Sep 25 2020 07:43 AM - edited Sep 25 2020 07:56 AM
Hi
I'm looking for a way to inventory proxy setting on all deployed ATP sensor.
I tried unsuccessfully to find proxy setting location on a DC using proxy. (Used Resource monitor/network to confirm it).
All sensor with proxy was installed with the setup command line with the proxy switch.
Regards
Sep 25 2020 12:13 PM
@duckjibe The proxy settings are immutable and not humanly readable, they are created and saved during deployment in a local file with sensitive info encrypted.
IF you need to change proxy settings, it forces you to uninstall and reinstall.
Sep 27 2020 07:33 AM
Hi, can you please tell us more about this ask, such as
Or.
Oct 12 2020 05:20 AM
Hi , sorry for my late answer
I need this information to document all Tier 0 components and network flows to improve firewall filtering. Also need to debug sensor issue and improve network connection disponibilty to AATP.
It will nice to be able to display it on the DC like the WDATP control panel ou any other way.
Another place is to add a column in the Configuration/sensors web page status and in the "Domain Controller Coverage" excel report.
In the mean time, I use this script:
$proxyPort = 8080
$procID = (get-process -name "Microsoft.Tri.Sensor").id
$tcpconnection = Get-NetTCPConnection -OwningProcess $procID -RemotePort $proxyPort
$tcpconnection | select-object remoteAddress -unique
Regards
Oct 12 2020 07:27 AM
@duckjibe Got it, thanks
Added this as a feature request to our backlog, will update when\if we have a committed date for it.