Rooba
/
tacticalrmm
mirror of https://github.com/amidaware/tacticalrmm.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #774 from silversword411/develop 

Scripts library update
This commit is contained in:
Dan 2021-11-02 12:38:06 -07:00 committed by GitHub
parent d56d3dc271 a9aedea2bd
commit f977d8cca9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/docs/unsupported_scripts.md
View File

@ -21,6 +21,8 @@ Is NATS (<https://nats.io>). You'll need a TCP forwarder as NATS only talks TCP
## Traefikv2
Offsite Resource: <https://gitlab.com/NiceGuyIT/tactical-goodies/-/tree/main/traefik>
This section will assume that by default Traefik will reverse proxy everything on port 443.
Here is a basic Traefik config with docker-composer note the file.directory and file.watch are important.

15
scripts/Win_Defender_Status_Report.ps1
View File

@ -1,11 +1,14 @@
<#
.Synopsis
Defender - Status Report
Defender - Status Report
.DESCRIPTION
This will check Event Log for Windows Defender Malware and Antispyware reports, otherwise will report as Healthy. By default if no command parameter is provided it will check the last 1 day (good for a scheduled daily task).
If a number is provided as a command parameter it will search back that number of days back provided (good for collecting all AV alerts on the computer).
This will check Event Log for Windows Defender Malware and Antispyware reports, otherwise will report as Healthy. By default if no command parameter is provided it will check the last 1 day (good for a scheduled daily task).
If a number is provided as a command parameter it will search back that number of days back provided (good for collecting all AV alerts on the computer).
.EXAMPLE
Win_Defender_Status_reports.ps1 365
Win_Defender_Status_reports.ps1 365
.NOTES
v1 dinger initial release 2021
v1.1 bdrayer Adding full message output if items found
#>
$param1 = $args[0]
@ -20,7 +23,7 @@ else {
if (Get-WinEvent -FilterHashtable @{LogName = 'Microsoft-Windows-Windows Defender/Operational'; ID = '1116', '1118', '1015', '1006', '5010', '5012', '5001', '1123'; StartTime = $TimeSpan }) {
Write-Output "Virus Found or Issue with Defender"
Get-WinEvent -FilterHashtable @{LogName = 'Microsoft-Windows-Windows Defender/Operational'; ID = '1116', '1118', '1015', '1006', '5010', '5012', '5001', '1123'; StartTime = $TimeSpan }
Get-WinEvent -FilterHashtable @{LogName = 'Microsoft-Windows-Windows Defender/Operational'; ID = '1116', '1118', '1015', '1006', '5010', '5012', '5001', '1123'; StartTime = $TimeSpan } | Format-List TimeCreated, Id, LevelDisplayName, Message
exit 1
}
@ -32,4 +35,4 @@ else {
}
Exit $LASTEXITCODE
Exit $LASTEXITCODE