Détection SMB pour Windows Server 2012 R2 pour le service fssagent

Microsoft.Windows.FileServices.Service.SMB.6.3.FssAgentEnabled.Discovery (Discovery)

Cette détection spécialise le service SMB pour les serveurs ayant le service fssagent activé pour ajouter une analyse supplémentaire.

Knowledge Base article:

Element properties:

Object Discovery Details:

Member Modules:

Source Code:

<Discovery ID="Microsoft.Windows.FileServices.Service.SMB.6.3.FssAgentEnabled.Discovery" Enabled="true" Target="Microsoft.Windows.FileServices.Service.SMB.6.3" ConfirmDelivery="false" Remotable="true" Priority="Normal">

  <Category>Discovery</Category>

  <DiscoveryTypes>

    <DiscoveryClass TypeID="Microsoft.Windows.FileServices.Service.SMB.6.3.FssAgentEnabled">

      <Property TypeID="System!System.Entity" PropertyID="DisplayName"/>

    </DiscoveryClass>

    <DiscoveryRelationship TypeID="FileServices!Microsoft.Windows.FileServer.Contains.Service"/>

  </DiscoveryTypes>

  <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.WmiProviderWithClassSnapshotDataMapper">

    <NameSpace>\\$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$\ROOT\CIMV2</NameSpace>

    <Query>SELECT ID, Name FROM Win32_ServerFeature WHERE ID = '434'</Query>

    <Frequency>14400</Frequency>

    <ClassId>$MPElement[Name="Microsoft.Windows.FileServices.Service.SMB.6.3.FssAgentEnabled"]$</ClassId>

    <InstanceSettings>

      <Settings>

        <Setting>

          <Name>$MPElement[Name="Windows!Microsoft.Windows.Computer"]/PrincipalName$</Name>

          <Value>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/PrincipalName$</Value>

        </Setting>

      </Settings>

    </InstanceSettings>

  </DataSource>

</Discovery>