Monday, October 14, 2024

SCCM to Tanium



SCCM transition Options: of course intune otherwise 


Deployment, Patching - Tanium

Image - Tazier

Inventory - Tanium

Remote Control - Zoom 

Reporting - Custom SSRS or Kafka , Grafana, Telegraf , Sensu, Datadog



Friday, October 11, 2024

Use this script to refresh a list content to a specific dp

 

# Use this script to refresh a list content to a specific dp, or a list of dps to a specific piece of content.


# Paste output list from SQL of packageids

$PKGIDS = @"

"@


# Paste output list from SQL of the full servernalpaths

$serverNalPath = @"


"@


<# Begin #>

<# do not modify below #>

# Splitting up the Here strings for Packageids and Servernalpaths to turn it into an array of objects

$PKGIDS = $PKGIDS.Split("`r`n") | Where-Object {$_ -ne ""}

$ServerNalPath  = $ServerNalPath.Split("`r`n") | Where-Object {$_ -ne ""}

$ServerShortName = $ServerNalPath  |  % {$_.Split("\\")[5]}


# Testing the counts of the arrays to make sure we don't loop improperly

$ErrorActionPreference = "Stop"

$shouldrun = $false

if ($PKGIDS.count -eq 1 -and $ServerShortName.count -ge 1) {$shouldrun = $true}

elseif ($PKGIDS.count -ge 1 -and $ServerShortName.count -eq 1) {$shouldrun = $true}

    else {$shouldrun = $false}


if ($shouldrun) {

    $ServerShortName | % { 

        $ServerNalPath = $_

        $PKGIDS | % {

            TRY {

                $PKGID = $_

                $DP = gwmi -ComputerName xxxxxx -Class sms_distributionpoint -filter "ServerNALPath like '%$ServerNalPath%' and packageid = `'$PKGID`'" -Namespace root\sms\site_XXX

                $dp.RefreshNow = $true

                $dp.put() | Out-Null

                Write-Output "Success - Refreshing $PKGID on $ServerNalPath"

                }

            CATCH { 

                Write-Output "Error - Refreshing $PKGID on $ServerNalPath"

                }


        }

    }

}

else {

    Write-Output "Error - Script only supports running against a single packageid or a single servernal path at a time, validate input"

    }


<# END #>





SQL Queries to get :
-- 1, get list of all pending packageids, change nalpath to broken DP
select * from v_PackageStatusDistPointsSumm
where servernalpath like '%xxxx%'  and state != 0
order by packageid
 
-- 2, get dpip to send to distribuitonjobs, note the dpid for the dp
select * from v_distributionpoints where servername like '%xxxx%'




GCP Overview

Overview Google Kubernetes Engine (GKE) provides a managed environment for deploying, managing, and scaling your containerized applications using Google infrastructure. The GKE environment consists of multiple machines (specifically Compute Engine instances) grouped to form a container cluster. In this lab, you get hands-on practice with container creation and application deployment with GKE. Objectives In this lab you will learn how to: w Create a GKE cluster w Deploy an application to the cluster w Delete the cluster Cluster orchestration with Google Kubernetes Engine Google Kubernetes Engine (GKE) clusters are powered by the Kubernetes open source cluster management system. Kubernetes provides the mechanisms through which you interact with your container cluster. You use Kubernetes commands and resources to deploy and manage your applications, perform administrative tasks, set policies, and monitor the health of your deployed workloads. Kubernetes draws on the same design principles that run popular Google services and provides the same benefits: automatic management, monitoring and liveness probes for application containers, automatic scaling, rolling updates, and more. When you run your applications on a container cluster, you're using technology based on Google's 10+ years of experience with running production workloads in containers. Kubernetes on Google Cloud When you run a GKE cluster, you also gain the benefit of advanced cluster management features that Google Cloud provides. These include: w Load balancing for Compute Engine instances w Node pools to designate subsets of nodes within a cluster for additional flexibility w Automatic scaling of your cluster's node instance count w Automatic upgrades for your cluster's node software w Node auto-repair to maintain node health and availability w Logging and Monitoring with Cloud Monitoring for visibility into your cluster

Salesforce Admin Topics

• SF Editions • Different type of SF Clouds ○ Sales Cloud ○ Service ○ Experience • Salesforce Org Creation • Types of Salesforce Orgs ○ Sandbox (Dev, Full Copy, Partial Copy) ○ Production • Login. Salesforce , Test.Salesforce login • Salesforce Lightning Experience • Salesforce Objects ○ Standard Objects ○ Custom Objects • Applications ○ App Manager ○ APP Menu • Tabs • Field and Relationships ○ Lookup Relationships ○ Master details Relationships (MD) ○ Other data types (Text, Number, Date, Picklist etc) ○ Global Picklist • Record Types , Flows • Page layouts • Lightening record pages • Validation Rules

Thursday, October 10, 2024

To force re-scan by Tanium agent on windows Server?

1.To force re-scan by Tanium agent on windows Server? remove both the latest-errors and patch-scan-results files \Patch\scans\patch-scan-results \Patch\scans\scan-statuses \Patch\latest-errors Note: Make sure you check the latest cab file available under \Patch\scans\

Tanium Questions help for Windows Servers Patching

Get Computer Name and Patch - Patch List Applicability[0,1] from all machines with Computer Name contains XXXXXXX Get Endpoint Configuration - Tools Status Details from all machines with Computer Name contains XXXX Get Patch - Is Process Running with computer name contains XXXX Get Computer Name and Patch - Maintenance Windows Applied?maxAge=60 from all machines with Computer Name contains XXXXX Get Computer Name and Patch - Applicable Patch Count[0] and Patch - Maintenance Windows Applied from all machines with Computer Name contains XXXXXX Get Computer Name and Operating System and Patch - Scan Errors from all machines with ( all Patch - Scan Errors not contains No Scan Errors and Computer Name contains XXX ) Get Computer Name and Operating System and Patch - Scan Errors from all machines with ( all Patch - Scan Errors not contains No Scan Errors and Operating System contains Windows server ) Get Computer Name from all machines with ( Patch - Manifest Sync State[3] contains XML and Custom Tags matches patch and Computer Name contains XXX ) Get Computer Name and Tanium Action Log[911118,100] from all machines with Computer Name equals XXX Get Computer Name and Patch - Blacklists Applied from all machines with Operating System contains windows server Get Computer Name and Operating System and Patch - Patch List Applicability[0,1] matches "^[^|]*\b6\b[^|]*\|[^|]*\|[^|]*\|Not Installed\|.*$" from all machines with ( Is Windows equals True and Patch - Patch List Applicability[0,1] matches "^[^|]*\b6\b[^|]*\|[^|]*\|[^|]*\|Not Installed\|.*$" ) Get Computer Name and Operating System and Patch - Applicable Patch Count[0] and Patch - Patch List Applicability[0,1] matches "^[^|]*\b6\b[^|]*\|[^|]*\|[^|]*\|Not Installed\|.*$" from all machines with Custom Tags matches patch Get Computer Name and Patch - Applicable Patch Count[0] and Patch - Patch List Applicability[0,1] matches "^[^|]*\b6\b[^|]*\|[^|]*\|[^|]*\|.*$" from all machines with ( Computer Name contains XXXX and Operating System contains windows server ) Note: here XXXX is a computername here b6 is patch list ID

Wednesday, October 9, 2024

To check patch deployment status in TANIUM

Get Computer Name and Operating System and Patch - Deployment Statuses matches "^1234\|.*$" from all machines with Patch - Deployment Statuses matches "^1234\|.*$" Note: here 1234 is deployment ID , so you need to switch it based on your ID

To download CAB file

http://download.windowsupdate.com/microsoftupdate/v6/wsusscan/wsusscn2.cab https://content.tanium.com/files/hosted_dats/MS-CVEs.dat https://content.tanium.com/files/windows-patch/wsusscn2.json

SCCM to Tanium

SCCM transition Options: of course intune otherwise  Deployment, Patching - Tanium Image - Tazier Inventory - Tanium Remote Control - Zoom  ...