RetrohuntHit

A hit encountered during a retrohunt search.

Field	Type	Description	Required	Default
key	Keyword	Unique code indentifying this hit	Yes	None
classification	Classification	Classification string for the retrohunt job and results list	Yes	None
sha256	SHA256	None	Yes	None
expiry_ts	Date	Expiry for this entry.	Optional	None
search	Keyword	None	Yes	None

Retrohunt

A search run on stored files.

Field	Type	Description	Required	Default
indices	Enum	Defines the indices used for this retrohunt job Values: "archive", "hot", "hot_and_archive"	Yes	hot_and_archive
classification	Classification	Classification for the retrohunt job	Yes	None
search_classification	ClassificationString	Maximum classification of results in the search	Yes	None
creator	Keyword	User who created this retrohunt job	Yes	None
description	Text	Human readable description of this retrohunt job	Yes	None
expiry_ts	Date	Expiry timestamp of this retrohunt job	Optional	None
start_group	Long	Earliest expiry group this search will include	Yes	None
end_group	Long	Latest expiry group this search will include	Yes	None
created_time	Date	Start time for the search.	Yes	None
started_time	Date	Start time for the search.	Yes	None
completed_time	Date	Time that the search ended	Optional	None
key	Keyword	Unique code identifying this retrohunt job	Yes	None
raw_query	Keyword	Text of filter query derived from yara signature	Yes	None
yara_signature	Keyword	Text of original yara signature run	Yes	None
errors	List [Keyword]	List of error messages that occured during the search	Yes	None
warnings	List [Keyword]	List of warning messages that occured during the search	Yes	None
finished	Boolean	Boolean that indicates if this retrohunt job is finished	Yes	False
truncated	Boolean	Indicates if the list of hits been truncated at some limit	Yes	False