Custom Scripts

  1. Define the endpoints that the script will be run against.

    1. Enter the ID for one or more of your organization's endpoints in the Endpoints field. or Click the Add Random Endpoints Icon () button located under the lower-right corner of the Endopoints field to add multiple random endpoints.

    2. Select the desired operating system or system(s) from the Add Random Endpoints dialog.

    3. Click Add. The selected endpoints are added to the Endpoints field.

  2. Define your script by selecting an existing script from the Orbital Catalog.

    1. Click Browse Catalog

    2. Type the name of the script you wish to run in the Search field. The script list will automatically adjust to only include the catalog scripts that contain the search term(s).

    3. Click on the desired script name to view its detailed information.

      4. Review the contents of the script's detailed information and decide if you wish to use the script or not.

    4. When you have found the script you wish to run, click Use script.

    5. Add any required parameters in the Parameters field if the script requires you to specify them.

  3. Click Run Script to run the script and view the results.

Custom Script

To send the script to the specified endpoints click Run Script. The results will be returned in the right pane:

Study the results and the Python script to learn how to edit catalog scripts and write your own Python to follow your investigation wherever it leads. You can edit the script and click Run Script again; the results will refresh.

Download

The Download function allows you to download the records of all the results of the active ad hoc query. The records retrieved using Download can be either formatted in a Comma Separated Value (CSV) file or a JavaScript Object Notation (JSON) file.

To download the active ad hoc query results:

  1. Click Download. This will display the file type selector, as shown in the figure below.

  2. Select the file type, either JSON or CSV. This will display the Preparing download... message, as shown below.

    3. When the results file is ready to download, Orbital will display the download is ready message, as shown below.

  3. Click download is ready.

This will download the ad hoc query results in a ZIP file.

More Info