Druva Ransomware Response
Druva Ransomware Response Integration provides ransomware protection for endpoints, SaaS applications and data center workloads for Druva Ransomware Recovery customers.
Data Enrichment & Threat Intelligence · Druva
Configuration parameters
url— Druva API URL (required)clientId— Client ID (required)secretKey— Secret Key (required)
Commands (16)
-
druva-delete-quarantine-rangeDeletes a quarantine range.
-
druva-delete-quarantined-snapshotDeletes a quarantined Snapshot. Snapshots that are deleted cannot be recovered.
-
druva-endpoint-check-restore-statusChecks the restore job status of the endpoint.
-
druva-endpoint-decommissionWipes remotely an infected Endpoint Resource and deletes a quarantined Snapshot. This command remote wipes data from the endpoint. This action cannot be undone.
-
druva-endpoint-initiate-restoreRestores data to a replacement device and deletes a quarantined Snapshot. This command restores your endpoint data from a day prior to the snapshot. Any changes made after the snapshot date may be lost.
-
druva-endpoint-search-file-hashSearches a file using the SHA1 checksum.
-
druva-find-deviceFinds device information for a specific hostname.
-
druva-find-sharePointSitesFind all share point resources with given user name
-
druva-find-sharedDrivesFinds shared drives resources specific to share drive name
-
druva-find-userFinds user information for a specific username.
-
druva-find-userDeviceFinds device information for a specific user.
-
druva-list-quarantine-rangesLists all quarantine ranges in your environment.
-
druva-list-quarantine-snapshotsList all quarantine snapshots for a quarantine range.
-
druva-quarantine-resourceQuarantines a resource.
-
druva-update-quarantine-rangeUpdates an existing quarantine range of a resource.
-
druva-view-quarantine-rangeView details of the quarantine range.