discoRemote.cmd commands are detected using Assets Discovery

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

When utilizing Assets Discovery for scanning, there are system monitoring tools that detect incoming commands related to the execution of discoRemote.cmd.

Environment

Assets Discovery

Diagnosis

discoRemote.cmd commands are not listed in the Commands executed by Assets Discovery

Cause

When Assets Discovery scans, it generates a discoRemote.cmd script. This script is responsible for gathering device information on the target host and writing it into a registry file. Subsequently, Discovery reads information from this registry and removes the script upon execution. Therefore, observing the discoremote.cmd execution on the target machines is part of the discovery scan and constitutes an expected behavior.

Solution

This is to be expected. discoRemote.cmd is the child process of the parent Commands executed by Assets Discovery. No further action is necessary.

Updated on February 28, 2025
Platform
Data Center only
Product
Jira Software Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community