Using Endpoint Analytics (Preview) | Let’s see if we can Proactive remediate installed PowerShell Modules.

If you have followed my blog for some time now you will know how much I bang on about keeping your PowerShell modules up to date. Its been a while since I have looked at Microsoft Endpoint Manager and recently discovered Endpoint Analytics.

Which got me thinking about how I could automatically remediate out of date installed PowerShell modules.

Detection Script

As you can see from below, I have created a PowerShell which allows me to detect PowerShell modules that are not up to date. The detection scripts works on the basis of comparing the install version vs. cloud version available from the PowerShell Gallery. If matching versions are found it will move on to the next module installed until;

1. All PowerShell modules installed are matched to the Cloud Version.
or
2. A module is found where a latest version is available.

I am using an Array to pull Get-InstalledModules into Foreach Loop.

Remediation Script

The remediation script works in the same way as the detection script but if a new module is found. The script will remove the legacy version then install the latest version from the PowerShell Gallery.

So all this sound simple enough, lets put it to work.

So how does this look in Microsoft Endpoint Manager?

Browse to http://endpoint.microsoft.com

Select Reports from the left hand menu and select Endpoint Analytics as shown below.

Select Proactive Remediation

So as you can see already from the screen shot below, I have already create a script package to address my Windows 10 Virtual Machines with out of date PowerShell modules. It has identified 3 machines with issues and this issue has recurred 3 times. Which I would accept as I installed a number of old modules to demonstrate this process.

So how do we create our Script Package simple!! First of all you will need the scripts from my Github https://github.com/TheWatcherNode/Proactive-Remediation then follow this simple video.

Log Checking

All the PowerShell script are executed by the Intune Management Extension

– C:\ProgramData\Microsoft\IntuneManagementExtension\Logs

All scripts executed against the device are stored in the following location;

– C:\Windows\IMECache\HealthScripts

Negative side

As you may have 10s or 100s of modules installed I don’t believe Proactive Remediate is fully geared up my script currently. I need a bit more work to really make fully compliant in how Proactive Remediate works.

https://github.com/TheWatcherNode/blogaboutcloud/blob/master/Get-InstalledModulesUpdate.ps1

Conclusion

I was able to successful remediate my PowerShell modules but not 100% happy how it display back into the Endpoint Portal can see a lot of value in Proactive Remediation and I accept this area to grow when more and more Consultants start writing scripts to detect and remediate issues.

Regards
The Author – Blogabout.Cloud

Leave a Reply

Your email address will not be published. Required fields are marked *