Retrieve Files from an Endpoint
This capability is supported on Windows endpoints with Traps 6.1 and later releases.
If during investigation you want to retrieve files from one or more Windows endpoints, you can initiate a file retrieval request from Traps management service.
For each file retrieval request, Traps management service supports up to:
- 20 files
- 200MB in total size
- 10 different endpoints
The request instructs the agent to locate the files on the endpoint and upload them to Traps management service. The agent collects all requested files into one archive and includes a log in JSON format containing additional status information. When the files are successfully uploaded, you can download them from the Actions Tracker.
You can also retrieve files related to a security event using the Retrieve Files response action.
To retrieve files from one or more endpoints:
- From Traps management service, select.EndpointsEndpoints
- If needed, filter the list of endpoints.To reduce the number of results, use the endpoint name search and filters from theFiltersmenu at the top of the page.
- Select the endpoints from which you want to retrieve files and then select the retrieve files ( ) icon.
- Enter the paths for the files you want to retrieve, pressingEnterafter each completed path.You can also paste a list of paths from a file that contains each path on a new line. To edit a path, double click it.
- SelectRetrievewhen finished.To track the status of a file retrieval action, view theActions Tracker. Traps management service retains retrieved files for up to one week.
After you assess a security event and determine a file or process is malicious, you can take additional response actions to remediate the endpoint. ...
Retrieve Logs from an Endpoint
Retrieve Logs from an Endpoint From the details view of an endpoint, you can initiate a request to retrieve all logs from an endpoint. You ...
Manage Registered Endpoints
Manage Registered Endpoints After the Traps agent registers with the Traps management service, you can view information about the endpoint and perform basic management functions. ...
Scan an Endpoint for Malware
Scan an Endpoint for Malware In addition to blocking the execution of malware, Traps can scan your Windows endpoints and attached removable drives for dormant ...
Features Introduced in 2018
Introducing new features in the Traps management service by month during 2018. ...
Features Introduced in 2019
Introducing new features in the Traps management service by month during 2019. ...
Monitor Administrative Actions
Monitor Administrative Actions To monitor the progress of administrator-initiated activities that may take time to complete (especially when run in bulk), you can use the ...
Migrate from the Traps Endpoint Security Manager to the Tra...
Migrate from Traps Endpoint Security Manager to Traps Management Service You can easily migrate the Traps agent from management by the Endpoint Security Manager (ESM) ...