Credential Harvesting Alerts

Today we received lots of credential harvesting alerts, can we get one CSV report of all those alerts so we can dedup the accounts and get the count of actual accounts? I tried but there is no option to report when selected credential harvesting only. Please help asap.
Thank you
Pema, ABA IT Security


its currently not possible to extract an investigation to CSV. We only have the option to output investigations in JSON format via the Investigation API

You can search Investigations using this API


Hi @plhanang ,

Maybe you can figure it out to make a report querying the harvesting investigations IP´s in order to get that counts, you could export the CSV.

Best Regards.