# Schedule Hunt/Triage Tasks

#### AIR Hunt/Triage Scheduled Task via API Script by using crontab

* Download the script and grant permission to run.

  `wget https://cdn.binalyze.com/air-deploy/scripts/air-triage-task-via-api.sh chmod +x air-triage-task-via-api.sh`
* Download the script and grant permission to run (URL is an example).

  `wget https://<tenantname>.cisco-<region>.binalyze.io /air-deploy/scripts/air-triage-task-via-api.sh chmod +x air-triage-task-via-api.sh`
* Move the script file to a directory, such as the **/opt** directory, as shown below.

  `mv air-triage-task-via-api.sh /opt/air-triage-task-via-api.sh`
* Update the console address and API Token value in the script. You must add the desired hunt/triage rule id values to the "triageRuleIds" field.

For example, there are two default rules below; you can change them.

"fireeye-red-team-tools-countermeasures", "fireeye-sunburst-countermeasures"

* Add it as a cronjob by running the command below.

  `crontab -e`
* After running the above command, add the following lines in the editor.

`# At 00:00 on Sunday 0 0 * * 0 /opt/air-triage-task.sh`