|The Artifact to update
|Set to true make the artifact hidden in the GUI, false to make it visible again.
Required Permissions: ARTIFACT_WRITER SERVER_ARTIFACT_WRITER
Sets metadata about the artifact.
This VQL function is used to clean up the artifact search screen and guide users to assist with investigations.
Velociraptor comes with a lot of built in artifacts which may be confusing to some users and in specialized deployments it may be preferable to guide users into a small subset of artifacts and hide the rest.
For example, say you have a set of custom artifacts that you only want to show. Then I would add a special keyword to their description (for example a company name - say “Written by ACME inc”). Then a query like this will hide the others:
SELECT name, artifact_set_metadata(name=name, hidden=TRUE)
FROM artifact_definitions() WHERE NOT description =~ "ACME"