Retrieve file objects for Livehunt notifications

get https://www.virustotal.com/api/v3/intelligence/hunting_notification_files

Each file object returned, in addition to all the file details, has a context_attributes property that contains information about the VT Hunting Livehunt notification tied to the file, this is an example:

"context_attributes": {
  "match_in_subfile": false,
  "notification_date": 1543301214,
  "notification_id": "961092289288866-4582222113734656-3c7f77cc43338e14824c111671beef30",
  "notification_snippet": "00 61 64 64 41 75 64 69 6F [...]",
  "notification_source_key": "b3190c38",
  "notification_tags": [
    "bozok",
    "rats",
    "a2d2906f7ad5265165c25baed76d342b48b8bc5f4d9db6004e9e6dd72eaea4e1"
  ],
  "ruleset_id": "5706526672224256",
  "ruleset_name": "rats",
  "rule_name": "Bozok",
  "rule_tags": [],
}

Other than that, the filter parameter allows to filter the matching files according to the VT Hunting Livehunt notification properties. You can filter by the name of the matching rule, match date, rule namespace, ruleset or file hash. Notice however that this only works with the exact keyword, not substrings of it.

For more information check the user's hunting_notification_files relationship.

Language
Click Try It! to start a request and see the response here!