Missing org_id Parameter in Velociraptor App

[Afaf-dev]

By testing the app with the latest versions of Velociraptor, I found that the org_id parameter is missing and the queries doesn't work to other organisations because by default the API connection will be to the root org of Velociraptor.

This parameter should be added here
https://github.com/Shuffle/python-apps/blob/master/velociraptor/1.0.0/src/app.py#L43C11-L48C16

As referenced in the official Velociraptor repository, the org_id parameter is expected:
https://github.com/Velocidex/pyvelociraptor/blob/master/pyvelociraptor%2Fclient_example.py#L71

Additionally, org_id should be available as a parameter in the Shuffle UI to specify when running a given query.

Would it be possible to add this enhancement? maybe on an other version of the app..

Thanks!

[frikky]

By testing the app with the latest versions of Velociraptor, I found that the org_id parameter is missing and the queries doesn't work to other organisations because by default the API connection will be to the root org of Velociraptor.

This parameter should be added here https://github.com/Shuffle/python-apps/blob/master/velociraptor/1.0.0/src/app.py#L43C11-L48C16

As referenced in the official Velociraptor repository, the org_id parameter is expected: https://github.com/Velocidex/pyvelociraptor/blob/master/pyvelociraptor%2Fclient_example.py#L71

Additionally, org_id should be available as a parameter in the Shuffle UI to specify when running a given query.

Would it be possible to add this enhancement? maybe on an other version of the app..

Thanks!

Hey!

Would you be able to send a PR for it? We don't have a test environment, so it could be tricky. You would need two things:

1. Update the app.yaml file so that it shows up in the Shuffle UI
2. Add the "org_id" parameter to the relevant functions in the src/app.py file

Otherwise I'd be happy to jump on a call and fix it with you in realtime :)