This repository was archived by the owner on Nov 8, 2019. It is now read-only.
This repository was archived by the owner on Nov 8, 2019. It is now read-only.
Change the Status by Detection Type #6
Description
How do we change the status of a detection by detection rule name and command line.
The below command is not working, any help is much appreciated.
Get-CylanceDetections | where DetectionRuleName -like "SVC*" |Get-CylanceDetection |Get-CylanceArtifact| where commandline -like “msmpeng” | Update-CyDetection -Status 'False Positive'
Error:
- CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
- FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
Invoke-RestMethod : {"status":"CLIENT_ERROR","message":"None is not of type 'string'"}
At C:\Program Files\WindowsPowerShell\Modules\CyCLI\0.9.7\CyAPI.ps1:548 char:9
- FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand