Channels
doorman
infrastructure
random
zercurity
community-feeds
fleet-dev
code-review
queryhub
apple-silicon
carving
tls
fim
goquery
zentral
aws
querycon
golang
zeek
file-carving
fuzzing
auditing-warroom
linen-dev
fleetosquery
plugins
jobs
arm-architecture
darkbytes
process-auditing
uptycs
android_tests
selfgroup
vendor-feeds
fleet
eclecticiq-polylogyx-extension
ebpf
website
core
general
macos
kolide
osctrl
extensions
foundation
sql
officehours
linux
windows
Title
n
narsarius
05/03/2019, 6:30 PMThanks - I can see the websocket connection in developer tools, not sure where it is getting the parameters to build the request after the initial run though.
1) a run is issued, /api/v1/kolide/queries/run
2) then a /api/v1/kolide/results/info?t={{numeric value}}
3) completes with a /api/v1/kolide/results/{{numeric value}}/{{alpha numeric value}}/websocket
The values used in the 2nd and 3rd request are not present in the response of the first request
Looks like /api/v1/kolide/results/info?t={{numeric value}} is just a info request and can be omitted if running programmatic. The larger question is what are the values used to construct the 3rd request /api/v1/kolide/results/{{numeric value}}/{{alpha numeric value}}/websocket
After the third request is constructed you can send traditional websocket request on the campaign
s
Saif Abulkhair
10/12/2020, 2:43 PM@narsarius did you manage to get the results via the websockets ? Can you throw some pointers please