Initiate Scan
Use this command to run a Full Disk Scan on agents that match the filter. Full Disk Scan finds dormant suspicious activity, threats, and compliance violations, that are then mitigated according to the policy. It scans the local file system.
You must use one of the filters before executing the action.
Basic Parameters
| Parameter | Description |
|---|---|
| Active Threats | Include agents with this amount of active threats. |
| Agents IDs | A list of agent IDs to filter by. |
| Query | A free-text search term, will match applicable attributes (sub-string match). Note: Device's physical addresses will be matched if they start with the search term only (no match if they contain the term). |
Advanced Parameters
| Parameter | Description |
|---|---|
| Account IDs | List of account IDs to filter by. |
Example Output
{
"errors": [
{
"type": "object"
}
],
"data": {
"affected": "integer"
}
}
Workflow Library Example
Initiate Scan with Sentinelone and Send Results Via Email
Preview this Workflow on desktop