This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Manual Update Via Command Line/Script

Hello,

I have searched both the web and these forums for a way to kick off a manual update for Sophos Endpoint Security and Control 9.5 via a script or the command line.  I can right click on the Sophos tray icon and choose 'Update now' just fine, but need a script or command line to be able to manually force an update on a machine remotely.  Is there a way to do that?


Thanks

:12573


This thread was automatically locked due to age.
Parents
  • How about something like this as an idea:

    'Script to check if the uptime of a machine is greater than 5 minutes.
    ' if so it sets the reboot required to 0 and calls update now to force state to SEC.
    
    const HKEY_LOCAL_MACHINE = &H80000002
    
    dim strRegistryKey, strKeyPath, intRestartRequired
    
    intRestartRequired = 0 ' set 0 to clear reboot, set to 1 to mark as reboot required.
    
    if Is64() then
    	strKeyPath = "SOFTWARE\Wow6432Node\Sophos\AutoUpdate\UpdateStatus"
    else
    	strKeyPath = "SOFTWARE\Sophos\AutoUpdate\UpdateStatus"
    end if
    
    if datediff ("n", GetLastBoot(), Date() & " " & Time() ) > 5 then
    	'The machine has been rebooted
    	SetKey()	
    	CallUpdate()	
    end if
    
    
    'Functions ---------------------------------------------------------------------
    '-------------------------------------------------------------------------------
    Function GetLastBoot()
    	
    	on error resume next
    	
    	set objWMIDateTime = CREATEOBJECT("WbemScripting.SWbemDateTime")
    	set objWMI = GETOBJECT("winmgmts:\\.\root\cimv2")
    	set colOS = objWMI.InstancesOf("Win32_OperatingSystem")
    	
    	for each objOS in colOS
    		objWMIDateTime.Value = objOS.LastBootUpTime
    		GetLastBoot = objWMIDateTime.GetVarDate 
    	next
    
    	set objWMIDateTime = nothing
    	set objWMI = nothing
    	set colOS = nothing
    		
    End Function
    
    '-------------------------------------------------------------------------------
    
    '-------------------------------------------------------------------------------
    Function Is64()
        
    	on error resume next
        
    	dim objWMIService, objColSettings, strDesc, objProcessor
    	
    	Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
    	Set objColSettings = objWMIService.ExecQuery ("SELECT * FROM Win32_Processor") 
    	
       	For Each objProcessor In objColSettings 
    		strDesc = objProcessor.AddressWidth 
    	Next 
    	
        if strDesc = "32" then
            Is64 = false
        end if
        if strDesc = "64" then
            Is64 = true
        end if
    	
        Set objWMIService = nothing
    	set objColSettings = nothing
    	
    End Function
    '-------------------------------------------------------------------------------
    
    '-------------------------------------------------------------------------------
    Function SetKey()
    
    	dim objReg
    	
    	set objReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
    	objReg.SetDWORDValue HKEY_LOCAL_MACHINE, strKeyPath, "RebootRequired", intRestartRequired
    
    	set objReg = nothing
    
    End Function
    '-------------------------------------------------------------------------------
    
    
    '-------------------------------------------------------------------------------
    Function CallUpdate()
      
      dim objALC
      
      set objALC = CreateObject("ActiveLinkClient.ClientUpdate.1")
      objALC.UpdateNow 1,1
     
    End Function 
    '-------------------------------------------------------------------------------

    This will set the RebootRequired key to 0 if the machine has been up for more than 5 minutes (adjust as required) then call an update now.  At the end of the update the endpoint will send back a message to clear the alert in SEC.

    Hope it's useful.  I haven't tested it much, just threw together a few functions I had already.

    Regards,

    Jak

    :20917
Reply
  • How about something like this as an idea:

    'Script to check if the uptime of a machine is greater than 5 minutes.
    ' if so it sets the reboot required to 0 and calls update now to force state to SEC.
    
    const HKEY_LOCAL_MACHINE = &H80000002
    
    dim strRegistryKey, strKeyPath, intRestartRequired
    
    intRestartRequired = 0 ' set 0 to clear reboot, set to 1 to mark as reboot required.
    
    if Is64() then
    	strKeyPath = "SOFTWARE\Wow6432Node\Sophos\AutoUpdate\UpdateStatus"
    else
    	strKeyPath = "SOFTWARE\Sophos\AutoUpdate\UpdateStatus"
    end if
    
    if datediff ("n", GetLastBoot(), Date() & " " & Time() ) > 5 then
    	'The machine has been rebooted
    	SetKey()	
    	CallUpdate()	
    end if
    
    
    'Functions ---------------------------------------------------------------------
    '-------------------------------------------------------------------------------
    Function GetLastBoot()
    	
    	on error resume next
    	
    	set objWMIDateTime = CREATEOBJECT("WbemScripting.SWbemDateTime")
    	set objWMI = GETOBJECT("winmgmts:\\.\root\cimv2")
    	set colOS = objWMI.InstancesOf("Win32_OperatingSystem")
    	
    	for each objOS in colOS
    		objWMIDateTime.Value = objOS.LastBootUpTime
    		GetLastBoot = objWMIDateTime.GetVarDate 
    	next
    
    	set objWMIDateTime = nothing
    	set objWMI = nothing
    	set colOS = nothing
    		
    End Function
    
    '-------------------------------------------------------------------------------
    
    '-------------------------------------------------------------------------------
    Function Is64()
        
    	on error resume next
        
    	dim objWMIService, objColSettings, strDesc, objProcessor
    	
    	Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
    	Set objColSettings = objWMIService.ExecQuery ("SELECT * FROM Win32_Processor") 
    	
       	For Each objProcessor In objColSettings 
    		strDesc = objProcessor.AddressWidth 
    	Next 
    	
        if strDesc = "32" then
            Is64 = false
        end if
        if strDesc = "64" then
            Is64 = true
        end if
    	
        Set objWMIService = nothing
    	set objColSettings = nothing
    	
    End Function
    '-------------------------------------------------------------------------------
    
    '-------------------------------------------------------------------------------
    Function SetKey()
    
    	dim objReg
    	
    	set objReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
    	objReg.SetDWORDValue HKEY_LOCAL_MACHINE, strKeyPath, "RebootRequired", intRestartRequired
    
    	set objReg = nothing
    
    End Function
    '-------------------------------------------------------------------------------
    
    
    '-------------------------------------------------------------------------------
    Function CallUpdate()
      
      dim objALC
      
      set objALC = CreateObject("ActiveLinkClient.ClientUpdate.1")
      objALC.UpdateNow 1,1
     
    End Function 
    '-------------------------------------------------------------------------------

    This will set the RebootRequired key to 0 if the machine has been up for more than 5 minutes (adjust as required) then call an update now.  At the end of the update the endpoint will send back a message to clear the alert in SEC.

    Hope it's useful.  I haven't tested it much, just threw together a few functions I had already.

    Regards,

    Jak

    :20917
Children
No Data