This article describes how to run Isolation actions on an endpoint based on IP address or hostname using Palo Alto Networks Cortex™ XSOAR command line interface.
Base command
Runs process, desktop, and network isolation on the endpoint
malwarebytes-isolate-endpointRuns process isolation on the endpoint
malwarebytes-isolate-processRuns desktop isolation on the endpoint
malwarebytes-isolate-desktopRuns network isolation on the endpoint
malwarebytes-isolate-networkRemoves isolation from the endpoint
malwarebytes-deisolate-endpointInput
| Argument name | Description | Required |
| hostname | The hostname of an endpoint in Nebula. | Optional |
| ip | The IP address of an endpoint in Nebula. | Optional |
Context Output
| Path | Type | Description |
| Malwarebytes.Scan.Machine_ID | string | The endpoint ID of the host. |
| Malwarebytes.Scan.Job_ID | string | The job ID of the scanned host. |
Command examples
!malwarebytes-isolate-endpoint hostname=DESKTOP-LI4MQ7B
!malwarebytes-isolate-process hostname=DESKTOP-LI4MQ7B
!malwarebytes-isolate-desktop hostname=DESKTOP-LI4MQ7B
!malwarebytes-isolate-network hostname=DESKTOP-LI4MQ7B
!malwarebytes-deisolate-endpoint hostname=DESKTOP-LI4MQ7B
Return to the table of contents.