Audit
Script does a wmic lookup to determine if the proper KB is installed. The list by OS can be found here: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001. Will write result to the procedure log and send an email if patch is missing. Can report using $KBaudit$ and $OOD$. This script was created on Jan 15, 2019 and includes patches listed…
Read MoreSearches registry for installed programs in both HKLM and USERS. Table of results will be saved in the Docs tab of the agent. Can report using $ProgInstallX$ Script uses 3 variables that can be set manually by editing the script if additional filters are desired. Those fields can be used to specify the 1) number…
Read MoreScript prompts for a program name to search for. Script goes through Add/Remove Programs and creates a list of all programs that contain the requested prompted name. Output is written to Agent Procedure log, uploaded to Documents, and email sent to the Kaseya Admin that executed the script. Can report using $ProgInstalled$. Additional filters are…
Read MoreScript prompts for number of days days. Searches registry for installed programs in both HKLM and USERS. Table of results will be saved in the Docs tab of the agent. Can report using $ProgInstallX$ Script uses 3 variables that can be set manually by editing the script if additional filters are desired. Those fields can…
Read MoreScript downloads a powershell script that grabs the local machine’s serial number and part number and makes an api query to HP. Requires powershell v3 or later. Results are printed to the procedure log and the script updates 2 custom fields with “Date Purchased” and “Warranty Exp”. Can use different custom field names by editing…
Read MorePrompts for service name. Script will then grab the service status and start type. Writes the information to the procedure log. Can report using the service name entered bracketed by $ signs (i.e. $BITS$).
Read MoreScript checks for build number. First looks for WaasAssesment, which provides a more detailed number. If it is not found, then uses a wmi query to pull the regular version number. Can report using $WinBuild$, $WaaSBuild$, $NoWaaSBuild$.
Read MoreRuns PS command Get-NetAdapter and filters it to only physical adapters and includes driver info. Can report using $NIC$.
Read MoreMicrosoft has announced that by October 31st, 2017, they will no longer support RPC over HTTP for O365. You can read about it here: https://support.microsoft.com/en-us/help/3201590/rpc-over-http-deprecated-in-office-365-on-october-31–2017 This means that only certain versions of Outlook will work. To help you identify Outlook installations that are out of compliance, we have developed this script to audit your Outlook…
Read MorePerforms a dump of protectionManagement (VBS) and/or Get-MpComputerStatus (Powershell). If either returns the Windows Defender information the script will use another VBS to pull the virus signature age and compare it to the number you will be asked to input when the script is run. Defender information does not appear to be accessible on anything…
Read More