Create shared agents to transfer files and execute commands on a remote machines by running automations and scripts, and using forensic tools.
A shared agent enables you to transfer files and execute commands on remote machines for a number of incidents. If you want to create an agent for a specific incident only, create a D2 Agent.
Before installing a shared agent, you need to create a shared agent instance. The default hostname must be the same as the endpoint’s system name.
Shared agents enable you to do the following:
Perform tasks from the Cortex XSOAR CLI as if you were using the target machine.
Run pre-defined D2 agent automation scripts.
Create and configure automation scripts using Agent Tools.
Run existing D2 agent forensic tools (agent tools) as part of a Cortex XSOAR playbook.
You can run all the D2 automations, such as D2Exec, D2Drop, etc. You need to add Name of shared agent
at the end of each automation.