Home
  •  

Gateway Discovery

Microsoft.AdvancedThreatAnalytics.1_9.Gateway.Discovery (Discovery)

Discovers Microsoft ATA 1.9 Gateway Properties using PowerShell

Knowledge Base article:

Summary

This discovery discovers instances of Microsoft ATA 1.9 Gateway class as well as their properties on computers.

Element properties:

TargetMicrosoft.AdvancedThreatAnalytics.1_9.Seed
EnabledTrue
Frequency14400
RemotableFalse

Object Discovery Details:

Discovered Classes and their attribuets:
  • Microsoft.AdvancedThreatAnalytics.1_9.Gateway.LightWeight
    • ServerName
    • ServiceProxyServicePrimaryDnsEndpointAddress
    • ServiceProxyServicePrimaryDnsEndpointPort
    • ServiceProxyServicePrimaryCertificateThumbprint
    • ManagementClientServerCertificateThumbprint
    • ManagementClientServerName
    • SystemProfileId
    • SecretManagerCertificateThumbprint
    • Version
    • IsLightWeight
    • InstallationPath
    • DisplayName
  • Microsoft.AdvancedThreatAnalytics.1_9.Gateway.Standalone
    • ServerName
    • ServiceProxyServicePrimaryDnsEndpointAddress
    • ServiceProxyServicePrimaryDnsEndpointPort
    • ServiceProxyServicePrimaryCertificateThumbprint
    • ManagementClientServerCertificateThumbprint
    • ManagementClientServerName
    • SystemProfileId
    • SecretManagerCertificateThumbprint
    • Version
    • IsLightWeight
    • InstallationPath
    • DisplayName

Member Modules:

ID Module Type TypeId RunAs 
PowerShell DataSource Microsoft.AdvancedThreatAnalytics.1_9.Gateway.Discovery.DataSource Default

Source Code:

<Discovery ID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway.Discovery" Enabled="true" Target="Microsoft.AdvancedThreatAnalytics.1_9.Seed" ConfirmDelivery="true" Remotable="false" Priority="Normal">

  <Category>Discovery</Category>

  <DiscoveryTypes>

    <DiscoveryClass TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway.Standalone">

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="ServerName"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="ServiceProxyServicePrimaryDnsEndpointAddress"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="ServiceProxyServicePrimaryDnsEndpointPort"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="ServiceProxyServicePrimaryCertificateThumbprint"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="ManagementClientServerCertificateThumbprint"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="ManagementClientServerName"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="SystemProfileId"/>

      <!--

            <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway.Standalone" PropertyID="SystemProfileId" />

            -->

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="SecretManagerCertificateThumbprint"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="Version"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="IsLightWeight"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="InstallationPath"/>

      <Property TypeID="System!System.Entity" PropertyID="DisplayName"/>

    </DiscoveryClass>

    <DiscoveryClass TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway.LightWeight">

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="ServerName"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="ServiceProxyServicePrimaryDnsEndpointAddress"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="ServiceProxyServicePrimaryDnsEndpointPort"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="ServiceProxyServicePrimaryCertificateThumbprint"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="ManagementClientServerCertificateThumbprint"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="ManagementClientServerName"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="SystemProfileId"/>

      <!--

            <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway.LightWeight" PropertyID="SystemProfileId" />

            -->

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="SecretManagerCertificateThumbprint"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="Version"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="IsLightWeight"/>

      <Property TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway" PropertyID="InstallationPath"/>

      <Property TypeID="System!System.Entity" PropertyID="DisplayName"/>

    </DiscoveryClass>

  </DiscoveryTypes>

  <DataSource ID="PowerShell" TypeID="Microsoft.AdvancedThreatAnalytics.1_9.Gateway.Discovery.DataSource">

    <computerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/PrincipalName$</computerName>

    <IntervalSeconds>14400</IntervalSeconds>

  </DataSource>

</Discovery>