Skip to Main Content
Liongard Library

Welcome to Liongard Library, where Lions share! This is a community-led space where Liongard users can come to teach and learn from one another.
Share custom Metrics, get inspired and see what’s trending in the Pride.

Pride Etiquette:
➕ Have great custom Metrics? Add them as entries!
🌟 Want to use a Metric? Copy the query and
follow this doc.
👍 Tried a Metric from the Library? Like it!
📣 Have a question or feedback on a Metric? Add a comment!
🔎 Not sure where to start? Learn about Metrics and how to write them.
💬 Need help writing a metric or want to help support others? Join the conversation in our Liongard Lounge #metrics slack channel.


🥴 See something off? Open a support chat to let us know.

Categories Active Directory
Created by Ryan Wooff
Created on Dec 2, 2022

Active Directory: Software Restriction Policy Checker

We have several techs at our MSP that will turn off the entire SRP to install a blocked application. Obviously this is a no-no and should be avoided but with this Liongard metric you can create a simple rule to see if the policy has been disabled.


To create the rule, simply use this metric with the operator: contains and the threshold: false


This way, if the policy is enabled OR the client doesn't even have a policy for this you won't get an alert. BUT, if either the users or computers have this policy disabled you will get an alert!

Query

to_string(GroupPolicyDetails[?contains (Name, 'Software')].[Name,UserEnabled,ComputerEnabled][])

  • Attach files