cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
infosecphill
Engaged Sweeper
I've created a new report for the Internet Explorer Zero-Day Vulnerability Audit and would like to include the results of a registry scan into the report to show if an asset contains WSUS settings, so we can identify which devices are managed by our patching tool and which aren't.

The registry keys we are scanning are and want listed in the report are:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate Value:TargetGroup HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate Value:WUServer
1 REPLY 1
JacobH
Champion Sweeper III
This isn't a functioning query - it shows you what to SELECT, and the joins used - joined to tblassets


IsNull(scndtbl.Value, 'No Entry Found') As [WSUS Target Group],
IsNull(thrdtbl.Value, 'No Entry Found') As [WSUS Server]

Left Join (Select tblRegistry.AssetID,
tblRegistry.Valuename,
tblRegistry.Value,
tblRegistry.Regkey
From tblRegistry
Where tblRegistry.Valuename = 'TargetGroup' And
tblRegistry.Regkey Like '%SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate') scndtbl
On tblAssets.AssetID = scndtbl.AssetID
Left Join (Select tblRegistry.AssetID,
tblRegistry.Valuename,
tblRegistry.Value,
tblRegistry.Regkey
From tblRegistry
Where tblRegistry.Valuename = 'WUServer' And
tblRegistry.Regkey Like '%SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate') thrdtbl
On tblAssets.AssetID = thrdtbl.AssetID