Skip to main content

Workflow Template: Socrates Tool - List Remote Scripts in SentinelOne

List the available remote scripts for a specific platform in SentinelOne so that Socrates can choose the best script to perform RemoteOps.

Updated this week

The "Socrates Tool - List Remote Scripts in SentinelOne" workflow template is designed to streamline endpoint management by automating the retrieval of remote scripts from SentinelOne. This tool allows security analysts to efficiently filter scripts based on the operating system, enhancing threat hunting and incident response capabilities. By automating script parameter definitions, it reduces manual input, thereby improving accuracy and saving time in case management and endpoint detection and response (EDR) processes.

Take Me to the Template

Use Cases

Case Management , Endpoint Detection and Response (EDR) , Threat Hunting

Workflow Breakdown

  1. Given a platform name, a query is executed to list remote scripts filtered by platform.

  2. Group scripts by category and extracts Script ID and Parameters instructions.

Vendors

Utils, SentinelOne

Workflow Output

The workflow’s output will give Socrates instructions on how to define custom parameters for each script, so the analyst doesn’t need to manually define the script parameters.

Related Articles
Workflow Template: QuickAction - Fetch a File from Device on SentinelOne
Workflow Template: QuickAction - Run a RemoteScript on a device with SentinelOne
Workflow Template: Run remote script on devices with SentinelOne Agent
Workflow Template: Socrates Tool - Run a RemoteScript on a device with SentinelOne
Workflow Template: Socrates Tool - Scan Device on SentinelOne
Did this answer your question?