You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Command: Invoke-FalconResponderCommand -SessionId sessionid -Command 'runscript' -Arguments '-Raw=```commands go here```'
Results in:
Format-Result : 40014: Unrecognized flag found: Raw, value: commands go here
At C:\Users\me\Documents\WindowsPowerShell\Modules\PSFalcon\2.0.7\Private\Private.ps1:972 char:17
+ Format-Result -Response $Response -Endpoint $Endpoint
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (StatusCode: 400...ication/json
}:HttpResponseMessage) [Format-Result], Exception
I'm trying to continue an existing session started with Invoke-RTR (which does work using -Raw as of 2.0.7) and would prefer running commands in that session instead of spinning one up for each command.
The text was updated successfully, but these errors were encountered:
Active Responder permissions are not able to be used to submit Raw runscript commands via the Real-time Response API. You'll have to use Invoke-FalconAdminCommand.
Similar to #33
Command:
Invoke-FalconResponderCommand -SessionId sessionid -Command 'runscript' -Arguments '-Raw=```commands go here```'
Results in:
I'm trying to continue an existing session started with Invoke-RTR (which does work using -Raw as of 2.0.7) and would prefer running commands in that session instead of spinning one up for each command.
The text was updated successfully, but these errors were encountered: