I am updating all our offline collectors and trying out the import_collection() functionality. If I import and provide an existing client_id, the import_collection() succeeds but the resulting collection never appears under the existing client in the gui. I can still get to the data if I use the source() function in VQL in a notebook but must recreate each of the artifacts in the collection.

When I review the datastore of my velociraptor instance, I see that all the directories and files for the imported collection exist under the client directory ( ..\velociraptor\clients\C.) but the flow_index.json file is not updated. If I manually add an entry to the flow_index.json with the flow id, it shows up in the GUI under that client.

If the import _collection is run without an existing client_id to generate a new client, the flow_index.json file for that new client is created with the correct entry and the import shows up under the new client in the gui.

This behaviour is the same, not surprisingly, if I manually create VQL and call import_collection(), or if I use the Server.Utils.ImportCollection artifact.

This is all done with a local install of version 0.7.1 on Windows 10.