As an IT admin, you probably have lots of daily tasks to complete — performing operating system patching, running environment health checks, conducting software troubleshooting, and much more. These tasks can prove tedious and time consuming, and it’s likely you’ve created many helpful scripts to automate some of the work and make it easier.
You can deploy those scripts to end-user devices to complete these tasks. However, you do run the risk of the scripts being injected and compromised if, for example, malware or the end user changes the script content but the file location and file name stay the same. It’s difficult to identify that kind of change, which can cause security concerns.
You also might need to collect data around the end-user devices, such as whether they’re using prohibited software, transmitting or receiving malicious network traffic, and, ultimately, compromising information related to company policies. Based on that data, you can take actions like uninstalling software or blocking a device’s network access. But how can you surface the data you need and filter out the data you don’t?
The Scripted Task solution in Workspace Environment Management (WEM) helps to simplify the management of your daily tasks through these scripts, ensuring the security of the scripts you’re deploying and running without adding complexity to your day. Here’s how it works.
First, upload your scripts to the WEM web console as scripted tasks. Then configure one or more agent machines to run them.
Specify the level of access you want to grant to the scripted task. These levels include full access; limited access with network; and limited access without network. This adds an extra layer of security to protect against attacks from untrusted scripts that can affect the OS. WEM also lets you decide whether to verify the signature before running the task. Signature verification is mandatory when the scripted task is granted full access and protects the scripts from tampering by bad actors to exfiltrate data or cause other harm.
WEM also supports the collection of report data based on regular expression matches. By default, WEM collects output file content and console output. As the IT admin, you can define a regular expression that describes the content you want to highlight in the report. WEM then does regular expression matching for the output content and highlights the matched content. You can also choose to collect context clues for the relevant matches.
Consider a case where you have a script with thousands of lines of output, and you need to count the number of times the “Error” keyword appears in the output. With WEM, you simply define a regular expression and you get the information you need quickly and easily.
If you’re an IT admin facing challenges around scripts, use WEM to make completing your daily tasks faster, more efficient, and easier. Check out our product documentation on Scripted Task solution in Workspace Environment Management (WEM).
