Skip to content

Commit ad24e3f

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #230369 from Shereen-Bhar/patch-27
adding information retrieved by WMI into the device inventory
2 parents 8328a79 + eb325f8 commit ad24e3f

File tree

1 file changed

+10
-1
lines changed

1 file changed

+10
-1
lines changed

articles/defender-for-iot/organizations/detect-windows-endpoints-script.md

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,16 @@ ms.topic: how-to
99

1010
In addition to detecting OT devices on your network, use Defender for IoT to discover Microsoft Windows workstations and servers. Same as other detected devices, detected Windows workstations and servers are displayed in the Device inventory. The **Device inventory** pages on the sensor and on-premises management console show enriched data about Windows devices, including data about the Windows operating system and applications installed, patch-level data, open ports, and more.
1111

12-
This article describes how to configure Defender for IoT to detect Windows workstations and servers with local surveying, performed by distributing and running a script on each device. While you can use active scanning and scheduled WMI scans to obtain this data, working with local scripts bypasses the risks of running WMI polling on an endpoint. Running a local script is also useful for regulated networks that have waterfalls and one-way elements.
12+
This article describes how to use a Defender for IoT Windows-based WMI tool to get extended information from Windows devices, such as workstations, servers, and more. Run the WMI script on your Windows devices to get extended information, increasing your device inventory and security coverage. While you can also use [scheduled WMI scans](configure-windows-endpoint-monitoring.md) to obtain this data, scripts can be run locally for regulated networks with waterfalls and one-way elements if WMI connectivity isn't possible.
13+
14+
The script described in this article returns the following details about each detected device:
15+
16+
- IP address
17+
- MAC address
18+
- Operating system
19+
- Service pack
20+
- Installed programs
21+
- Last knowledge base update
1322

1423
For more information, see [Configure Windows Endpoint Monitoring](configure-windows-endpoint-monitoring.md).
1524

0 commit comments

Comments
 (0)