Create a data collection schedule

  • Updated

This article applies to BHE

Purpose

This article outlines how to create a collection schedule on a collector client which will ensure continuous data collection. BHE administrators should use it during the deployment of a new client or when adding an additional schedule to an existing client.

Generally, Azure and Active Directory Structure do not change significantly enough to warrant more than daily collection.  Local Groups and Sessions can be scheduled to collect every 7 hours to ensure a good sampling of round-the-clock activity.

Prerequisites

Process

  1. In the top right, click settings ⚙️ → Administration
  2. In the top left side, click Manage Clients
  3. On a client, click the burger menu and select Edit Client
  4. In the Edit SharpHound Client window, under the heading Collection Schedule, click the + icon to add a new schedule.
  5. In the Schedule window, configure the settings of the schedule.
  6. Save the schedule by clicking SAVE
  7. Save the collector client by clicking SAVE
  8. (Optional) Verify collection is successful after the next schedule in the Finished Jobs Log. Where Status should report Complete and a success is found in Status Message.
    LocalGroupSessionSchedule-7.png

Outcome

The client is now configured for continuous data collection with one schedule. You can add multiple schedules to a single client for more granular control.

After the next schedule, see the job's status in the Finished Jobs Log by clicking ⚙️ → Administration, and in the top left side, click Finished Jobs Log.

A brief of a client's schedule is shown in the client table's column Collection Schedule.