Script library - defender status tweaks

api/tacticalrmm/scripts/community_scripts.json

@@ -262,13 +262,23 @@
   },
   {
     "guid": "d980fda3-a068-47eb-8495-1aab07a24e64",
-    "filename": "Win_Defender_Status.ps1",
+    "filename": "Win_Defender_Status_Report_Last24hrs.ps1",
     "submittedBy": "https://github.com/dinger1986",
-    "name": "Defender - Status",
-    "description": "This will check for Malware, Antispyware, that Windows Defender is Healthy, last scan etc within the last 24 hours",
+    "name": "Defender - Status Report Last 24hr",
+    "description": "Using Event Viewer, this will check for Malware and Antispyware within the last 24 hours and display, otherwise will report as Healthy",
     "shell": "powershell",
     "category": "TRMM (Win):Security>Antivirus"
   },
+  {
+    "guid": "d980fda3-a068-47eb-8495-1aab07a24e64",
+    "filename": "Win_Defender_Status_Report_LastYear.ps1",
+    "submittedBy": "https://github.com/silversword411",
+    "name": "Defender - Status Report Last Year",
+    "description": "Using Event Viewer, this will check for Malware and Antispyware and display, otherwise will report as Healthy",
+    "shell": "powershell",
+    "category": "TRMM (Win):Security>Antivirus",
+    "default_timeout": "300"
+  },
   {
     "guid": "9956e936-6fdb-4488-a9d8-8b274658037f",
     "filename": "Win_Disable_Fast_Startup.bat",

scripts/Win_Defender_Status_Report_Last24hrs.ps1

@@ -1,24 +1,24 @@
-# This will check for Malware, Antispyware, that Windows Defender is Healthy, last scan etc within the last 24 hours
-
-$ErrorActionPreference= 'silentlycontinue'
-$TimeSpan = (Get-Date) - (New-TimeSpan -Day 1)
-
-if (Get-WinEvent -FilterHashtable @{LogName='Microsoft-Windows-Windows Defender/Operational';ID='1116','1118','1015','1006','5010','5012','5001','1123';StartTime=$TimeSpan}) 
-
-{
-Write-Output "Virus Found or Issue with Defender"
-Get-WinEvent -FilterHashtable @{LogName='Microsoft-Windows-Windows Defender/Operational';ID='1116','1118','1015','1006','5010','5012','5001','1123';StartTime=$TimeSpan}
-exit 1
-}
-
-
-else 
-
-{
-Write-Output "No Virus Found, Defender is Healthy"
-Get-WinEvent -FilterHashtable @{LogName='Microsoft-Windows-Windows Defender/Operational';ID='1150','1001';StartTime=$TimeSpan}
-exit 0
-}
-
-
-Exit $LASTEXITCODE
+# This will check for Malware, Antispyware, that Windows Defender is Healthy, last scan etc within the last 24 hours
+
+$ErrorActionPreference= 'silentlycontinue'
+$TimeSpan = (Get-Date) - (New-TimeSpan -Day 1)
+
+if (Get-WinEvent -FilterHashtable @{LogName='Microsoft-Windows-Windows Defender/Operational';ID='1116','1118','1015','1006','5010','5012','5001','1123';StartTime=$TimeSpan}) 
+
+{
+Write-Output "Virus Found or Issue with Defender"
+Get-WinEvent -FilterHashtable @{LogName='Microsoft-Windows-Windows Defender/Operational';ID='1116','1118','1015','1006','5010','5012','5001','1123';StartTime=$TimeSpan}
+exit 1
+}
+
+
+else 
+
+{
+Write-Output "No Virus Found, Defender is Healthy"
+Get-WinEvent -FilterHashtable @{LogName='Microsoft-Windows-Windows Defender/Operational';ID='1150','1001';StartTime=$TimeSpan}
+exit 0
+}
+
+
+Exit $LASTEXITCODE

scripts/Win_Defender_Status_Report_LastYear.ps1

@@ -0,0 +1,22 @@
+# This will check for Malware, Antispyware, that Windows Defender is Healthy, last scan etc within the last 24 hours
+
+$ErrorActionPreference = 'silentlycontinue'
+$TimeSpan = (Get-Date) - (New-TimeSpan -Day 365)
+
+if (Get-WinEvent -FilterHashtable @{LogName = 'Microsoft-Windows-Windows Defender/Operational'; ID = '1116', '1118', '1015', '1006', '5010', '5012', '5001', '1123'; StartTime = $TimeSpan }) 
+{
+    Write-Output "Virus Found or Issue with Defender"
+    Get-WinEvent -FilterHashtable @{LogName = 'Microsoft-Windows-Windows Defender/Operational'; ID = '1116', '1118', '1015', '1006', '5010', '5012', '5001', '1123'; StartTime = $TimeSpan }
+    exit 1
+}
+
+
+else 
+{
+    Write-Output "No Virus Found, Defender is Healthy"
+    Get-WinEvent -FilterHashtable @{LogName = 'Microsoft-Windows-Windows Defender/Operational'; ID = '1150', '1001'; StartTime = $TimeSpan }
+    exit 0
+}
+
+
+Exit $LASTEXITCODE