Remote Monitor Series: Finding machines where Bitlocker is not protecting drives

2018-11-08T21:01:45+00:00November 8th, 2018|

This is going to be the first in a number of blog posts that will give ideas/starting points for adding more value to your client monitoring. In this series I will not be focusing on how to create these monitors, more the code that can be used. I cover creating remote monitor creation here if you are not sure how to go about creating these.

Today’s monitor is a monitor that finds any Bitlocker that has a protection status of anything but on. If you want to build this into a search/group structure as per the article I linked to above, I have a role detection to easily single out any machine where Bitlocker is being “used” available here.

Remote Monitor Tips:

  • Powershell remote monitors largely start in the same way, POWERSHELL HERE being replaced for, unsurprisingly, Powershell

  • Powershell remote monitors can be executed from a normal command prompt (may need to run as Administrator)
  • Remote monitors check for GOOD conditions, not bad. In this monitors case a count of 0 is the condition you should check for on the actual monitor

Leave A Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.