Shared Agents - Administrator Guide - EoL - 6.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
6.5
Creation date
2022-09-28
Last date published
2024-07-16
Category
Administrator Guide
End of Life > EoL
Abstract

Create shared agents to transfer files and execute commands on a remote machines by running automations and scripts, and using forensic tools.

A shared agent enables you to transfer files and execute commands on remote machines for a number of incidents. If you want to create an agent for a specific incident only, create a D2 Agent.

Before installing a shared agent, you need to create a shared agent instance. The default hostname must be the same as the endpoint’s system name.

Shared agents enable you to do the following:

  • Perform tasks from the Cortex XSOAR CLI as if you were using the target machine.

  • Run pre-defined D2 agent automation scripts.

  • Create and configure automation scripts using Agent Tools.

  • Run existing D2 agent forensic tools (agent tools) as part of a Cortex XSOAR playbook.

You can run all the D2 automations, such as D2Exec, D2Drop, etc. You need to add Name of shared agent at the end of each automation.