Click tools, batch remediation
Select your agent source
Select your agent
Add new in remediation batch information
Select the command you would like to run
In this example i will use a .bat file to execute the command
my.bat contains a simple execution of taking the output of a directory listing and creating a file on the root of C:/
@echo off
dir c:\windows\system32\drivers\etc\*.* > c:\test.txt
As part of this example, i also want to run a powershell script.
PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process PowerShell -ArgumentList '-NoProfile -ExecutionPolicy Bypass -File ""C:\test.ps1""' -Verb RunAs}"
The powershell script is called by the bat file.
Save the bat file with these contents.
The powershell file contains the following:
Get-Service | Where {$_.status –eq 'running'} > C:\output2.txt
Which outputs the services running to a text file called output2.txt.
Once the batch remediation is input correctly, click ok
Save it appropriately and then click run
The data processing status window then appears showing the agent request and the location the batch remediation is processing on:
If this completes successfully, you will see green bars appear for the jobs.
Once you have tested these scripts functioning, you can then switch out the powershell and bat file for files to do more invasive remediation.