Check Compliance of Any Patch Policy, Worklet, or Required Software Policy

  • 2 June 2021
  • 0 replies

Userlevel 5

Original script written by @AX-Jon in May 2021, this will check compliance against any system the policy is running against. It can check for a policy, worklet, or required software policy.

Just set the following:

$apiKey = 'YOUR_API_KEY' - in your console, click on the three dots in the upper right, select KEYS, then copy your API key. Note that the API key is per admin user, so you and another admin in your console will have different API keys.

$orgID = 'YOUR_ORG_ID' - put your Org ID which can be found by looking at the URL on the device page and selecting the value after the “?o=”: [ ]. In this example the Org ID is 1234.

$policyID - put your PolicyID for the policy, worklet, or required software policy here. The easiest way to find the policy ID is to go to the page of the policy and grab the value in the URL after the “&pid=” : [ ]. In this example the policy ID is 99999.

# -- Modify Variables --------------------------------

# Replace the two variables below with your Org ID and your API key
$orgID = 'YOUR_ORG_ID'
$apiKey = 'YOUR_API_KEY'

# Replace with ID of policy you would like to search, the Policy ID can be found in your browser URL when editing the policy in the dashboard
$policyID = 78188

# Replace if you'd like the output in another location
$logFilePath = 'C:\Temp\Servers_PolicyStatus.csv'

# ----------------------------------------------------

# Initialize empty arrays to store Events
$Output = @()
$page = 0
$limit = 500

# Get the JSON body of the Web Request
while($true) {
$uri = "$orgID&api_key=$apiKey&limit=$limit&page=$page"
$resp = (Invoke-WebRequest -UseBasicParsing -Uri $uri).Content | ConvertFrom-Json
$Output += $resp | Where-Object {$_.policy_status | Where-Object {$_.policy_id -eq "$policyID"}} |
Select-Object Name,
e={$_.policy_status | Where-Object {$_.policy_id -eq "$policyID"} | Select policy_name -expand policy_name}
e={$_.policy_status | Where-Object {$_.policy_id -eq "$policyID"} | Select status -expand status}
if($resp.results.count -lt 500) {
$page += 1

Foreach ($server in $Output) {
Switch ($server.policy_status) {
1 {$server.policy_status = "Compliant"}
2 {$server.policy_status = "Pending"}

$Output | Export-Csv -Path $logFilePath -NoTypeInformation -Force

0 replies

Be the first to reply!