Search:

Invoke-ComaeADWinAnalyze

Invoke-ComaeADWinAnalyze

Synopsis

Invoke DumpIt on a remote Windows AD instance, and send it to the Comae platform.

Syntax

Invoke-ComaeADWinAnalyze [-Token] <String> [-OrganizationId] <String> [-CaseId] <String> [-ComputerName] <String> 
[[-Hostname] <String>] [<CommonParameters>]

Parameters

NameAliasDescriptionRequired?Pipeline InputDefault Value
TokenBearer token generated by the user on via the user interface of the Comae platform.truefalse
OrganizationIdThe organization id can be retrieved in the user interface or by calling Get-ComaeOrganizations.truefalse
CaseIdThe case id can be retrieved in the user interface or by calling Get-ComaeCases.truefalse
ComputerNameThe name of the machine in the Active Directory domain.truefalse
HostnameDefault hostname is beta.comae.tech but this can be changed for private instances.falsefalsebeta.comae.tech

Examples

EXAMPLE 1 Invoke a Active Directory run command with overriding the script ‘ComaeRespond.ps1’ on a Windows VM machine name ‘$machinename.

PS C:\\\> Invoke-ComaeAwsVMWinAnalyze -Token $Token -OrganizationId $OrganizationId -CaseId $CaseId  
-ComputerName $machinename.