Comments (6)
Hi @hkelley
Are you running the command on the ATACenter itself or are you running on a remote machine?
If your ATACenter is hosted on a different machine, you need to first run Set-ATACenterURL to specify the remote URL. For example, if your ATA portal is accessible by atacenter.contoso.com you need to run:
Set-ATACenterURL -URL "atacenter.contoso.com"
from advanced-threat-analytics.
Yes, those are the steps I have taken.
PS C:\temp> Set-ATACenterURL -URL abc.xyz.net
PS C:\temp> $ATACenter
abc.xyz.net
PS C:\temp> Get-ATASuspiciousActivity
Get-ATASuspiciousActivity : Unable to connect to remote server. Your ATACenter url is set to localhost. Run
Set-ATACenterURL '<url>' if this is incorrect.
At line:1 char:1
+ Get-ATASuspiciousActivity
from advanced-threat-analytics.
It looks like you are following the correct steps, but the Get-ATASuspiciousActivity command is not recognizing your $ATACenter variable. Could you answer the following questions to help narrow down the cause?
-
Could you confirm for me where you are using the module? Are you on the ATA Center or on a different machine? What OS are you on?
-
Could you please run
Get-ATASuspiciousActivity -verbose
and share with me the output. -
Could you please run
Get-ExecutionPolicy
and share with me the output. -
Could you please run
Get-Module -Name Advanced-Threat-Analytics
and share with me the output.
I did a test on my end using a remote machine and didn't have any issues. I started with localhost, got the same error you did, ran Set-ATACenterURL and pointed to my atacenter, then ran Get-ATASuspiciousActivity with the verbose flag to make sure it's using the correct URL. I put the output below. I'm testing from a 2016 machine, and ATA Center is on a 2012R2 machine.
PS C:\Users\rush.K45515> Get-ATASuspiciousActivity
Get-ATASuspiciousActivity : Unable to connect to remote server. Your ATACenter url is set to localhost. Run Set-ATACenterURL '<url>' if this is incorrect.
At line:1 char:1
+ Get-ATASuspiciousActivity
+ ~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Get-ATASuspiciousActivity
PS C:\Users\rush.K45515> Set-ATACenterURL atacenter.k45515.com
PS C:\Users\rush.K45515> Get-ATASuspiciousActivity -Verbose
VERBOSE: GET https://atacenter.k45515.com/api/management/suspiciousActivities with 0-byte payload
VERBOSE: received 4477-byte response of content type application/json; charset=utf-8
WindowsEventId : 2021
ExclusionUniqueEntityId : c52a7c75-21a9-409b-a4bc-26bb104ffeb9
SourceComputerId : c52a7c75-21a9-409b-a4bc-26bb104ffeb9
SourceAccountIds : {66c3c708-7c49-4095-833c-7c6429fa7c66}
DestinationComputerIds : {ff336d33-81f4-458c-b70b-33f0070ffb20}
from advanced-threat-analytics.
-
Windows 10, connecting remotely to the Center (it works fine from the server locally)
-
Get-ATASuspiciousActivity -Verbose
VERBOSE: GET https://localhost/api/management/suspiciousActivities with 0-byte payload
Get-ATASuspiciousActivity : Unable to connect to remote server. Your ATACenter url is set to localhost. -
RemoteSigned
-
ModuleType Version Name ExportedCommands
Script 0.0.12 Advanced-Threat-Analytics {Get-ATAMonitoringAlert, Get-ATAStatus, Get-ATASuspiciousA...
from advanced-threat-analytics.
I needed the PS module today so I decided to dig into this myself by copying the PSM1 file to a PS1 and dotsourced it into my session (thinking I could debug the script interactively).
However, as soon as I loaded the functions that way, they started working.
Any thoughts on that?
from advanced-threat-analytics.
Based on your Feb 27 post (very sorry I missed it), it seems like you hadn't run Set-ATACenterURL. The error message says that the cmdlet is looking for localhost (which is default), but you say you are doing a remote connection. If you are running these cmdlets from a machine other than the ATACenter, you have to run Set-ATACenterURL first and provide the URL of the ATACenter.
from advanced-threat-analytics.
Related Issues (7)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from advanced-threat-analytics.