Delete Velociraptor ZIP file after collection is finished #2909
Comments
|
Hi @scudette, will this issue be part of any of the milestones in 2024? |
|
Im not sure thats a good idea - if the upload fails we want to leave the zip around so it can be fetched another way - and if it works then the user can manually inspect the transfer was ok then delete the file afterwards. Why do you want to delete it if it failed to upload? It is sometimes difficult for us to determine if the upload worked or not depending on how the uploader works - so we cant automatically figure out if it was successful. This is why it is always left behind now. It is always possible to wrap the collector in a powershell script to make sure it is deleted if you need to. |
|
Like in the previous version of Velociraptor I want to have the option to build a collector that deletes the collection after the upload is successful or failed. This option can be disabled by default for the purpose that you explained. |
|
Is it possible that this feature will be implemented? |
|
Is it not easier to just wrap it in a shell script which accepts user input after prompting the user to check the file was correctly received? |
|
For us that is not easier because we execute Velociraptor in an automated manner. I prefer an option that is available as part of the artifact |
|
This was added in #3974 - please test to see if it makes it works for you - you only need to build the collector using the new server binary no need to update the target binary |
As shown in #2542 (comment). It would be nice to have the option when creating a Velociraptor collection to delete the ZIP file after the collection is finished, whether it is successful or not.
The text was updated successfully, but these errors were encountered: