Azure ATP sensor proxy setting location

Question

Hi&nbsp;I'm looking for a way to inventory proxy setting on all deployed ATP sensor.I tried unsuccessfully to find proxy setting location on a DC using proxy. (Used Resource monitor/network to confirm it).All sensor with proxy was installed with the setup command line with the proxy switch.&nbsp;Regards&nbsp;

eliofek · Answer

duckjibe&nbsp;The proxy settings are immutable and not humanly readable, they are created and saved during deployment in a local file with sensitive info encrypted.
IF you need to change proxy settings, it forces you to uninstall and reinstall.

or tsemah · Answer

duckjibe&nbsp;
Hi, can you please tell us more about this ask, such as

If we to expose the current proxy configuration per sensor, where would you expect to see it?
What would you do with that information if you got it beside inventory?

Or.

duckjibe · Answer

Or Tsemah&nbsp;Hi , sorry for my late answerI need this information to document all Tier 0 components and network flows to improve firewall filtering. Also need to debug sensor issue and improve network connection disponibilty to AATP.&nbsp;It will nice to be able to display it on the DC like the WDATP control panel ou any other way.Another place is to add a column in the Configuration/sensors web page status and in the "Domain Controller Coverage" excel report.&nbsp;In the mean time, I use this script:$proxyPort = 8080$procID = (get-process -name "Microsoft.Tri.Sensor").id$tcpconnection = Get-NetTCPConnection -OwningProcess $procID -RemotePort $proxyPort$tcpconnection | select-object remoteAddress -unique&nbsp;Regards

or tsemah · Answer

duckjibe&nbsp;Got it, thanks
Added this as a feature request to our backlog, will update when\if we have a committed date for it.

Forum Discussion

Azure ATP sensor proxy setting location

4 Replies

Resources