Update VQL references

content/vql_reference/misc/_index.md

@@ -50,6 +50,7 @@ Miscellaneous plugins not yet categorized.
 |[org_create](org_create)|<span class='vql_type'>Function</span>|Creates a new organization|
 |[org_delete](org_delete)|<span class='vql_type'>Function</span>|Deletes an Org from the server|
 |[orgs](orgs)|<span class='vql_type'>Plugin</span>|Retrieve the list of orgs on this server|
+|[panic](panic)|<span class='vql_type'>Plugin</span>|Crash the program with a panic!|
 |[passwd](passwd)|<span class='vql_type'>Function</span>|Updates the user's password|
 |[pe_dump](pe_dump)|<span class='vql_type'>Function</span>|Dump a PE file from process memory|
 |[pk_decrypt](pk_decrypt)|<span class='vql_type'>Function</span>|Decrypt files using pubkey encryption|

content/vql_reference/misc/panic/_index.md

@@ -0,0 +1,23 @@
+---
+title: panic
+index: true
+noTitle: true
+no_edit: true
+---
+
+
+
+<div class="vql_item"></div>
+
+
+## panic
+<span class='vql_type pull-right page-header'>Plugin</span>
+
+
+Required Permissions: 
+<i class="linkcolour label pull-right label-success">MACHINE_STATE</i>
+
+### Description
+
+Crash the program with a panic!
+

content/vql_reference/server/hunts/_index.md

@@ -20,8 +20,6 @@ no_edit: true
 Arg | Description | Type
 ----|-------------|-----
 hunt_id|A hunt id to read, if not specified we list all of them.|string
-offset|Start offset.|uint64
-count|Max number of results to return.|uint64
 
 Required Permissions: 
 <i class="linkcolour label pull-right label-success">READ_RESULTS</i>

content/vql_reference/server/monitoring/_index.md

@@ -20,7 +20,7 @@ no_edit: true
 Arg | Description | Type
 ----|-------------|-----
 client_id|The client id to extract|string (required)
-artifact|The name of the event artifact to read|string
+artifact|The name of the event artifact to read|string (required)
 source|An optional named source within the artifact|string
 start_time|Start return events from this date (for event sources)|Any
 end_time|Stop end events reach this time (event sources).|Any

content/vql_reference/server/rm_client_monitoring/_index.md

@@ -19,9 +19,8 @@ no_edit: true
 
 Arg | Description | Type
 ----|-------------|-----
-artifact|The name of the artifact to add|string (required)
-parameters|A dict of artifact parameters|LazyExpr
-label|Add this artifact to this label group (default all)|string
+artifact|The name of the artifact to remove from the event table|string (required)
+label|Remove this artifact from this label group (default the 'all'  group)|string
 
 Required Permissions: 
 <i class="linkcolour label pull-right label-success">COLLECT_CLIENT</i>

content/vql_reference/server/rm_server_monitoring/_index.md

@@ -19,8 +19,7 @@ no_edit: true
 
 Arg | Description | Type
 ----|-------------|-----
-artifact|The name of the artifact to add|string (required)
-parameters|A dict of artifact parameters|LazyExpr
+artifact|The name of the artifact to remove|string (required)
 
 Required Permissions: 
 <i class="linkcolour label pull-right label-success">COLLECT_SERVER</i>

static/reference/data.json

@@ -2642,16 +2642,6 @@
                 "name": "hunt_id",
                 "type": "string",
                 "description": "A hunt id to read, if not specified we list all of them."
-            },
-            {
-                "name": "offset",
-                "type": "uint64",
-                "description": "Start offset."
-            },
-            {
-                "name": "count",
-                "type": "uint64",
-                "description": "Max number of results to return."
             }
         ],
         "category": "server",
@@ -3618,7 +3608,8 @@
             {
                 "name": "artifact",
                 "type": "string",
-                "description": "The name of the event artifact to read"
+                "description": "The name of the event artifact to read",
+                "required": true
             },
             {
                 "name": "source",
@@ -3974,6 +3965,14 @@
         "description": "Retrieve the list of orgs on this server.",
         "type": "Plugin"
     },
+    {
+        "name": "panic",
+        "description": "Crash the program with a panic!",
+        "type": "Plugin",
+        "metadata": {
+            "permissions": "MACHINE_STATE"
+        }
+    },
     {
         "name": "parallelize",
         "description": "Runs query on result batches in parallel.",
@@ -5782,18 +5781,13 @@
             {
                 "name": "artifact",
                 "type": "string",
-                "description": "The name of the artifact to add",
+                "description": "The name of the artifact to remove from the event table",
                 "required": true
             },
-            {
-                "name": "parameters",
-                "type": "LazyExpr",
-                "description": "A dict of artifact parameters"
-            },
             {
                 "name": "label",
                 "type": "string",
-                "description": "Add this artifact to this label group (default all)"
+                "description": "Remove this artifact from this label group (default the 'all'  group)"
             }
         ],
         "category": "server",
@@ -5809,13 +5803,8 @@
             {
                 "name": "artifact",
                 "type": "string",
-                "description": "The name of the artifact to add",
+                "description": "The name of the artifact to remove",
                 "required": true
-            },
-            {
-                "name": "parameters",
-                "type": "LazyExpr",
-                "description": "A dict of artifact parameters"
             }
         ],
         "category": "server",