Skip to content

Commit

Permalink
ReadMe Live Response Update
Browse files Browse the repository at this point in the history
  • Loading branch information
@Bert-JanP
Bert-JanP committed Feb 7, 2024
1 parent f98a78a commit 8f1c6d2
Showing 1 changed file with 2 additions and 6 deletions.
8 changes: 2 additions & 6 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,12 +80,8 @@ Execute script:
- Go to the device page
- Initiate Live Response session
- Upload File to library to upload script
- After uploading the script to the library, use the ***run*** command to run the script

To collect the output of the DFIR script perform the following actions:
```PowerShell
getfile "C:\windows\DFIR-TestDevice-2022-07-06.zip" &
```
- After uploading the script to the library execute: ```run DFIR-script.ps1``` to start the script.
- Execute ```getfile DFIR-DeviceName-yyyy-mm-dd``` to download the retrieved artifacts to your local machine for analysis.

### Docs
- [Microsoft Documentation Live Response](https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/live-response?view=o365-worldwide)
Expand Down

0 comments on commit 8f1c6d2

Please sign in to comment.