KeyEx Compliance Monitor ProbeActionModuleType

KeyEx.Compliance.Monitor.ProbeActionModuleType (ProbeActionModuleType)

Probe Action Module Type for Unit Monitor: KeyEx.Compliance.Monitor

Element properties:

Show References:
- DataSource Modules (1)
- Unit Monitor Types (1)

Type	ProbeActionModuleType
Isolation	Any
Accessibility	Internal
RunAs	Default
OutputType	System.PropertyBagData

Member Modules:

ID	Module Type	TypeId	RunAs
Probe	ProbeAction	Microsoft.Windows.PowerShellPropertyBagTriggerOnlyProbe	Default

Overrideable Parameters:

ID	ParameterType	Selector	Display Name	Description
TimeoutSeconds	int	$Config/TimeoutSeconds$	Timeout Seconds

Source Code:

<ProbeActionModuleType ID="KeyEx.Compliance.Monitor.ProbeActionModuleType" Accessibility="Internal" Batching="false" PassThrough="false">

  <Configuration>

    <xsd:element xmlns:xsd="http://www.w3.org/2001/XMLSchema" type="xsd:integer" name="TimeoutSeconds"/>

  </Configuration>

  <OverrideableParameters>

    <OverrideableParameter ID="TimeoutSeconds" Selector="$Config/TimeoutSeconds$" ParameterType="int"/>

  </OverrideableParameters>

  <ModuleImplementation Isolation="Any">

    <Composite>

      <MemberModules>

        <ProbeAction ID="Probe" TypeID="Windows!Microsoft.Windows.PowerShellPropertyBagTriggerOnlyProbe">

          <ScriptName>Security.Protocol.KeyEx.Monitor.DataSource.ps1</ScriptName>

          <ScriptBody><Script>#=================================================================================



					#  Author: Sean Christie

					#  v1.0

					#=================================================================================





					# Constants section

					#=================================================================================

					# Assign script name variable for use in event logging.

					$ScriptName = "Security.Protocol.KeyEx.Monitor.DataSource.ps1"

					$EventID = "1142"

					#=================================================================================





					# Starting Script section 

					#=================================================================================

					# Gather the start time of the script

					$StartTime = Get-Date

					#Set variable to be used in logging events

					$whoami = whoami

					# Load MOMScript API

					$momapi = New-Object -comObject MOM.ScriptAPI

					# Load PropertyBag function

					$bag = $momapi.CreatePropertyBag()

					#Log script event that we are starting task

					$momapi.LogScriptEvent($ScriptName,$EventID,0,"`n Script is starting. `n Running as ($whoami).")

					#=================================================================================





					# Begin MAIN script section

					#=================================================================================





					$strCondition = "Good"



					#Evaluate Settings for less secure protocols

					$Exchanges = @("Diffie-Hellman","ECDH","PKCS")



					Function CheckBadExchanges ($Exchange, $value , $status)





					{



					Write-Host "Checking $Exchange"

					$check = $status



					if($Exchange -ne $null)



					{



					if($Exchange -eq "ECDH" -OR $Exchange -eq "PKCS")

					{



					if ($value -ne "4294967295"){$check = "Bad"}



					}



					Else

					{



					$Exchange



					if($value -ne 0){$check = "Bad"}

					$check



					}

					}













					return $check



					}





					foreach($item in $Exchanges)

					{



					$health = "Good"



					$ExchangeKey = Get-ChildItem "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms" | Get-ItemProperty | Where {$_.PSChildName -like $item}







					if($ExchangeKey -eq $null){$health = "Bad"}



					$test = CheckBadExchanges -exchange $ExchangeKey.PSChildName -value $ExchangeKey.Enabled -status $health



					if($test -eq "Bad"){$strCondition = "Bad"

					$badsec = "Unhealthy"

					Break

					}

					}





					$strCondition







					if ($strCondition -eq "Good")

					{

					$momapi.LogScriptEvent($ScriptName,$EventID,0,"Good Condition Found")

					$bag.AddValue('Result','Compliant')

					}

					else

					{

					$momapi.LogScriptEvent($ScriptName,$EventID,0,"Bad Condition Found")

					$bag.AddValue('Result','NonCompliant')

					}



					# Return all bags

					$bag





					# End of script section

					#=================================================================================

					#Log an event for script ending and total execution time.

					$EndTime = Get-Date

					$ScriptTime = ($EndTime - $StartTime).TotalSeconds

					$momapi.LogScriptEvent($ScriptName,$EventID,0,"`n Script Completed. `n Script Runtime: ($ScriptTime) seconds.")

					#=================================================================================

					# End of script

</Script></ScriptBody>

          <TimeoutSeconds>$Config/TimeoutSeconds$</TimeoutSeconds>

          <StrictErrorHandling>false</StrictErrorHandling>

        </ProbeAction>

      </MemberModules>

      <Composition>

        <Node ID="Probe"/>

      </Composition>

    </Composite>

  </ModuleImplementation>

  <OutputType>System!System.PropertyBagData</OutputType>

  <TriggerOnly>true</TriggerOnly>

</ProbeActionModuleType>