TaniumFilterComputersByIndexQueryFileDetails

Gets the requested sensors from all of the machines where the index query file details match the given filter. For example, !TaniumFilterQuestionByIndexQueryFileDetails sensors="Computer Name" filter_type=contains filter_value=Demisto limit=5 will be translated to the following plain text Tanium question: "Get Computer Name from all machines with any Index Query File Details[, , , , , , *, 5] containing "Demisto"".

Script Data


NameDescription
Script Typepython
Tagstanium

Dependencies


This script uses the following commands and scripts.

  • tn-ask-manual-question

Inputs


Argument NameDescription
directoryPathThe glob of the directory's name used for searching. For example, "Windows".
fileNameThe glob of the file's name used for searching. For example, "*exe".
fileSizeThe glob of the file's size used for searching. For example, "10??".
fileMD5HashThe glob of the file's MD5 hash used for searching. For example, "1c7b*".
fileSHA1HashThe glob of the file's SHA1 hash used for searching. For example, "1c7b*".
fileSHA256HashThe gob of the file's SHA256 hash used for searching. For example, "1c7b*".
magicNumberThe glob of a magic number used for searching. For example, "4D54*".
limitThe maximum number of rows to return.
filter_typeThe type of filter to apply to the question results.
filter_valueThe value to filter the results by.
sensorsThe semicolon separated list of columns to return. For example, "Computer Name;IP Address".

Outputs


PathDescriptionType
Tanium.QuestionResults.Computer NameThe computer name that contains the index query file details as specified by the filters.Unknown
Tanium.QuestionResults.CountThe number or results per computer name that match the filter.Unknown