Retrieve Files From Endpoint
retrieve files from selected endpoints. You can retrieve up to 20 files.
Parameters
| Parameter | Description |
|---|---|
| Endpoint | The endpoint from which the files will be retrieved. Select the endpoint's hostname or manually type its ID. |
| File Paths | A comma-separated list of file paths which will be retrieved from the endpoint. |
| Incident ID | String representing the incident ID.When included in the request, the Isolate Endpoints action will appear in the Cortex XDR Incident View Timeline tab. |
Example Output
{
"reply": {
"action_id": "string",
"status": "string",
"endpoints_count": "string"
}
}
Workflow Library Example
Retrieve Files from Endpoint with Cortex Xdr and Send Results Via Email
Preview this Workflow on desktop