You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-iot/organizations/detect-windows-endpoints-script.md
+10-10Lines changed: 10 additions & 10 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -55,26 +55,26 @@ The script detects enriched Windows data, and is run as a utility and not an ins
55
55
56
56
1. Sign into your OT sensor console, and select **System Settings** > **Import Settings** > **Windows Information**.
57
57
58
-
1. Select **Download script**. For example:
58
+
1. Select **Download script**. Your browser might ask you if you want to keep the file, select **Keep** or any similar options.
59
59
60
60
:::image type="content" source="media/detect-windows-endpoints-script/download-wmi-script.png" alt-text="Screenshot of where to download WMI script." lightbox="media/detect-windows-endpoints-script/download-wmi-script.png":::
61
61
62
-
1. Copy the script to a local drive and unzip it. The following files appear:
62
+
1. Copy the file to a local drive and unzip it. The following file appears:
63
63
64
-
-`start.bat`
65
-
-`settings.json`
66
-
-`data.bin`
67
-
-`run.bat`
64
+
-`Extract_system_info.bat`
68
65
69
-
1. Run the `run.bat` file.
66
+
1. Run the `Extract_system_info.bat` file.
70
67
71
-
After the script runs to probe the registry, a CX-snapshot file appears with the registry information. The filename indicates the machine name and the current date and time of the snapshot with the following syntax: `cx_snapshot_[machinename]_[current date time]`.
68
+
1. You'll be asked whether you want to display errors on screen or not. Make you own selection.
69
+
70
+
After the script runs to probe the registry, an output file appears with the registry information. The filename indicates the current date and time of the snapshot with the following syntax: `[current date time]_system_info_extractor`.
72
71
73
72
Files generated by the script include:
74
73
75
74
- Remain on the local drive until you delete them.
76
-
- Must remain in the same location. Don't separate the generated files.
77
-
- Are overwritten if you run the script again.
75
+
- Are overwritten if you run the script again on the same day.
76
+
- The script also logs an errorOutput that will be empty if no errors occurred during the running of the script.
77
+
- The script may create a few tmp.txt files during it’s run. The script takes care of cleaning <!-- deleting-->them at the end of it’s run.
0 commit comments