-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathApplicationScanner.ps1
253 lines (203 loc) · 7.59 KB
/
ApplicationScanner.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
<#
.NOTES
===========================================================================
Created with: Powershell
Created by: Richard Tracy
Filename: ApplicationScanner.ps1
===========================================================================
.DESCRIPTION
Scans and Monitors applications installation status. Useful when its another system delivering the install
.PARAMETER Applications
.PARAMETER ScanMethod
Options are: ARProduct,Uninstall,Executable,Event,Registry
.PARAMETER DurationSec
Duration of each application scan
Default is 60 seconds (1 minute)
.PARAMETER TimeOutSec
If scanning detection or install is taking long than timeout, exits
Default is 1800 seconds (30 minutes)
.PARAMETER WaitForInstall
Default is false
Builds a hash table with each application set to not installed, then scans the system for each application as the get installed
.PARAMETER CommonName
Adds a label to the log to identify what your scanning
.EXAMPLE
ApplicationScanner -Applications "McAfee Agent","McAfee Endpoint Security Platform","McAfee Endpoint Security Threat Prevention","McAfee Endpoint Security Adaptive Threat Protection","McAfee Policy Auditor Agent","McAfee DLP Endpoint","ACCM","McAfee Active Response","McAfee Host Intrusion Prevention","McAfee Data Exchange Layer", "McAfee Solidifier" -ScanMethod Uninstall -Duration 60 -WaitForInstall
Duration 60
Events1040_1042: MPAAgt.msi,ACCM_MSI.msi,DLPAgentInstaller.msi, AgentInstaller.msi,McAfeeHIP_ClientSetup_X64.msi,dxclient.msi
Event11707
#>
[CmdletBinding()]
param (
[Parameter(Mandatory=$false,ParameterSetName="Applications",ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)]
[Alias("Application")]
[string[]]$Applications,
[Parameter(Mandatory=$false,ParameterSetName="Property",ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)]
[Alias("MDTProperty,SCCMProperty")]
$Property,
[Parameter(Mandatory=$true)]
[ValidateSet("ARProduct", "Uninstall","Processes","Event","Registry")]
[Alias("Scan")]
[string]$ScanMethod = "Uninstall",
[Parameter(Mandatory=$false)]
[ValidateSet("File","Event","Registry")]
[string]$StopTrigger = "Registry",
[string]$StopValue = "HKLM:\SOFTWARE\McAfee\Agent\Applications\MAR_____1000",
[Parameter(Mandatory=$false)]
[ValidateRange(0,120)]
[Alias("Duration")]
[int32]$DurationSec = 30,
[Parameter(Mandatory=$false)]
[Alias("TimeOut")]
[int32]$TimeOutSec = 1800,
[Parameter(Mandatory=$false)]
[switch]$WaitForInstall,
[Parameter(Mandatory=$false)]
[string]$CommonName
)
##*===========================================================================
##* FUNCTIONS
##*===========================================================================
#region FUNCTION: Check if running in ISE
Function Test-IsISE {
# trycatch accounts for:
# Set-StrictMode -Version latest
try {
return ($null -ne $psISE);
}
catch {
return $false;
}
}
#endregion
#region FUNCTION: Check if running in Visual Studio Code
Function Test-VSCode{
if($env:TERM_PROGRAM -eq 'vscode') {
return $true;
}
Else{
return $false;
}
}
#endregion
#region FUNCTION: Find script path for either ISE or console
Function Get-ScriptPath {
<#
.SYNOPSIS
Finds the current script path even in ISE or VSC
.LINK
Test-VSCode
Test-IsISE
#>
param(
[switch]$Parent
)
Begin{}
Process{
if ($PSScriptRoot -eq "")
{
if (Test-IsISE)
{
$ScriptPath = $psISE.CurrentFile.FullPath
}
elseif(Test-VSCode){
$context = $psEditor.GetEditorContext()
$ScriptPath = $context.CurrentFile.Path
}Else{
$ScriptPath = (Get-location).Path
}
}
else
{
$ScriptPath = $PSCommandPath
}
}
End{
If($Parent){
Split-Path $ScriptPath -Parent
}Else{
$ScriptPath
}
}
}
##*===========================================================================
##* VARIABLES
##*===========================================================================
# Use function to get paths because Powershell ISE and other editors have differnt results
$scriptPath = Get-ScriptPath
[string]$scriptDirectory = Split-Path $scriptPath -Parent
[string]$scriptName = Split-Path $scriptPath -Leaf
[string]$scriptBaseName = [System.IO.Path]::GetFileNameWithoutExtension($scriptName)
$FunctionPath = Join-Path $scriptDirectory -ChildPath 'Functions'
##*========================================================================
##* Additional Runtime Function - REQUIRED
##*========================================================================
#Load functions from external files
. "$FunctionPath\ApplicationControl.ps1"
. "$FunctionPath\Environment.ps1"
. "$FunctionPath\Logging.ps1"
#build log name
[string]$FileName = $scriptBaseName +'.log'
#build global log fullpath
If(Test-SMSTSENV){
$Global:LogFilePath = Join-Path (Test-SMSTSENV -ReturnLogPath -Verbose) -ChildPath $FileName
}Else{
$RelativeLogPath = Join-Path -Path $scriptDirectory -ChildPath 'Logs'
}
Write-Host "Logging to file: $LogFilePath" -ForegroundColor Cyan
##*========================================================================
##* MAIN
##*========================================================================
#build counter
$p = 1
If($CommonName){$label=($CommonName + " applications")}Else{$label="applications"}
<#
If($WaitForInstall){
#put the applications in a hash table with install as false
$ValidateApps = @{}
Foreach($App in $Applications){
$ValidateApps.add($App, $false)
}
Write-LogEntry "Monitor until all $label are installed..." -Outhost
while($False -in $ValidateApps.Values){
#timeout if process is taking longer than an 30 minutes
#exit with an error timedout
If($checkSum -le $TimeOutSec){
#add sleep time to checksum
$checkSum = $checkSum + $DurationSec
$ValidateApps = Update-ApplicationList -List $ValidateApps
Start-Sleep -s $DurationSec
Get-ItemProperty "$StopTrigger::$StopValue"
}
Else{
Write-LogEntry "McAfee Installation process timed-out after [$TimeOutSec] seconds" -Severity 3 -Outhost
#exit $checkSum
}
}
Write-LogEntry "All $label are installed, ending script." -Outhost
#exit 0
}
Else{
Write-LogEntry "Checking if $label are installed..." -Outhost
Check-InstalledApplication $Applications
}
#>
Try{
$timer = [Diagnostics.Stopwatch]::StartNew()
While( ($timer.Elapsed.TotalSeconds -lt $TimeOutSec) -and (-not (Get-ItemProperty $StopValue -ErrorAction SilentlyContinue)) -and $WaitForInstall ){
Start-Sleep -s $DurationSec
$totalsecs = [math]::Round($Timer.Elapsed.TotalSeconds, 0)
Show-ProgressStatus -Message ("Waiting [{0}] for {1} to be installed" -f $totalsecs,$label) -Step $totalsecs -MaxStep $TimeOutSec -Outhost
}
$timer.Stop()
If($timer.Elapsed.TotalSeconds -gt $TimeOutSec){
Write-LogEntry ("{0} timed-out after [{1}] seconds" -f $label,$TimeOutSec) -Severity 3 -Outhost
}
Else{
Write-LogEntry ("All {0} are installed in [{0} secs]." -f $label,$timer.Elapsed.TotalSeconds) -Outhost
exit 0
}
}
Catch{
Write-LogEntry -Message ("Error {0}" -f $_.Exception.Mesage) -Severity 3 -Outhost
}