Create Correção Falcon

tgyuy commented 1 month ago

1 - Baixa o PSFalcon no Github: https://github.com/CrowdStrike/psfalcon

Usa meu script aqui para distribuir (executa.ps1)

Import-Module -Name ./PSFalcon.psd1 -Force

Request-FalconToken -ClientId SUAAPI -ClientSecret SUASCRET -Cloud us-1

# Vai no grupo que vc quer acertar e altere pelo ID que tem na URL
$GroupId = "cf5b2566f5f0456097ef65f6c07db494"
$HostIds = Get-FalconHost -All -Filter "groups:'$GroupId'"

Invoke-FalconRTR -Command runscript -Arguments "-CloudFile='SCRIPT-NO-RESPONSE-SCRIPTS'" -Verbose -HostIds $HostIds -Timeout 90 | Export-Csv 'export-result.csv'

2 - Script para colocar no response scripts files na console do CrowdStrike

$ProgressPreference = 'SilentlyContinue'

# Caminho de rede para a pasta já descompactada
$networkPath = "\\fileserver\pasta"

# Caminho local para onde a pasta será copiada
$localPath = "pasta"

# Copiar a pasta do caminho de rede para a máquina local
Copy-Item -Path $networkPath -Destination $localPath -Recurse

# Navegar para o diretório copiado
cd $localPath

# Instalar o Elastic Agent
.\software-pra-instalar.exe install

Please review our Code of Conduct and our Contribution Guidelines before submitting a Pull Request.

REMOVE ALL PULL REQUEST HINTS BEFORE SUBMITTING

PULL REQUEST TITLE

Pull Request general description should go here.

Please fill out all values and then remove any help text before submitting your PR.

[x] Enhancement
[ ] Major Feature update
[ ] Bug fixes
[ ] Breaking Change
[ ] Documentation

Check the values above that match your PR and remove the remaining.

Added features and functionality

If your PR adds features or functionality, what should be included in the next release notes?

Issues resolved

Bug fix: Please list related bugs individually. Identifying the ticket or bug report in the PR description auto-updates the affected ticket and helps the community with ticket triage. For example:
Fixes https://github.com/CrowdStrike/psfalcon/issues/1234 by doing foo
Mitigates https://github.com/CrowdStrike/psfalcon/issues/5678 by updating bar.
BE EXPLICIT in what you are resolving

Other

List any other details here
Documentation regarding your changes can also be listed here

bk-cs commented 1 week ago

Thank you for your contribution!

I'm not sure of your goal with this. As I only speak English, could you re-submit in English and provide a description of your suggestion and final outcome of the additional code?

tgyuy commented 15 hours ago

Sorry for only replying now 5511971331516 this my whatsapp Em 3 de set. de 2024 19:11, bk-cs @.***> escreveu: Thank you for your contribution! I'm not sure of your goal with this. As I only speak English, could you re-submit in English and provide a description of your suggestion and final outcome of the additional code?

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: @.***>

CrowdStrike / psfalcon