Mondoo Inc
Calling Powershell scripts from MQL? #1096
-
|
Hi, My infra is on prem Windows servers. |
Beta Was this translation helpful? Give feedback.
Replies: 4 comments 2 replies
-
|
Welcome @GurdipS5 Great question. You can test then when you run the Assuming you have a local file Write-Host 'Hello, World!'Then you can just call the script For production use I would recommend using absolute paths. In the second case the powershell script is not distributed via the policy itself and you would need to make sure the powershell script is available at all machines. |
Beta Was this translation helpful? Give feedback.
-
|
Yeah I will be testing this. Just discovered Mondoo late last night lol.
Great tool there aren't many policy as code tools for Windows I was
thinking Pester.
…On Thu, 23 Mar 2023, 12:18 Christoph Hartmann, ***@***.***> wrote:
Welcome @GurdipS5 <https://github.com/GurdipS5>
Great question. You can test then when you run the cnspec shell. When you
embed the powershell code, it looks like that:
cnspec> powershell("Write-Host 'Hello, World!'").stdout
powershell.stdout: "Hello, World!
"
Assuming you have a local file test.ps1
Write-Host 'Hello, World!'
Then you can just call the script
cnspec> powershell("./test.ps1").stdout
powershell.stdout: "Hello, World!
"
For production use I would recommend using absolute paths. In the second
case the powershell script is not distributed via the policy itself and you
would need to make sure the powershell script is available at all machines.
—
Reply to this email directly, view it on GitHub
<#1096 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AU2JXHAWRHJYGQQSQQMGXUTW5Q5RLANCNFSM6AAAAAAWFB7GTQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
And the scripts will be distributed via Octopus Deploy and in git so that will contrl that. |
Beta Was this translation helpful? Give feedback.
-
|
Nice |
Beta Was this translation helpful? Give feedback.
-
|
We have a lot of Windows users using cnspec in production to secure their Windows server and Windows client fleet. Here is our Windows Security policy https://github.com/mondoohq/cnspec-policies/blob/main/core/mondoo-windows-security.mql.yaml and our Windows Workstation Security Policy https://github.com/mondoohq/cnspec-policies/blob/main/core/mondoo-windows-workstation-security.mql.yaml We also have support for all CIS Benchmarks if you need that. |
Beta Was this translation helpful? Give feedback.
-
|
Awesome. I'd add I'm using iis so that's a focus. Server 2022.
…On Thu, 23 Mar 2023, 12:23 Christoph Hartmann, ***@***.***> wrote:
We have a lot of Windows users using cnspec in production to secure their
Windows server and Windows client fleet. Here is our Windows Security
policy
https://github.com/mondoohq/cnspec-policies/blob/main/core/mondoo-windows-security.mql.yaml
and our Windows Workstation Security Policy
https://github.com/mondoohq/cnspec-policies/blob/main/core/mondoo-windows-workstation-security.mql.yaml
We also have support for all CIS Benchmarks if you need that.
—
Reply to this email directly, view it on GitHub
<#1096 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AU2JXHCYCWM5EMHP4PSAZPTW5Q6CVANCNFSM6AAAAAAWFB7GTQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
We have a lot of Windows users using cnspec in production to secure their Windows server and Windows client fleet. Here is our Windows Security policy https://github.com/mondoohq/cnspec-policies/blob/main/core/mondoo-windows-security.mql.yaml and our Windows Workstation Security Policy https://github.com/mondoohq/cnspec-policies/blob/main/core/mondoo-windows-workstation-security.mql.yaml
We also have support for all CIS Benchmarks if you need that.