Hi Ben,
I was able to successfully execute shell commands on local as well as remote computer from Resilient. The output of the command executed is added as an Incident Note. However, I am facing one issue now. I am not able to get the
exitcode. Please check below screenshot.
This is the post-process script I am using in the workflow.
Since, the exitcode is not '0', we are receiving
Command failed response. However, the command specified is properly getting executed.
For e.x.
In above case, I executed
touch /home/test.txt on remote computer to create test.txt file in home directory.
After executing the workflow, the test.txt file was successfully generated, however, since the exitcode was not equal to '0', we are receiving
Command failed response.
Do you have any idea why the exitcode is not receiving even after successful execution of command ? Any help would be appreciated.
Thanks,
------------------------------
Akhilesh Deshmukh,
Data Analyst, SecurityHQ
------------------------------
Original Message:
Sent: Tue March 09, 2021 12:34 AM
From: Akhilesh Deshmukh
Subject: Execute Shell Commands using Resilient
Hi Ben,
Thanks for your response. I have gone through the documentation for fn_utilities. I have performed the steps in same way as given in the documentation.
You can see the steps in the screenshots above.
However, it is not helping us to execute the shell command remotely. Is there any way I can get any help with this issue ? I opened a ticket with IBM support, however, they asked to direct this question to community instead.
Thanks,
------------------------------
Akhilesh Deshmukh,
Data Analyst, SecurityHQ
Original Message:
Sent: Mon March 08, 2021 09:16 AM
From: Ben Lurie
Subject: Execute Shell Commands using Resilient
Using the google keywords 'ibm resilient fn_utilities remote command' I was able to find this: file:///Users/blurie@us.ibm.com/Downloads/fn_utilities-v1.0.10.pdf which contains the following examples:
Hopefully that helps.
Ben
------------------------------
Ben Lurie
Original Message:
Sent: Mon March 08, 2021 04:28 AM
From: Akhilesh Deshmukh
Subject: Execute Shell Commands using Resilient
Hi Ben,
I am trying to execute "ls -alh" command on the remote computer just to check how the remote shell command execution works. Below is the screenshot for reference. Please let me know, if this is incorrectly configured.
Also, this is how the function has been configured in Resilient. Refer below screenshot.
After execution of the workflow, I am receiving below error.
==========================================================================================================================
I am unable to understand where I am exactly missing to configure this properly. Please kindly help with this.
Thanks,
------------------------------
Akhilesh Deshmukh,
Data Analyst, SecurityHQ
Original Message:
Sent: Wed March 03, 2021 07:37 AM
From: Ben Lurie
Subject: Execute Shell Commands using Resilient
Can you post some details about the troubles you are having? Are there errors? Can you show how you have configured the Function inputs?
Ben
------------------------------
Ben Lurie
Original Message:
Sent: Tue March 02, 2021 04:00 AM
From: Akhilesh Deshmukh
Subject: Execute Shell Commands using Resilient
Hi Team,
We want to execute shell commands using resilient function. We have fn_utilities function available in our Resilient platform. It appears that there is provision to execute shell commands using utilities function. However, even after checking the documentation of utility function, we are unable to execute the ssh command.
For e.x. ,
we have xx.xx.xx.71 test server in our network where lets say we want to execute ls command (to test how the shell command gets executed). For that, we edited the app.config file on our resilient-circuits server (xx.xx.xx.61). But that doesn't seem to be helping.
Can you help us in executing shell commands using the resilient workflows ? It would be highly appreciated.
I hope the question is understandable. Please let me know if any issues.
Thanks,
Akhilesh Deshmukh,
SecurityHQ
------------------------------
Akhilesh Deshmukh,
Data Analyst, SecurityHQ
------------------------------