Grabbing AMengineversion and AntiVirusSignatureVersion attributes from Get-MpComputerStatus for list of computers on LAN

Dear PowerShell Gurus,

I am trying to get the following working. Basically, I am hoping (somehow) grab 2 of the attributes from Get-MpComputerStatus, one is Amengineversion and the other AntiVirusSignatureVersion

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Grab the following attributes via Get-MpComputerStatus

AMengineversion

AntiVirusSignatureVersion

$computers = Get-Content C:\AVscript\Avcomputers.txt
Foreach ($computer in $computers) {

Get-MpComputerStatus

}

Get-Process | Export-csv C:\AVscript\avresult.csv

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Could you please advise how I may achieve this?
Thank you.

Didiguy,
Welcome to the forum.

I changed the category to standard PowerShell help as your question does actually fit to this category. :wink:

Next … when you post code, error messages, console output or sample data please format it as code using the “preformatted text” button ( </> ).
Thanks in advance.

When you carefully read the help for …

… you see that you can run the cmdlet in a remote session or on a remote computer with the parameter -CimSession. So you don’t even need a loop.

$ComputerList = Get-Content -Path 'C:\AVscript\Avcomputers.txt'
$CimSessionList = New-CimSession -ComputerName $ComputerList
$Result = Get-MpComputerStatus -CimSession $CimSessionList 
$Result |
    Select-Object -Property Amengineversion, AntiVirusSignatureVersion

Of course you can use the $Result and pipe it to Export-Csv of whatever further step you need.

1 Like

hi Olaf, thank you for messaging. Sorry for sounding so confused but I did try to copy & paste this into PS ISE and tried it but it didn’t grab any info… how could I actually execute this?

… is not that helpful. What happend? Didn’t you get ANY ouput at all?

Oh I am sorry, I am being a typical user now :grinning:

New-CimSession : The WinRM client cannot process the request. If the authentication scheme is different from Kerberos, or if the

client computer is not joined to a domain, then HTTPS transport must be used or the destination machine must be added to the

TrustedHosts configuration setting. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not

be authenticated. You can get more information about that by running the following command: winrm help config.

At line:2 char:19

+ $CimSessionList = New-CimSession -ComputerName $ComputerList

+                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : NotEnabled: (:) [New-CimSession], CimException

    + FullyQualifiedErrorId : HRESULT 0x803380e4,Microsoft.Management.Infrastructure.CimCmdlets.NewCimSessionCommand

    + PSComputerName        : ADASBAN01

In your above script, how could I pipe it to a CSV? Thank you.

If you’re posting to this forum you’re not a normal user anymore. :face_with_raised_eyebrow: :stuck_out_tongue_winking_eye: :wink:

Have you read the error message? … carefully … and completely? Did you try to understand what’s meant with it? Are you working in a domain environment? Does the account you use have administrative rights on the target remote computers? Is WinRM properly configured?

… you add

... | Export-Csv -Path 'D:\sample\Output.csv' -Delimiter ',' -NoTypeInformation

… after the last command!? It seems like you already used this cmdlet!? At least you showed it it in your question. :face_with_raised_eyebrow:

1 Like

Hello again, yes, this is within a domain environment and I supposed to have full access but perhaps not. I am still not sure if the above script should be copied over several lines or on one long line with pipe used as shown? How would I change the entire script from start to finish that I could execute in PS ISE? Right now zero output is generated for the above. However if I run:

Get-MpComputerStatus | select-object Amengineversion, AntiVirusSignatureVersion

I get the command executed on my laptop

Also, if I use the original script I get it fully loop and grab the extended version for each computer specified within the .txt file. How would I just modify my original version and keep the loop instead?

Thank you.

So far the below grabs everything and not just the 2 attributes. How could I modify this to grab just those 2 mentioned within?

$computers = Get-Content C:\AVscript\Avcomputers.txt
foreach ($computer in $computers){

    Get-MpComputerStatus | Select-Object AMengineversion, AntispywareSignatureVersion

   }

  Get-Process | Export-Csv -Path 'c:\AVscript\avresult.csv' -Delimiter ',' -NoTypeInformation

p.s. the blue font within looks terrible. Any chance that could be light green or orange, it’s MEGA hard to read on screen…

Hmmm … I doubt that actually. You may check the ouput you get from this code. Do they ALL have the same engine version and signature version? If the answer is “yes” - don’t you think that’s a kind of suspicious? :wink:
Actually when you run the code you posted exactly this way you query your own computer as many times as you have computer names in your input file.

You could try to use PowerShell remoting to query another computer. Try the following with ONE remote computer:

Invoke-Command -ComputerName "here you have to put the remote computers name" -ScriptBlock {
    Get-MpComputerStatus |
    Select-Object -Property Amengineversion, AntiVirusSignatureVersion, PSComputerName 
}


and BTW: With

Get-Process | Export-Csv -Path 'c:\AVscript\avresult.csv' -Delimiter ',' -NoTypeInformation

You list all the processes running on your local computer and export it to a CSV file. That’s completely unrelated to the commands you have run before!!! :wink:

2 Likes

You could change the theme to another one easier readable for you. It’s in your profile setting in the section “Interface”. :wink:

1 Like

hello again, no joy…

Invoke-Command -ComputerName "LNPERVBIG01, LNPERVGPM01, LNPERVABSQL02" -ScriptBlock {

    Get-MpComputerStatus |

    Select-Object -Property Amengineversion, AntiVirusSignatureVersion, PSComputerName }

Get-Process | Export-Csv -Path 'c:\AVscript\avresult.csv' -Delimiter ',' -NoTypeInformation

 

PS C:\WINDOWS\system32> Invoke-Command -ComputerName "LNPERVBIG01, LNPERVGPM01, LNPERVABSQL02" -ScriptBlock {

    Get-MpComputerStatus |

    Select-Object -Property Amengineversion, AntiVirusSignatureVersion, PSComputerName }

 Get-Process | Export-Csv -Path 'c:\AVscript\avresult.csv' -Delimiter ',' -NoTypeInformation

 

Invoke-Command : One or more computer names are not valid. If you are trying to pass a URI, use the -ConnectionUri parameter, or pass URI objects

instead of strings.

At line:1 char:1

+ Invoke-Command -ComputerName "LNPERVBIG01, LNPERVGPM01, LNPERVABSQL02 ...

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidArgument: (System.String[]:String[]) [Invoke-Command], ArgumentException

    + FullyQualifiedErrorId : PSSessionInvalidComputerName,Microsoft.PowerShell.Commands.InvokeCommandCommand

 

I did separate computer names via comma but even then not sure if that would work at this point.

No, you did not.

I know you will not like to hear that … it is not possible to lerarn a complex technology like a scripting language by guessing or by piecing together some arbitrary pieces of code you found on the internet. You lack the fundamentals of PowerShell.
I urgently urgently recommend for you to do yourself and all others a favour and take big step back and start with learning the very basics of PowerShell first. You will save you from a lot of frustrations and wasted time.

It does not make any sense to help you when you do not understand the help you get and when you actually not even take advices. I told you explicitly to run the code against ONE remote computer.

hi there, yes, was tired and I missed your clear instructions (ONE). Will have another go today. Thank you. Have a great day.