Search:

Invoke-ComaeAwsVMWinAnalyze

Invoke-ComaeAwsVMWinAnalyze

Synopsis

Invoke DumpIt on a remote Windows Aws Virtual Machine, and send it to the Comae platform.

Syntax

Invoke-ComaeAwsVMWinAnalyze [-Token] <String> [-OrganizationId] <String> [-CaseId] <String> [[-AccessKey] <String>] 
[[-SecretKey] <String>] [-Region] <String> [-InstanceId] <String> [[-Hostname] <String>] [<CommonParameters>]

Parameters

NameAliasDescriptionRequired?Pipeline InputDefault Value
TokenBearer token generated by the user on via the user interface of the Comae platform.truefalse
OrganizationIdThe organization id can be retrieved in the user interface or by calling Get-ComaeOrganizations.truefalse
CaseIdThe case id can be retrieved in the user interface or by calling Get-ComaeCases.truefalse
AccessKeyAws Access Key (optional). Only used if Get-AWSCredentials is null.falsefalse
SecretKeyAws Secret Key (optional). Only used if Get-AWSCredentials is null.falsefalse
RegionThe region where the Aws virtual machine belongs to.truefalse
InstanceIdThe instance id of the Aws virtual machine.truefalse
HostnameDefault hostname is beta.comae.tech but this can be changed for private instances.falsefalsebeta.comae.tech

Examples

EXAMPLE 1 Invoke a SSM run command with overriding the script ‘ComaeRespond.ps1’ on a Windows VM instance id ‘$instanceid’ in region ‘$region’.

PS C:\\\> Invoke-ComaeAwsVMWinAnalyze -Token $Token -OrganizationId $OrganizationId -CaseId $CaseId  
-Region $region -InstanceId $instanceid