I am trying to run a scheduled forensic with the “Directory List” job - as far as I can see from the documentation this should be able to retrieve information about specified directories and as per the InsightIDR description - “Report file information per directory”. So I am expecting to receive a listing of all files under a certain directory that is specified under the “Path” variable within the specified depth and file sizes(Max, min). However, if I specify a directory under “Path” I get the error “The provided path C:\Users is a path to a directory and not a file.”. If I specify a particular file on the system via its full path, then its information does get fetched and displayed into InsightIDR. If I try setting the “Path” variable to -1, which is supposed to mean all directories, as per the documentation, this also fails and the local Agent log says “[agent.jobs.windows.directory_list.7888]: Finding files located under path: C:\Program Files\Rapid7\Insight Agent\components\insight_agent\common-1”. In my tests the “ZIP On” option did not return any results, so I just ran all searches with the “Raw” option which did return file details when specifying only 1 file to fetch. Latest Insight Agent was used.
Does anyone know if the “Directory List” job only allows you to fetch information on a single file per job, or is there a way to fetch information for all files under a specified directory?