Invoke FalconAdminCommand
Issue a Real-time Response admin command to an existing single-host or batch session
Requires 'Real Time Response (Admin): Write'.
| Name | Type | Min | Max | Pattern | Allowed | Pipeline | PipelineByName | Description |
|---|---|---|---|---|---|---|---|---|
| Command | String |
catcdclearcpcsrutilcswindiagencryptenveventlog backupeventlog exporteventlog listeventlog viewfilehashgetgetsidhelphistoryifconfigipconfigkilllsmapmemdumpmkdirmountmvnetstatpsputput-and-runreg deletereg loadreg queryreg setreg unloadrestartrmrunrunscriptshutdownumountunmapupdate historyupdate installupdate listupdate installusersxmemdumpzip
|
False | False | Real-time Response command | |||
| Argument | String | False | False | Arguments to include with the command | ||||
| Timeout | Int32 | 30 |
600 |
False | False | Length of time to wait for a result, in seconds | ||
| OptionalHostId | String[] | ^[a-fA-F0-9]{32}$ |
False | False | Restrict execution to specific host identifiers | |||
| SessionId | String | ^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$ |
False | True | Session identifier | |||
| BatchId | String | ^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$ |
False | True | Batch session identifier | |||
| Wait | Switch | False | False | Use 'Confirm-FalconAdminCommand' or 'Confirm-FalconGetFile' to retrieve command results |
Invoke-FalconAdminCommand [-Command] <String> [[-Argument] <String>] [[-Timeout] <Int32>] [[-OptionalHostId]
<String[]>] -BatchId <String> [-Wait] [-WhatIf] [-Confirm] [<CommonParameters>]
Invoke-FalconAdminCommand [-Command] <String> [[-Argument] <String>] -SessionId <String> [-Wait] [-WhatIf] [-Confirm] <CommonParameters>]
Generated 20220922 using PSFalcon v2.2.3
