Overview:
This article outlines the steps to collect specific Windows registry key data from target devices using the Endpoint Management (EM) module. This can help in auditing configuration settings or troubleshooting system behavior across multiple endpoints.
Steps to Collect a Registry Key:
1. Access the EM Module
Log in to the Saner CVEM Console.
Navigate to the Endpoint Management (EM) module.
Click on the “Checks” tab from the left-hand navigation pane.
2. Open the Tools Section
Select the “Tools” option to initiate a new registry check.
Click on the Registry icon to begin defining your registry query.
3. Define the Registry Collection Rule
Enter the details of the registry key you want to collect:
Hive:
HKEY_LOCAL_MACHINE
Key:
SYSTEM\CurrentControlSet\Control\Session Manager\Power
Name:
HiberBootEnabled
Note: Replace the Key and Name fields as needed, based on the specific registry entry you intend to collect.
4. Select Target Scope
Click on “Scope” to choose the target devices.
Select the devices from which you want to retrieve registry data.
Click the Submit (✓) icon to dispatch the query to the selected devices.
5. Response and Results Handling
The query will be executed on the selected devices.
Devices that are online and have the specified registry key will return the corresponding values.
Example: If 5 out of 8 devices respond, this indicates that those 5 devices are currently online and contain the requested registry key.
6. Viewing the Results
Navigate to the “Results” section within the EM module.
You’ll see a list of devices that responded, along with the registry values retrieved from each.
Additional Tips:
Ensure that all target devices are powered on and connected to the network before initiating the registry check.
If a device does not return any result:
Confirm the device is online.
Verify that the specified registry key path exists on the target system.
If you encounter any issues or need further assistance, please contact SecPod Support.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article