Quantcast
Channel: Forums - Recent Threads
Viewing all 30534 articles
Browse latest View live

RE: Check Return Code from Script / Executable

April 27, 2016, 10:05 am
$
0
0

Hello Grumple,

An example using Powershell instead of DOS.

$ErrorActionPreference = "SilentlyContinue"; &{ java -jar awrongjarname } ; $LastExitCode

Basically the idea is to run multiple command separated by a semicolon.

In my example I suppressed the error description because I only want to get the last exit code without the rest of the error (so you can check on it later).

Then you retrieve the return value using #global:psresult# that you can check in your step with a condtional IF CheckVar #global:psresult#

Using this technique you can run quickly commands using a kaseya step but without the need of uploading a File to the Agent while at the same time to be able to get the return value.

If you want to check if the command has failed itself "say you made a syntax error" you can also use this:

$?

Best Regards

Search

RE: Time to kill Quicktime

April 27, 2016, 1:18 pm
$
0
0

I was able to do this with a simple script:

executeShellCommand("start /wait /min wmic product where "name like 'quicktime%%'" call uninstall /nointeractive", "Execute as System", All Operating Systems", "Halt on Fail")

This has worked for us.  

I also combined it with an If Else statement:

If hasRegistryKey("HKey_Local_Machine\SOFTWARE\Apple Computer, Inc.\QuickTime") Exists

It would run the above shell command

Else - It would write in the agent log that QuickTime was not found

Time to kill Quicktime

April 15, 2016, 5:14 am

RE: WebRoot's Kaseya Plugin

April 27, 2016, 1:32 pm
$
0
0

Semeraro.Nick,  We did a trial of webroot and decided to not purchase their product. Everything we did with the program only alerted to infections it did not offer any removal. There were objects that were not detected by webroot but were with other programs. We decided to go with a standalone malwarebytes.

RE: WebRoot's Kaseya Plugin

April 27, 2016, 1:54 pm

RE: WebRoot's Kaseya Plugin

April 27, 2016, 2:28 pm
$
0
0

Although my time so far with webroot is limited, I will throw my voice in as an advocate and very happy customer.

We just last week opted to replace both KAV and KAM with Webroot and have moved only about a thousand endpoints over so far this week, but compared to the time our previous KAV upgrade took us this is going amazingly quickly and smoothly.
I know when I ask questions like yours what I really want to know is "Why will I hate this?" so I can decide if what I'll hate is worth why I already know I'm interested in it, so here's the annoyance list so far:

  1. Claim:"Webroot and Kaspersky can coexist, making your migration easier!"
    Reality:Mostly true.  Our method of deployment is push Webroot first, then pull kav + kam the next day and we've had more luck with this going smoothly than we thought possible. So far out of the thousand endpoints we've moved we've had less than 30 where Kaspersky reports the webroot installer as a trojan and triggers a pop-up on the endpoint.  This after we've white-listed both the installer and the installed application in all of our KAV profiles... but then again we're having KAV profile sync issues anyway hence the reason for abandoning it.  This isn't a show stopping problem but has resulted in about 15 or so calls to our help desk despite warning people ahead of time.  
  2. While the overwhelming majority of our endpoints have installed flawlessly and shockingly quickly, we have had one minor issue or another with probably close to 100 of them.  These have all been resolved so far with an uninstall/cleanup/reinstall agent procedure and sometimes with the added step of disabling (or removing) KAV during the install process.  It's pretty quick/easy to do this in batches and we've not had to devote a large number of man hours to it so far.
  3. Alerting is a little... simple.  "Alert upon detection" is basically the only option and frequently by the time a ticket is made and an engineer assigned to investigate, the issue has already been solved.  "Alert upon detection but only if I fail to do anything about it on my own" would be a welcome additional alerting option.
  4. The Webroot plugin is great for deployment, auditing and some issue remediation so far, but one thing to be very aware of is that it does not have any influence at all over policy.  All policy assignment is done through the Webroot anywhere console on Webroot's own website.  This is a minor annoyance.
  5. It's a bit of a stretch to call the plugin 1.0 instead of beta, there are lots of silly simple UI goofs, but it does the job without too much extra effort.  Here are some examples:
    1. The machine group and view selectors are different.  Different isn't bad (I rather like their look), but they don't stay in sync with the rest of Kaseya.  If you set a group and view in the "agent" module and then go to the Webroot module, you'll have to set it again.  Conversely when you set a group and view in the Webroot module and go to any other module the "machine group" field becomes populated with a long numeric string that doesn't match any actual group.  Mildly annoying.
    2. The Webroot module does not remember how many items you want to view per page - it keeps defaulting back to 10.
    3. The install/uninstall operations do not integrate with the Kaseya task scheduler at all.  If you select 500 machines and hit "install" - it will begin installing to all 500 of them immediately without any confirmation step at all.  This is a touch dangerous.

All that being said, the entire staff here is unanimously thrilled with the switch.  It has already detected more potential malware and alerted on fewer false positives than Kaspersky was doing on average over this same time frame and the impact on some of our customers ancient endpoints is so much less that they feel they've received a "performance boost" (which may actually hurt our ability to convince them to finally upgrade - but oh well).

To sum up: There is simply no doubt in my mind that this was the right move to make and I think we made it at exactly the right time.

Let me know if you have any other questions.

Disclaimer:  The above is written by a Webroot/Kaseya customer and was not sponsored in any way by any party... but *cough cough* I'm open to bribes from Webroot or Greater Intel if they're feeling generous next week at Connect.

WebRoot's Kaseya Plugin

April 27, 2016, 1:22 pm
$
0
0

I was wondering if anyone is using the WebRoot Kaseya Plugin.  We are looking to start using it, but I wanted to see if anyone had any input, opinion or feedback on it. 

WebRoot seems like it is a good product if they can do all they say they do.  However before we roll it out to our clients I would rather see if anyone has any experience with them.  

RE: ExecuteShellCommandToVariable

April 27, 2016, 2:59 pm
$
0
0

Thanks for the reply. The example above I wrote is just what Kaseya suggest in its help. My goal was to run execute shell command to variable for a particular script that results a one small line of text. Then update a custom field with system info. I can get file content to a variable but it just sounded like I'd be skipping a few steps if i could get the execute shell command to variable working. I've also tried without set credentials and  still fails, would you have a procedure example I could potentially test to know it works. cheers

Search

ExecuteShellCommandToVariable

April 26, 2016, 10:20 pm
$
0
0

I can't get the "ExecuteShellCommandToVariable" to work. No matter what I do it always fails in this step.

Can you see anything wrong with what i have below. Is there anything i need to enable for the #global:cmdresults# to be active? I've done many different shell commands instead of below and still all fail?

useCredential("All Operating Systems", "Halt on Fail")

executeShellCommandtToVariable("dir %APPDATA%", "User", true, "All Operating Systems", "Halt on Fail")

pauseProcedure(2, "All Operating Systems", "Halt on Fail")

writeProcedureLogEntry("#global:cmdresults#", "All Operating Systems", "Halt on Fail")

RE: ExecuteShellCommandToVariable

April 27, 2016, 6:42 pm
$
0
0

I've always done  (as you)

ExecuteShellCommand  "#command# >>#outputfile#"

(pause for tea)

GetVariable, FileContent, #outputfile# = variable

WriteScriptLogEntry, #variable#

I have not tried "executeShellCommandtToVariable". It does sound useful. :)  I noticed that you're trying to enumerate the %APPDATA% folder, which is a user environment variable, and maybe it's getting tripped up on this, even while using useCredential.

Have you tried a different a different path, say %systemroot% or maybe a hard path?

RE: Agent Question

April 27, 2016, 6:55 pm
$
0
0

Yes, the Kaseya agent is a 32-bit application. Hence why it is installed in program files (x86) folder :)

In 9.3, the components of live connect mk.II are 64-bit....the "basic" agent itself is still 32-bit.

As long as the agent is 32-bit code, you're going to see this issue on any >32 cpu machine - that's just an inherent limitation of any 32-bit application, and not specifically a Kaseya issue.

RE: Agent Question

April 27, 2016, 7:40 pm
$
0
0

Thanks, Craig. That's what I was afraid of. I'm disappointed this issue hasn't been dealt with by Kaseya by now. This precludes me installing the agent on my more potent Hyper-V hosts and diminishes the usefulness of the VSA.

RE: ExecuteShellCommandToVariable

April 27, 2016, 8:22 pm
$
0
0

I changed this:

to this:

Tested, and executeShellCommandtoVariable works in my script!

RE: Check Return Code from Script / Executable

April 27, 2016, 11:34 pm
$
0
0

Hello Grumple,

For the DOS / Shell command lovers instead

there's a way that allows you to do an INLINE check (so you don't need to upload a script to the Agent and handle the %ERRORLEVEL% inside an IF).

I converted the Powershell script I posted previously to a Shell:

java -jar awrongjarname >nul 2>&1 || echo FAILED

This will output FAILED if the executable above returns an ERROR.

If you want to test for successful you would do:

java -jar awrongjarname >nul 2>&1 && echo SUCCESS

The test above will always be FAILED unless you have a jar somewhere called "awrongjarname" :-)

You now have to be carefull to run this as is on the ExecuteShellToVariable because we are using redirection characters that must be escaped in Kaseya.

So you can do something like this:

java -jar awrongjarname >>nul 2>>&1 || echo FAILED

And your #global:cmdresults# variable will contain FAILED in case your executable failed and nothing if succeded.

What kaseya does internally would be something like this:

Executing command in standard shell as user: java -jar awrongjarname >nul 2>&1 || echo FAILED >"c:\kworking\commandresults-1528297366.txt" 2>&1

And grab the content of the text file in the global variable.

Best Regards

RE: VSA Statistics

April 28, 2016, 1:48 am
$
0
0

Thanx Craig, This is what i need . 

Search

RE: Powershell commands in Agent Procedures

April 28, 2016, 1:51 am
$
0
0

Hello GeorgeC,

You can run anything you want with the ExecutePowershell commands.

As mentioned above, by running a ps1 command or by quick one liners that can do a lot.

This for example uses COM to find the Itunes Version and uses a Try Catch in case there's no Ole interface available.

All without uploading scripts...


RE: Looking for MSP in Buffalo NY

April 28, 2016, 5:58 am

Looking for MSP in Buffalo NY

April 25, 2016, 5:31 am
$
0
0

For helpdesk and remote hands in satellite office. Currently I'm a one man show looking to work together with an MSP to handle level 1 needs and to be familiar with my environment to be able to easily provide support when I'm not available. I already use Kaseya internally so I found a quote for such support from an MSP who uses other software to be too high.

Automatic deployment and scheduling initial scan

April 28, 2016, 7:08 am
$
0
0

I am trying to automate two actions around KES.

  1. I would like to have KES automatically deployed when an agent joins a particular machine group
  2. Once KES is installed, I want the initial scan to run (or to run as a pre-defined time). Today, I have to log into each machine and run that initial scan.

Are these things possible? Thanks.

RE: Audit Module - Monitor

April 28, 2016, 7:20 am
$
0
0

Hello Twistedtechmike,

I don't have an ASUS to try but you could try to run this one and see what it gives you.

Get-WmiObject -Namespace "root/wmi" -Query "select * from WmiMonitorID" | Select-Object @{Name="ManufacturerName";Expression={[System.Text.Encoding]::ASCII.GetString($_.ManufacturerName)}}, @{Name="ProductCodeID";Expression={[System.Text.Encoding]::ASCII.GetString($_.ProductCodeID)}},@{Name="SerialNumberID";Expression={[System.Text.Encoding]::ASCII.GetString($_.SerialNumberID)}},YearOfManufacture, Active

If it works run it on a procedure and put it in a Custom Field.

Best Regards

Viewing all 30534 articles
Browse latest View live
Search