6.1.8. Running scripts

The Agent can run scripts that it receives from the server. First, the Agent will send a payload to the server. The server then receives the payload, processes it, and responds by providing the scripts it has stored in its repository.

These scripts are created in the Administration Portal.

In the Default Portal, you can find it under ON Agent > Agent script as shown in the following image:

In the NextGen Portal, you can find it under ON Agent > Agent script as shown in the following image:

Once the Agent receives the scripts, it executes them, and sends a new payload to the server, along with the result of the scripts.

6.1.8.1. Script format sent from a server to an agent

The format of the scripts that OpenNAC Enterprise sends to the Agent is a JSON array containing script objects.

[
    {
        "type": "_scriptType",
        "key": "_scriptKey",
        "useOnProcessManual": true,
        "script": "_scriptCode",
        "impersonate": _impersonate,
        "useOnProcessScan": false,
        "useOnProcessFullscan": false,
        "useOnProcessProductChanged": false,
        "useOnProcessFirewallChanged": false,
        "useOnProcessSecurityCenterChanged": false,
        "useOnProcessNetworkChanged": false,
        "useOnProcessUserSessionChanged": false,
        "useOnProcessArpChanged": false,
        "useOnProcessOnClose": false
    }
]

TYPE: The type field, as the name indicates, represents the type of the script. The Agent needs to identify the type of script to run it in a different application or environment.
- Cscript: Windows Script Host is a script execution engine and environment for Windows systems.
- Cmd: CMD is the command interpreter on OS / 2 and Windows NT-based systems
- Powershell: PowerShell is a console interface with the ability to write and join commands by means of instructions. It is compatible with Windows, Linux and MacOS systems. This application is installed by default on Windows, so it will be necessary to install it for Linux and MacOS systems.
KEY: Unique identifier assigned for the script. The user assigns it in the creation of the script on the frontend.
IMPERSONATE: Its value can be 0 or 1, depending on whether we want to execute the script in an impersonal way or not. Running the script impersonally (1) means running it with a new process assigned to the logged-in user on the device. On the other hand, if the value of this field is 0, it will be executed with the permissions of the same agent.
SCRIPT: The script code.
Processes that will execute the script: We can choose in which type of processes we want the script to be executed. We have multiple proceses that we can choose, but at least we must select one.