1 2 Previous Next 13 Replies Latest reply on Jan 30, 2017 2:26 PM by Moe Hassan

    ePOwerShell Module

      Months ago I started writing a Powershell Module for the ePO Web API, named "ePOwerShell". My goal was to implement the few CMDLets I had in mind, but unfortunately I was not able to finish the code and publish the module. Today I dug up the source code and I'm thinking of continuing the project. I use Powershell alost daily and I use this module to apply tags to systems I get from our asset database. It's still in pre-alpha stage, but if the community is interested I might consider publishing it.

       

      The few CMDLets I have implemented:

       

      • Connect-EpoServer
        Connect to the McAfee ePO server and cache the connection object for later use.
      • Get-EpoSystem
        Find systems in the ePO tree by name, IP address, MAC address, user name, agent GUID or tag. This Cmdlet impleme the "system.find" web api call.
      • Get-EpoTag
        Get tags available in ePO or tags assigned to system. This Cmdlet implements the "system.findTag" web api call.
      • Add-EpoTag
        Apply one or more tags to a system. This Cmdlet implements the "system.applyTag" web api call.
      • Clear-EpoTag
        Clear one or more tags from a system. This Cmdlet implements the "system.clearTag" web api call.
      • Get-EpoQuery
        Get all available queries from ePO. This Cmdlet implements the "core.listQueries" web api call.
      • Invoke-EpoQuery
        Execute an ePO query. This Cmdlet implements the "core.executeQuery" web api call.

       

      And this is what it looks like in Powershell:

       

      • Getting system info
        ePOwerShell_System.PNG
      • Applying tags to a system
        ePOwerShell_Tag.PNG
      • Listing queries
        ePOwerShell_GetQuery.PNG

      • Running a query (boolean pie chart)
        ePOwerShell_Query.PNG

       

      The following CMDLets were/are on the list to be implemented:

      • Send-EpoAgentWakeupCall
      • Get-EpoServerTask
        • Start-EpoServerTask
        • Stop-EpoServerTask
        • Enable-EpoServerTask
        • Disable-EpoServerTask
      • Get-EpoPermissionSet
      • Get-EpoUser
      • New-EpoUser (accept input from Get-ADUser)
      • Remove-EpoUser
      • Update-EpoUser (accept input from Get-EpoPermissionSet)
      • Enable-EpoUser
      • Disable-EpoUser

       

      What I want to know from the community is:

      1. Would you be interested in such a module?
      2. What functions are missing?
      3. What functions would be "nice to have"?

       

      All feedback is appreciated!

       

      Message was edited by: mischaboender on 8/25/12 3:55:36 PM CDT
        • 1. Re: ePOwerShell Module
          Arjen

          Mischa,

           

          Good to hear you're working on it again!

           

          Maybe you can think of commands of waking up agents, forcing policy refresh on agents etc.

          I'm thinking of automatic reactions based on SCOM monitoring, which I know you are using .

          Of course those actions are general an can be used in other monitoring solutions as well.

           

          I haven't worked with the Web APi much, so I don't know if those actions are really possible...

           

          Arjen

          • 2. Re: ePOwerShell Module

            Already working on a "Send-EpoAgentWakeup" cmdlet, but I'm not sure jet what to return.

             

            I've been playing with agent wakeups through the api, but it doesnt just send the call, it will also wait for the task to finish. This causes a HTTP time out most of the times (even with max time out set to 1 minute). I forced an expiration during an agent wakeup call and it took almost 4 minutes to expire. Most of the times you don't want to wait that long before getting results from a c'mdlet.

             

            And if I don't get a time-out, I only get the amount of completed, failed and expired wakeups. There is also no server task that I can watch before I return results. So there is no way of returning systems that did, or did not wake up. I could return the amount of completed wakeups, but that could take a lot of time (in case of expired wakups) and I don't think the info is very usefull.

             

            Maybe I can make a "SecondsToWait" parameter, return the epo system objects after that amount of time, and add a boolean property to the objects that is "true" when the last communiction is within "SecondsToWait" from now.

            • 3. Re: ePOwerShell Module
              raul

              This sounds very interesting, I have been looking for a solution to use powershell for running epo queries. Hope you will publish it someday.

              • 4. Re: ePOwerShell Module

                I'm trying to get it out before the Focus 2012 event. Running ePO queries will be in the release!

                 

                Got some new ideas I want to incorporate into the code that allows custom formatting of the returned objects.

                • 5. Re: ePOwerShell Module

                  Returning customized object types works! This allows for formatting the returned objects per cmdlet.

                   

                  Got Send-EpoAgentWakeupCall working, but I still have to spice up the returned results. Working on the ability to wake up whole groups of systems (Get-EpoGroup | Send-EpoAgentWakeupCall). Also implemented Get-EpoClientTask and Invoke-EpoClientTask.

                  • 6. Re: ePOwerShell Module

                    Here some examples of how to use the cmdlets that I have implemented until now:

                     

                    System related:

                    Get-EpoSystem "MyComputer" | Add-EpoTag "MyTag1", "MyTag2"

                    Get-EpoSystem "MyComputer" | Clear-EpoTag "MyTag3"

                    Get-EpoSystem "MyComputer" | Send-EpoAgentWakeupCall -ForceFullPolicyUpdate

                    Get-EpoClientTask "Update VirusScanner" | Invoke-ClientTask -ComputerName "MyComp1", "MyComp2"

                     

                    Group related:

                    Get-EpoGroup "Test Group" | Get-EpoSystem -SearchSubgroups

                    Get-EpoGroup "Test Group" | Send-EpoAgentWakeupCall -IncludeSubgroups -FullProperties

                     

                    Server task related:

                    Get-EpoServerTask -History -TaskID 1234567 | Get-EpoServerTaskLogMessage

                    Get-EpoServerTask -History -TaskID 7654321 | Get-EpoServerTaskSubTask

                    Get-EpoServerTask -Running | ?{$_.taskName -match "Replicate Repository"} | Stop-EpoServerTask

                    Get-EpoServerTask "AD Sync" | Start-EpoServerTask

                     

                    Query related:

                    Get-EpoQuery | ?{$_.Name -eq "My ePO Query"} | Invoke-EpoQuery

                    Get-EpoQuery | ?{$_.Name -eq "List of systems"} | Invoke-EpoQuery | Send-EpoAgentWakeupCall

                    • 7. Re: ePOwerShell Module

                      I'd be very interested in seeing what you've accomplished thus far.  Further, if you have a roadmap of exactly what you want to implement I'd be more than happy to assist.  

                      • 8. Re: ePOwerShell Module

                        ePOwerShell (version 0.1 pre-Alpha preview ) is publsihed!

                         

                        You can find it here: https://community.mcafee.com/docs/DOC-4297

                        • 9. Re: ePOwerShell Module

                          I've got a few functions that I'll wrap up to make look like your code that I'll shoot your way (EEPC related.)   Thanks for sharing!

                          1 2 Previous Next