Run a Real Time Response command on a host protected by CrowdStrike. This can be a long running task, so a "job_id" will be returned when ran. That "job_id" can be checked periodically to get the current running status of the job as well job results as 'data' when the job status is either 'successful' or 'failure'. Some Real Time Response commands include: • cat • cd • eventlog • filehash • get • help • kill • Is • map • memdump • mv • ps • put • reg • rm • runscript • xmemdump
Conor Dunne
How it works
Import this story to your tenant, from where you can adapt it to meet your unique needs.
Import