Once the dump files are created, they need to be uploaded to the remote Stardust system for pattern analysis. The dump file can be somewhat large and is compressed as a part of the Send command. The full signature of the
Send-ComaeDumpFile command is as follows:
Send-ComaeDumpFile [-Key] <string> [-Path] <string> [-ItemType] <string> [-IsCompress]
The following cmdlet parameters are in scope to send one or both files to Stardust:
To retrieve the Key value, run the
Get-ComaeAPIKey command with the -ClientId and -ClientSecret params with the respective values that can be found in your Stardust account in Settings > Integrations menu.
$APIKey = Get-ComaeAPIKey [-ClientId] <string> [-ClientSecret] <string>
The IsCompress parameter is also available for use in the
Send-ComaeDumpFile if not previously used when executing the
From the PowerShell session, execute the Send-ComaeDumpFile cmdlet with the following parameters, based on preference.
Send-ComaeDumpFile -Key $APIKey -Path "C:\ComaeCrashDumps\FileName.zdmp" -ItemType "File"
Send-ComaeDumpFile -Key $APIKey -Path "C:\Comae-CrashDumps" -ItemType "Directory"
The below screenshot shows the output from running the Send-ComaeDumpFile command.
For added privacy, instead of sending full memory dumps to Stardust, the metadata archive (compressed .json files) cam be sent. Typically used for hybrid-cloud models, the memory dump is pre-processed locally instead of relying completely on the Stardust platform for analysis.