Vicarius

  • Updated on Feb 11, 2025
  • Published on Nov 26, 2023
Prev Next
Self Service Ingestion

Connect this data source on your own, using the Hunters platform.

TL;DR

Supported data types

3rd party detection

Hunters detection

IOC search

Search

Table name

Log format

Collection method

Vicarius Event Logs

✅

✅

vicarius_event_logs

NDJSON

API

Overview

image.pngVicarius is an all-in-one vulnerability assessment and management solution, allowing you to run a real-time and network scan and analyze proprietary and niche applications for vulnerabilities. Get a dashboard that visualizes the results, and manage your entire organization’s assets from one platform for complete coverage and visibility.

Integrating Vicarius into Hunters allows collection of the data via the API, ingestion to the datalake, as well as levaraging the data in the Hunters Vulnerability Management enrichment investigation flow.

Supported data types

Vicarius Event Logs

Table name: vicarius_event_logs

Vicarius event logs provide detailed insights into the security posture of an organization's software assets, documenting every relevant security event, including the identification of new vulnerabilities, the application of patches or workarounds, and any security incidents related to known vulnerabilities. By offering a granular view of the threat landscape and remediation activities, these logs are instrumental for security teams in prioritizing vulnerability management efforts, enhancing incident response strategies, and ensuring compliance with regulatory requirements. The actionable intelligence derived from Vicarius event logs enables organizations to proactively address potential security weaknesses, thereby reducing their attack surface and fortifying their defenses against cyber threats.

Learn more here.

Send data to Hunters

Hunters supports the collection of logs from Vicarius using API.

  1. Follow this guide by Vicarius to acquire the following information:

    • Host (Example - customer.vicarius.cloud)

    • API Key (Example - qjsn9SdpV3pZOn52fJOEdpRO490iaBj469PcUunnmYQWG4BJIZushZEwQoe8Bm2sAGtpqWD4q1xX6oAQhNAfRdvCpPr84nmbFTAFGs1RAKW6Wf9wxIEoR6UclbKehqfizquuVxghwy1sDig9hw9rrAHNw3JkmeTPc3BskAuDWDcel1Qa4BofS0eGsT4fU0iXLi3xt1iUmOCfkKUvi5fQEJvVrPHTJVgvvn2JKoHDthQiars9JLwXarDsnfbtGCWl)

  2. Complete the process on the Hunters platform, following this guide.

Expected format

Logs are expected in JSON format.

Vicarius Event Logs Sample

{"incidentEventIncidentEventType":"EndpointRemoved","incidentEventEndpoint":{"endpointId":123452,"authenticatedModelTypeId":1,"endpointStatusId":12,"endpointAuthenticatedModelType":{"authenticatedModelTypeId":7,"authenticatedModelTypeName":"LocalAgent","authenticatedModelTypeManual":false,"authenticatedModelTypeEnabled":true,"authenticatedModelTypeUpdatedAt":1545674908659,"authenticatedModelTypeCreatedAt":1545674908659},"endpointName":"ABCD123","versionId":12345,"endpointEndpointStatus":{"endpointStatusId":12,"endpointStatusName":"Free","endpointStatusManual":true,"endpointStatusEnabled":true,"endpointStatusUpdatedAt":1545747509480,"endpointStatusCreatedAt":1545747509480},"operatingSystemId":1234,"endpointOperatingSystem":{"operatingSystemId":12345,"operatingSystemFamilyId":3,"operatingSystemName":"Windows Server 1234","operatingSystemUniqueIdentifier":"abcdeff0683b64cb528f12340a2","operatingSystemTypeId":2,"operatingSystemManual":false,"operatingSystemEnabled":true,"operatingSystemUpdatedAt":1590064666274,"operatingSystemCreatedAt":1590064666274},"endpointArchitecture":{"architectureId":1,"architectureName":"x64","architectureManual":false,"architectureEnabled":true,"architectureUpdatedAt":1545674908636,"architectureCreatedAt":1545674908636},"architectureId":2,"endpointManual":true,"endpointEnabled":false,"endpointUpdatedAt":1699353016761,"endpointCreatedAt":1660908125293,"endpointTokenGenerationTime":1698765831591,"endpointAlive":false,"endpointHash":"abcd823e8a05b4123451ef0c","endpointOrganization":{"userId":12345,"organizationUniqueIdentifier":"abcd123456d3668179564c53cc3d","organizationDomainPrefix":"abcd","organizationName":"AB-abcd","organizationManual":false,"organizationIsActivated":true,"organizationEnabled":true,"organizationUpdatedAt":1683207458913,"organizationCreatedAt":1614100092858,"organizationId":123},"endpointVersion":{"versionId":12345,"versionName":"4.1.14","versionUniqueIdentifier":"abcd1323456e2187d058b5","versionManual":false,"versionEnabled":true,"versionUpdatedAt":1545581305467,"versionCreatedAt":1545581305467},"organizationId":123},"endpointId":12345,"_id":"EndpointRemoved_abcdef12345_05b4b2cfd4d7f01ef0c","analyticsEventSubAggregator":"EndpointRemoved_abcd124785_2023_11_7","analyticsEventSecondarySubAggregator":"EndpointRemoved_abcef1234788179564c53cc3d_2023_11_7_3830cad823e8a05babcd123","analyticsEventUpdatedAt":1699353021904,"analyticsEventUpdatedAtDate":{"dateYear":2023,"dateMonth":11,"dateDayOfMonth":7,"dateHour":10,"dateMinute":30,"dateSecond":21,"dateMillisecond":904,"dateMilliseconds":1699353021904,"dateWeekOfYear":45},"analyticsEventUpdatedAtDateObject":"Nov 7, 2023, 10:30:21 AM","analyticsEventCreatedAt":1699353021904,"analyticsEventUpdatedAtNano":1699353021904917500,"analyticsEventCreatedAtNano":1699353021904917500,"analyticsEventCreatedAtDate":{"dateYear":2023,"dateMonth":11,"dateDayOfMonth":7,"dateHour":10,"dateMinute":30,"dateSecond":21,"dateMillisecond":904,"dateMilliseconds":1699353021904,"dateWeekOfYear":45},"analyticsEventCreatedAtDateObject":"Nov 7, 2023, 10:30:21 AM","analyticsEventAnalyticsEventPair":{"analyticsEventPairAnalyticsEventAction":"IncidentEvent","analyticsEventPairMessage":"Stored incident event."},"analyticsEventAuthenticatedModelAbs":{"endpointId":12345,"authenticatedModelTypeId":1,"endpointStatusId":12,"endpointAuthenticatedModelType":{"authenticatedModelTypeId":1,"authenticatedModelTypeName":"LocalAgent","authenticatedModelTypeManual":false,"authenticatedModelTypeEnabled":true,"authenticatedModelTypeUpdatedAt":1545674908659,"authenticatedModelTypeCreatedAt":1545674908659},"endpointName":"ABC12345","versionId":12345,"endpointEndpointStatus":{"endpointStatusId":1,"endpointStatusName":"Free","endpointStatusManual":true,"endpointStatusEnabled":true,"endpointStatusUpdatedAt":1545747509480,"endpointStatusCreatedAt":1545747509480},"operatingSystemId":6772,"endpointOperatingSystem":{"operatingSystemId":6772,"operatingSystemFamilyId":3,"operatingSystemName":"Windows Server 1234","operatingSystemUniqueIdentifier":"abcd12345683b64cb528","operatingSystemTypeId":2,"operatingSystemManual":false,"operatingSystemEnabled":true,"operatingSystemUpdatedAt":1590064666274,"operatingSystemCreatedAt":1590064666274},"endpointArchitecture":{"architectureId":3,"architectureName":"x64","architectureManual":false,"architectureEnabled":true,"architectureUpdatedAt":1545674908636,"architectureCreatedAt":1545674908636},"architectureId":3,"endpointManual":true,"endpointEnabled":false,"endpointUpdatedAt":1699353016761,"endpointCreatedAt":1660908125293,"endpointTokenGenerationTime":1698765831591,"endpointAlive":false,"endpointHash":"11345abcde8a05b4b2cfd4d7","endpointOrganization":{"userId":1113,"organizationUniqueIdentifier":"abcd12345e6d3668179564c","organizationDomainPrefix":"abcd","organizationName":"AB-abcd","organizationManual":false,"organizationIsActivated":true,"organizationEnabled":true,"organizationUpdatedAt":1683207458913,"organizationCreatedAt":1614100092858,"organizationId":539},"endpointVersion":{"versionId":12345,"versionName":"1.12.12","versionUniqueIdentifier":"abcd123458788236e2187d058b5","versionManual":false,"versionEnabled":true,"versionUpdatedAt":1545581305467,"versionCreatedAt":1545581305467},"organizationId":123},"analyticsEventObjectCreatedAt":1660908125293}