Win32_USBHub ManagementPack

Win32_USBHub ManagementPack

  • Win32_USBHub Overview

The Win32_USBHub ManagementPack uses the Win32_USBHub class. According to Microsoft documentation, The Win32_NetworkLoginProfile class represents the network login information of a particular user on a Win32 system. This includes, but is not limited to, password status, access privileges, disk quotas, and login directory paths.

While this Windows Management Instrumentation (WMI) class and associated properties could be called as standalone code, contained inside a ManagementPack, the SCOM engine uses the class structure to produce a table that then gets populated through the discovery and then displayed through a view inside System Center Operations Manager (SCOM).

It also includes a dedicated USBHub Report in SRS format

While the ManagementPack targets Server Computers, it could also be built to target Client Computers.

  • FAQs
  • Why was this ManagementPack created?

This ManagementPack was created to support cross Enterprise collection of vital account information that explores and displays the integrity, security, and comparative accuracy of each server’s Network Login accounts.

The beauty of this ManagementPack is its ability to collect all the information for all the servers in one table.

Using SQL Server, a connection string and a SQL Query can be created to reacquire the data and be mined to support a wide variety of outputs including Access, Excel, HTA, HTML and XSL – just to name a few.

Once the information is transformed into a reporting tool, the ManagementPack can be deleted from SCOM and the table it produced will no longer exist.

  • How Often should it be used?

Because of the way the ManagementPack works, it is strongly recommended to use it once to build an informational foundation and then use it once a month thereafter to determine if any of the accounts have changed or are about to expire.

There are also two other times when you may want to consider this ManagementPack would deem necessary. When an account has been suspect of being tampered with and when an account should no longer be on the server.

  • How much time does it save?

In terms of development and testing, about a week.

  • How long does it take for the data to show up in the operations manager console?

There are a lot of factors that could stop this from happening immediately. Normally, by design, since the discovery is run almost immediately, the data can be viewed just as fast.

  • Are there any customizations for my environment that I need to add to the management pack?

No, there are no customizations required.

  • Can I customize the discovery Interval?

Yes, you can. By default, the interval is set to 86,400 seconds or once a day. You can adjust the interval as well as the timeout interval to the desired response and timeout conditions through the SCOM Console.

  • How often does the data get updated?

When the ManagementPack is installed, the discovery gets run after that it will be based on the frequency set for it to run—which is currently once a day.

  • How will I know when a new version of the management pack is released?

There are two ways this can happen. Provide us with your E-mail address or come to the site and look for the words “Updated Release” beside the name of this ManagementPack.

  • Can you supply us with a custom report?

With a great amount of pride and enthusiasm, we certainly can.

Unfortunately, while not problem for us, this may be a SQL Server security issue for you.

So many times it works for us, but doesn’t work for our customers.

If it isn’t an issue, then E-mail us.

Share:

Facebook
Twitter
LinkedIn

Contact Us

=
On Key

More Posts

WME Security Briefing 27 May 2024

Kinsing Hacker Group Exploits Docker Vulnerabilities Overview Recent investigations have shown that the hacker group Kinsing is actively exploiting Docker vulnerabilities to gain unauthorized access to systems. The modified hacker group targets misconfigured Docker API ports deployed with cryptocurrency mining malware.

Read More »
WME Cybersecurity Briefings No. 010
Cyber Security

WME Security Briefing 20 May 2024

Advanced Persistent Threats: North Korean Hackers Launch Golang Malware Overview A new malware strain, called Titan Stealer, is currently actively circulating in the threat landscape, targeting a variety of personal data and linked to North Korean state-sponsored cyber espionage

Read More »
WME Cybersecurity Briefings No. 009
Cyber Security

WME Security Briefing 08 May 2024

Exploitable vulnerability in Microsoft Internet Explorer, used to deploy VBA Malware Overview Cybersecurity researchers discovered a severe exploitation targeting a bug that had already been patched in the Microsoft Internet Explorer browser. Their report added that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.

=