Windows PowerShell – Reporting SCEP Update and Scan

powershellsystem-centerwindows

I am using Microsoft System Center Endpoint Protection on all of the workstations I manage. For all three major platforms, it is a pain to get it to report on when it was last updated and last scanned. By parsing the system logs, I was able to retrieve dates for Mac and Linux, but Windows has been very elusive.

I can see the dates and times in the GUI, but that is impractical to run an automated report on dozens of computers. Does anyone know of a way (preferably using PowerShell, but I can make anything work) to output this data using some sort of script?

Best Answer

Okay so I wrote the following powershell script to extract the date of most recent update from the log. There's a typo in the logging function of SCEP "succesfully" so when you notice that I also have a typo in my below code it's to match the one in the logs I am searching.

$a=Select-String -Pattern "Update completed succesfully" -Path C:\Windows\Temp\MpCmdRun.log | Foreach {($_ -split ':')[2]}

$lineNumber = $($a | measure -Maximum).Maximum + 1

$lastUpdate = Get-Content -Path C:\Windows\Temp\MpCmdRun.log | Select-Object -Index $lineNumber | Foreach {($_ -split ':\s')[2]}

$lastUpdate = $lastUpdate.Replace("$([char]8206)","")

Write-Host "scep_last_update=$lastUpdate"

Best Answer

Related Solutions

Windows – Various problems communicating over SBS 2008 network

Windows – Cannot register new System Center 2012 Service Manager Data Warehouse after Service Manager database move

Related Topic