Enrich Windows diagnostics and admin UI
This commit is contained in:
Esdras Renan
parent
49496f3663
commit
037891485d
2 changed files with 838 additions and 53 deletions
|
|
@ -792,6 +792,106 @@ fn collect_windows_extended() -> serde_json::Value {
|
|||
ps("@(Get-Service | Select-Object Name,Status,DisplayName)").unwrap_or_else(|| json!([]));
|
||||
let defender = ps("Get-MpComputerStatus | Select-Object AMRunningMode,AntivirusEnabled,RealTimeProtectionEnabled,AntispywareEnabled").unwrap_or_else(|| json!({}));
|
||||
let hotfix = ps("Get-HotFix | Select-Object HotFixID,InstalledOn").unwrap_or_else(|| json!([]));
|
||||
let bitlocker = ps(
|
||||
"@(if (Get-Command -Name Get-BitLockerVolume -ErrorAction SilentlyContinue) { Get-BitLockerVolume | Select-Object MountPoint,VolumeStatus,ProtectionStatus,LockStatus,EncryptionMethod,EncryptionPercentage,CapacityGB,KeyProtector } else { @() })",
|
||||
)
|
||||
.unwrap_or_else(|| json!([]));
|
||||
let tpm = ps(
|
||||
"if (Get-Command -Name Get-Tpm -ErrorAction SilentlyContinue) { Get-Tpm | Select-Object TpmPresent,TpmReady,TpmEnabled,TpmActivated,ManagedAuthLevel,OwnerAuth,ManufacturerId,ManufacturerIdTxt,ManufacturerVersion,ManufacturerVersionFull20,SpecVersion } else { $null }",
|
||||
)
|
||||
.unwrap_or_else(|| json!({}));
|
||||
let secure_boot = ps(
|
||||
r#"
|
||||
if (-not (Get-Command -Name Confirm-SecureBootUEFI -ErrorAction SilentlyContinue)) {
|
||||
[PSCustomObject]@{ Supported = $false; Enabled = $null; Error = 'Cmdlet Confirm-SecureBootUEFI indisponível' }
|
||||
} else {
|
||||
try {
|
||||
$enabled = Confirm-SecureBootUEFI
|
||||
[PSCustomObject]@{ Supported = $true; Enabled = [bool]$enabled; Error = $null }
|
||||
} catch {
|
||||
[PSCustomObject]@{ Supported = $true; Enabled = $null; Error = $_.Exception.Message }
|
||||
}
|
||||
}
|
||||
"#,
|
||||
)
|
||||
.unwrap_or_else(|| json!({}));
|
||||
let device_guard = ps(
|
||||
"@(Get-CimInstance -ClassName Win32_DeviceGuard | Select-Object SecurityServicesConfigured,SecurityServicesRunning,RequiredSecurityProperties,AvailableSecurityProperties,VirtualizationBasedSecurityStatus)",
|
||||
)
|
||||
.unwrap_or_else(|| json!([]));
|
||||
let firewall_profiles = ps(
|
||||
"@(Get-NetFirewallProfile | Select-Object Name,Enabled,DefaultInboundAction,DefaultOutboundAction,NotifyOnListen)",
|
||||
)
|
||||
.unwrap_or_else(|| json!([]));
|
||||
let windows_update = ps(
|
||||
r#"
|
||||
$reg = Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update' -ErrorAction SilentlyContinue
|
||||
if ($null -eq $reg) { return $null }
|
||||
$last = $null
|
||||
if ($reg.PSObject.Properties.Name -contains 'LastSuccessTime') {
|
||||
$raw = $reg.LastSuccessTime
|
||||
if ($raw) {
|
||||
try {
|
||||
if ($raw -is [DateTime]) {
|
||||
$last = ($raw.ToUniversalTime()).ToString('o')
|
||||
} elseif ($raw -is [string]) {
|
||||
$last = $raw
|
||||
} else {
|
||||
$last = [DateTime]::FromFileTimeUtc([long]$raw).ToString('o')
|
||||
}
|
||||
} catch {
|
||||
$last = $raw
|
||||
}
|
||||
}
|
||||
}
|
||||
[PSCustomObject]@{
|
||||
AUOptions = $reg.AUOptions
|
||||
NoAutoUpdate = $reg.NoAutoUpdate
|
||||
ScheduledInstallDay = $reg.ScheduledInstallDay
|
||||
ScheduledInstallTime = $reg.ScheduledInstallTime
|
||||
DetectionFrequency = $reg.DetectionFrequencyEnabled
|
||||
LastSuccessTime = $last
|
||||
}
|
||||
"#,
|
||||
)
|
||||
.unwrap_or_else(|| json!({}));
|
||||
let computer_system = ps(
|
||||
"Get-CimInstance Win32_ComputerSystem | Select-Object Manufacturer,Model,Domain,DomainRole,PartOfDomain,Workgroup,TotalPhysicalMemory,HypervisorPresent,PCSystemType,PCSystemTypeEx",
|
||||
)
|
||||
.unwrap_or_else(|| json!({}));
|
||||
let device_join = ps(
|
||||
r#"
|
||||
$output = & dsregcmd.exe /status 2>$null
|
||||
if (-not $output) { return $null }
|
||||
$map = [ordered]@{}
|
||||
$current = $null
|
||||
foreach ($line in $output) {
|
||||
if ([string]::IsNullOrWhiteSpace($line)) { continue }
|
||||
if ($line -match '^\[(.+)\]$') {
|
||||
$current = $matches[1].Trim()
|
||||
if (-not $map.Contains($current)) {
|
||||
$map[$current] = [ordered]@{}
|
||||
}
|
||||
continue
|
||||
}
|
||||
if (-not $current) { continue }
|
||||
$parts = $line.Split(':', 2)
|
||||
if ($parts.Length -ne 2) { continue }
|
||||
$key = $parts[0].Trim()
|
||||
$value = $parts[1].Trim()
|
||||
if ($key) {
|
||||
($map[$current])[$key] = $value
|
||||
}
|
||||
}
|
||||
if ($map.Count -eq 0) { return $null }
|
||||
$obj = [ordered]@{}
|
||||
foreach ($entry in $map.GetEnumerator()) {
|
||||
$obj[$entry.Key] = [PSCustomObject]$entry.Value
|
||||
}
|
||||
[PSCustomObject]$obj
|
||||
"#,
|
||||
)
|
||||
.unwrap_or_else(|| json!({}));
|
||||
|
||||
// Informações de build/edição e ativação
|
||||
let os_info = ps(r#"
|
||||
|
|
@ -847,6 +947,14 @@ fn collect_windows_extended() -> serde_json::Value {
|
|||
"memoryModules": memory,
|
||||
"videoControllers": video,
|
||||
"disks": disks,
|
||||
"bitLocker": bitlocker,
|
||||
"tpm": tpm,
|
||||
"secureBoot": secure_boot,
|
||||
"deviceGuard": device_guard,
|
||||
"firewallProfiles": firewall_profiles,
|
||||
"windowsUpdate": windows_update,
|
||||
"computerSystem": computer_system,
|
||||
"azureAdStatus": device_join,
|
||||
}
|
||||
})
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue