Occassionally, at my office, we get security alerts for vulnerabilities. I have a playbook that will get run “rpm -q” on the package name and it returns the version installed. For example, google-chrome-stable.
How can I accomplish this on our Windows servers? I have Ansible working for them and have done basic stuff such as win_ping, win_command, etc. But I’d like to be able to check the software versions without using RDP to connect to each server and check the version manually.
Not all software but most of installed. Just add filter ’ Get-WmiObject -Class Win32_Product | Where-Object { $_.Name -like ‘vagrant*’ } | Select-Object Name, Version’
Querying Win32_product isn’t a good idea. It can take a long amount of time because it will result in basically every software package revalidating itself, in some rare cases, it can break things.