Cb Protection - Agent Details
| 0 Votes |
Description
This analysis returns details of the Carbon Black Protection Agent including:
- Version
- Install Date
- Service State
- Host Group
- Backend Server
- Current Level of Enforcement
- Unique Files
- Tamper Protection Status
Note: The 'Current Level of Enforcement', 'Unique Files', and 'Tamper Protection Status' properties require that the 'Collect Carbon Black Enterprise Protection Agent DasCLI status' task be run before they are able to return data.
Property Details
| 2998401 | |
| Production - Fully Tested and Ready for Production | |
| Cb Protection - Agent Details | |
| BESC | |
| IBM BigFix & Carbon Black Integration Content | |
| CarbonBlack on 9/16/2016 11:50:51 AM | |
| CarbonBlack on 9/28/2016 1:11:53 PM | |
| 9996 Views / 180 Downloads | |
 
* Average over 1 rating.
** Log In or Register to add your rating.
|
Properties
Version
Period
1 hour
| * Results in a true/false |
version of service whose (display name of it = "Bit9 Agent") as string | "n/a"
Install Date
Period
1 hour
| * Results in a true/false |
(value "InstallDate" of keys whose (value "DisplayName" of it = "Bit9 Agent") of key "HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall" of registry as string) | "n/a"
Service State
Period
Every Report
| * Results in a true/false |
state of service whose (display name of it = "Bit9 Agent") | "n/a"
Host Group
Period
1 hour
| * Results in a true/false |
value "B9_HOSTGROUP" of key "HKLM\Software\Bit9\Parity Agent\ServerSettings" of registry as string | "n/a"
Backend Server
Period
1 hour
| * Results in a true/false |
(value "B9_SERVER_IP" of it as string & ":" & value "B9_SERVER_PORT" of it as string) of key "HKLM\Software\Bit9\Parity Agent\ServerSettings" of registry | "n/a"
Current Level of Enforcement
Period
1 hour
| * Results in a true/false |
if (exists file "bit9_dasclistatus.txt" of storage folder of client) then (following text of first ":" of lines whose (it as string contains "Current" AND previous line of it as string contains "Enforcement Information") of file "bit9_dasclistatus.txt" of (storage folder of client) as trimmed string) else "n/a"
Unique Files
Period
1 hour
| * Results in a true/false |
if (exists file "bit9_dasclistatus.txt" of storage folder of client) then (preceding text of first " " of (following text of first ":" of lines whose (it as string contains "Unique Files") of file "bit9_dasclistatus.txt" of (storage folder of client) as trimmed string)) else "n/a"
Tamper Protection Status
Period
1 hour
| * Results in a true/false |
if (exists file "bit9_dasclistatus.txt" of storage folder of client) then (following text of first ":" of lines whose (it as string contains "Tamper Protection") of file "bit9_dasclistatus.txt" of (storage folder of client) as trimmed string) else "n/a"
Relevance
isWindows (Relevance 1172)
windows of operating system
version of client >= "9.0"
(exists keys whose (value "DisplayName" of it = "Bit9 Agent") of key "HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall" of registry) OR (((value "DisplayVersion" of keys whose (value "DisplayName" of it = "Bit9 Agent") of key "HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall" of registry) as string as version | ("0.0" as version)) = ("7.2.2" as version))
Sharing
| Social Media: |
