Hi,
Does Sophos provide any native WMI namespaces/classes to programmatically retrieve information about the Endpoint Agent installed directly on devices, both Windows Client OS and Windows Server OS? For example I am looking to gather the overall health status (green tick, yellow warning, red critical etc. and the reason for each status) of devices that is shown in the 'Status' tab of the Sophos Endpoint Agent.
I have looked into the standard root/SecurityCenter and root/SecurityCenter2 namespaces but these do not exist on Windows Server OS.
We are a Sophos Partner and manage multiple organisations endpoints, and while we do use the Sophos Partner portal for day-to-day activities I am looking for a way to include the status of Sophos in a monthly report, which also includes Windows Patch/Update health, disk health and lots more so would like it all captured in the one place; I am using PowerShell for gathering this other data.
I appreciate I can use the Sophos Central online API to check this information, however if I am running PowerShell scripts locally in an organisations environment, considering I am looking at many thousands of devices per organisation, checking them one-by-one as part of a PowerShell loop would be extremely inefficient use of internet bandwidth. And of course if the WAN is offline the online API won't work anyway!
Essentially the script starts by gathering computer objects from AD then looping through, making both remote PowerShell and remote WMI/CIM connections and interrogating the necessary WMI classes needed to get my other data.
Thanks
