retrieve files from selected endpoints. You can retrieve up to 20 files.

External Documentation

To learn more, visit the Cortex XDR documentation.

Parameters

ParameterDescription
EndpointThe endpoint from which the files will be retrieved. Select the endpoint’s hostname or manually type its ID.
File PathsA comma-separated list of file paths which will be retrieved from the endpoint.
Incident IDString representing the incident ID.

When included in the request, the Isolate Endpoints action will appear in the Cortex XDR Incident View Timeline tab.

Example Output

{
	"reply": {
		"action_id": "string",
		"status": "string",
		"endpoints_count": "string"
	}
}

Workflow Library Example

Retrieve Files from Endpoint with Cortex Xdr and Send Results Via Email

Preview this Workflow on desktop

retrieve files from selected endpoints. You can retrieve up to 20 files.

External Documentation

To learn more, visit the Cortex XDR documentation.

Parameters

ParameterDescription
EndpointThe endpoint from which the files will be retrieved. Select the endpoint’s hostname or manually type its ID.
File PathsA comma-separated list of file paths which will be retrieved from the endpoint.
Incident IDString representing the incident ID.

When included in the request, the Isolate Endpoints action will appear in the Cortex XDR Incident View Timeline tab.

Example Output

{
	"reply": {
		"action_id": "string",
		"status": "string",
		"endpoints_count": "string"
	}
}

Workflow Library Example

Retrieve Files from Endpoint with Cortex Xdr and Send Results Via Email

Preview this Workflow on desktop