bunny-lab/Borealis-Github-Replica
1
0
Fork 0
mirror of https://github.com/bunny-lab-io/Borealis.git synced 2025-10-26 17:21:58 -06:00
Code Issues Packages Projects Releases Wiki Activity

Additional Changes to Auditing

Browse Source
This commit is contained in:
Nicole Rappe
2025-10-09 19:39:22 -06:00
parent 48c1854572
commit f9e73f0b71
1 changed files with 29 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
Data/Agent/Roles/role_DeviceAudit.py
View File

@@ -60,6 +60,20 @@ def detect_agent_os():
edition_id = _get("EditionID", "") edition_id = _get("EditionID", "")
composition_edition = _get("CompositionEditionID", "") composition_edition = _get("CompositionEditionID", "")
product_type = _get("ProductType", "") product_type = _get("ProductType", "")
# Prefer WMI caption when available because it carries the official
# Windows Server branding (e.g., "Microsoft Windows Server 2022 Standard").
wmi_caption = ""
try:
cmd = "(Get-CimInstance Win32_OperatingSystem | Select-Object -ExpandProperty Caption) -replace '^Microsoft ', ''"
out = subprocess.run(
["powershell", "-NoProfile", "-Command", cmd],
capture_output=True,
text=True,
timeout=5,
)
wmi_caption = (out.stdout or "").strip()
except Exception:
wmi_caption = ""
try: try:
build_int = int(str(build_number).split(".")[0]) if build_number else 0 build_int = int(str(build_number).split(".")[0]) if build_number else 0
@@ -77,6 +91,14 @@ def detect_agent_os():
# the major label when the product name is unavailable. # the major label when the product name is unavailable.
def _is_server() -> bool: def _is_server() -> bool:
try: try:
try:
wver = sys.getwindowsversion() # type: ignore[attr-defined]
if getattr(wver, 'product_type', 0) in (2, 3):
return True
except Exception:
pass
if wmi_caption and 'server' in wmi_caption.lower():
return True
server_markers = ( server_markers = (
product_name, product_name,
installation_type, installation_type,
@@ -86,14 +108,18 @@ def detect_agent_os():
for marker in server_markers: for marker in server_markers:
if isinstance(marker, str) and 'server' in marker.lower(): if isinstance(marker, str) and 'server' in marker.lower():
return True return True
pt = (product_type or '').lower() pt = (str(product_type).lower()) if product_type is not None else ''
return pt in ('servernt', 'lanmannt', 'domaincontroller') return pt in ('servernt', 'lanmannt', 'domaincontroller', 'serverserver', 'server', '3')
except Exception: except Exception:
return False return False
is_server = _is_server() is_server = _is_server()
base_name = (product_name or "").strip() base_name = ""
if wmi_caption:
base_name = wmi_caption
if not base_name:
base_name = (product_name or "").strip()
if not base_name: if not base_name:
base_name = f"Windows {major_label}".strip() base_name = f"Windows {major_label}".strip()
elif not base_name.lower().startswith("windows"): elif not base_name.lower().startswith("windows"):