and system administration tools. For commonly used software like antivirus applications and system management tools, the investigation may apply to multiple organizations (and hundreds of hosts). This makes it hard for us to visually represent when there are a large number of organizations and/or hosts
C
Cameron Granger
For the time being, if you need to know what Host an Investigation applies to, you can write into Support@huntress.io
Patrick Sofo [Security Product Manager]
complete
Patrick Sofo [Security Product Manager]
in progress
This will be available by EOY
Patrick Sofo [Security Product Manager]
planned
C
Curtis'la Schmidt'la
yes, which host and which organization, as well (without having to filter down to each organization from "global" until the investigation is displayed again). They investigated a script that we had created and ruled it benign, and I recognized the folder name as associated with a longtime client. There was a second similar investigation where I didn't recognize it, and I would like to be able to determine whether the script is still necessary. Perhaps an old MSP or previous IT manager installed it and it's no longer needed or desired. Finding it would be very difficult with our number of organizations and endpoints.
M
Mike Hebert
I'm shocked that this has not been done yet. It seems like common sense that if Huntress is telling us an app is potentially unwanted that it would let us know where to track it down. Also, as soon as I contacted support to get the host that was involved with the investigation I was told to upvote here, and that they would not tell me the hosts. Usually Huntress is on-point! This is out of character for them.
J
John Waskewics
yes, would be very helpful to know so we can go remove the offender app that was installed in our case.
S
Spencer Doucet
This would be very valuable to us to know which machine is being investigated! In these findings there are potential pieces of software that we may or may not want on a machine and knowing which pc has said software would be very beneficial. Please add this feature versus us having to request support to do so.
L
Luana'la Okuneva'la
What do we need to do to get this at least to the under review status?
L
Luana'la Okuneva'la
I will add my support for this feature! I am new to the huntress family and Received an incident report for software that SHOULD NOT BE ON ANY of the systems in my account. A simple click through to a list of hosts that triggered the incident would rather should be a necessity. for all the reasons previously mentioned and many more I can think of.
C
Cameron Granger
Merged in a post:
Investigation list at account level
T
Trent Townsend
Can you add the organization key or name to the list of investigations at the account level so we do not have to click through every org to find out which org/systems are affected?
Load More
→