Configure Cortex XSOAR to use PowerShell commands for D2 agents and shared agents. Create PowerShell scripts.
You can run PowerShell commands directly from Cortex XSOAR, such as Office 365. If you want to use PowerShell, you need to configure Cortex XSOAR.
Relevant for both D2 agents and shared agents.
Create the PowerShell script you want to run.
In this example, we have created a PowerShell script, called printarg to print an argument.
param([string]$myarg = "") Write-Host "This is my argument: " $myarg
Zip up the file. In this example, we will call the file script.
Upload the zip file you created in Step 1.
Select → → →
Add the file.
You can see the script file contains the PowerShell script.
Create an automation that runs the PowerShell script.
Go to the Automation page and upload the script.
In this example we have created an automation called D2PowerShellEx.
Important to note:
command.push("powershell.exe"): Runs the PowerShell.command.push("'" + which("printorg.ps1") + "'"): The absolute path of the executable script.//+ script/printorg.ps1: Annotation that tells the agent which tools to send to the Windows machine. The name of the zip file (script) and the script name (printarg.ps1).For more information about the commands, see D2 Agent Script Commands.
Click Save.
Run the automation in the War Room.
To run the automation, you need to install either a D2 Agent or a Shared Agent
For example, type
!D2PowerShellEx myarg='success' using=sharedagent-demo