Using PowerShell to collect additional information
This page describes how to leverage PowerShell in custom fields in AlloyScan. Custom fields allow collecting and analyzing specific data points that are relevant to your unique auditing requirements. With PowerShell, you can save time and effort while ensuring consistent and accurate data collection.
Here are the steps to create custom fields using PowerShell in AlloyScan:
Identify the data to collect: Determine the specific information you want to capture and associate with custom fields. This could include additional attributes, metadata, or calculated values that are relevant to your auditing needs.
Create a PowerShell script that encapsulates the request for creating the custom field (see example below).
Test the PowerShell script in a controlled environment to ensure it works as expected.
PowerShell script sample
The following PowerShell script retrieves and captures the internal reference designators of port connectors on a Windows computer, allowing AlloyScan to display this information in a custom field:
$Result = Get-WmiObject Win32_PortConnector | Select-Object InternalReferenceDesignator
This script comprises the following elements:
Get-WmiObject Win32_PortConnectorcmdlet. This cmdlet retrieves information about port connectors on the Windows computer. It uses the Windows Management Instrumentation (WMI) class
Win32_PortConnectorto access this information.
| Select-Object InternalReferenceDesignator: The pipe symbol "|" is used to pass the output of the previous cmdlet to the next one. In this case, it passes the result of the
Select-Objectcmdlet is then used to choose and display only the
InternalReferenceDesignatorproperty of the retrieved port connectors. This property represents the internal reference or identifier associated with the port connector.
$Result =: The "=" operator assigns the output of the previous piped cmdlet to the variable
$Result. This allows you to store and manipulate the selected
InternalReferenceDesignatorvalues for further use within the PowerShell script.
When creating a custom audit field based on this code, you will need to select a Field type that best represents the nature of the data in the
InternalReferenceDesignator property. Since in this case the
InternalReferenceDesignator represents a list of specific identifiers or labels associated with each port connector, the Table field type is the most appropriate.