BrowserHistory 2.0.0.0067 jp
はじめに:BrowserHistory
Download Location
This content is available at: https://content.tanium.com/files/published/BrowserHistory/2016-03-07_12-46-10_2.0.0.0067-g899ebb5/BrowserHistory.xml
Usage
Packages
Distribute Browser History Viewer
This package contains 2 files and 0 sensors.
Additional Properties:
- Command Line: cmd /c cscript copy-to-tanium-dir.vbs "Tools\BrowserHistory"
- Command Line Timeout: 60
Files:
- BrowsingHistoryView.exe
- copy-to-tanium-dir.vbs
Sensors
Browser History Tool Details
Retrieves the following details of the browser history tools:
Exe Exists | Exe Version | Exe Running | Exe Launch Date | XML File Size | XML Created Date | XML File Modified Date
Columns
Name Type Description Exe Exists Text Exe Version Text Exe Running Text Exe Launch Date Text XML File Size Text XML File Created Date Text XML File Modified Date Text Parameters
Name Description Type Possible / Default Values ShowDateAndTime Show Date with Time Checkbox Disabled
Browser History
Returns browser history for IE/Edge, Chrome, Firefox, and Safari. Uses third party BrowsingHistoryView.exe from NirSoft.net.
Deploy the Distribute Browser History Tools package prior to running this sensor.
Columns
Name Type Description User Text Browser Text URL Domain Text Date Text Times Visited Text Parameters
Name Description Type Possible / Default Values LoadIE Internet Explorer Checkbox Enabled LoadFirefox Firefox Checkbox Enabled LoadChrome Chrome Checkbox Enabled LoadSafari Safari Checkbox Disabled VisitTimeFilterType Search Type Selection Days
Hours
Date Range
VisitTimeFilterValue Search period Numeric 2 VisitTimeFilterRange Date Range MISSING_RESOURCE[com.tanium.components.parameters::DateTimeRangeParameter] IncludeURLs Include URLs Checkbox Disabled IncludedURLs URLs to include Text ExcludeURLs Exclude URLs Checkbox Disabled ExcludedURLs URLs to exclude Text
Has Browser History Tools
Determines if the endpoint has the BrowsingHistoryView.exe and it is the version (1.8.5.5) supported by the BrowserHistory sensor.
Returns "True", "False", "Incorrect executable version", or an error message.