Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Discovery Command - "net" localgroup administrators detected in mid server

Go to solution
JitendraT
Tera Expert

‎10-25-2023 05:49 AM

Hi Team,

 

Couple of mid-servers are triggering Discovery Command - "net" localgroup administrators. I want to confirm whether its legitimate activity or suspicious one.

I am not sure how/why this command has been triggered time to time as I couldn't find any related command in mid server logs. Any input would be helpful.

#mid-server commands

0 Helpfuls
  • 765 Views
1 ACCEPTED SOLUTION
2 REPLIES 2

Go to solution
SDGrubeWasTaken
ServiceNow Employee
ServiceNow Employee

‎06-13-2024 06:57 PM

Did you ever find the root cause of this? Was it resolved?

0 Helpfuls