is it possible to do a relevance to
copy the file to a temp directory and then search for “ActionTaken=ARW_ACTION_KILL_THREAD” after the search is complete delete the file in temp directory?
Well yes and no. Relevance can’t copy the file (you need an action to do so) but relevance can examine the copied file.
Relevance does not change the endpoint, only an action does.
how can i get the relevance to email me? i tried web reports but i cannot see any relevance option there
Relevance cannot email you. You would have to perform an action to “do” something. WebReports can do some emailing if you look into that.
ok thanks - is it possible after the relevance runs if its true to pop up a notification on the BgFix Console?
There are no notifications on the BigFix Console to my knowledge
can i add a fixlet and a relevance to a baseline?