Skip to content

RAI2311_0001: Collect file via SOLDR

Summary

ID RAI2311_0001
Brief Description This response action is intended to obtain file from remote host
Author Alex@Cyberok
Creation Date 2023/02/03
Modification Date 2023/03/30
Requirements
  • software
Tags
  • Collect File
  • Linux
  • Windows
  • Macos
Means of action
  • SOLDR
    cpe:2.3:a:soldr:soldr:*:*:*:*:*:*:*:*
Linked Response Actions

Description

File sender module lets you collect objects directly from the SOLDR (XDR) interface.

Target system requirements

Installed SOLDR agent.

Requirements for means of action

1) Enabled "File sender" module.

Expected impact result

1) Downloaded current file.

Implementations

Set up module

1) First of all we need to enable module in our policy and fullfil general setings. Turn On

Module usage example

2) Then you should go to tab "Agents", choose disered agent and then click on button "Basic parameters". Example

3) Define path to file and use of 2 options - send to external server or send to minio. Server