Apr 17 2024 05:07 AM
I want to query:
The MSFT_MpComputerStatus to get the description of AMEngineVersion
- The AM Engine version (major, minor, build, revision)
or equivalent
I want to get the description of the property in my script.
Here is the list of properties: https://learn.microsoft.com/en-us/previous-versions/windows/desktop/defender/msft-mpcomputerstatus#p...
Apr 17 2024 02:50 PM
hHi @nilanjenator
Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/microsoft/windows/defender -Property *
Kind Regards
Andres
Apr 17 2024 04:31 PM
Apr 17 2024 09:47 PM
Hi, Nilan-jan.
For the benefit of others and to set the context correctly, by class, we're talking about WMI "classes" here, not .NET classes - which is what PowerShell frequently refers to. There are no descriptions for .NET classes or their members, in case you were wondering.
With that out of the way, the description qualifier - be that from the class or the class' members - is far more miss than hit as it's rarely defined. This holds true for MSFT_MpComputerStatus, where the Description qualifier is not defined (on the class or the members).
So, the short answer to your question is: you cannot pull the description for each class member of the MSFT_MpComputerStatus class as no descriptions exist.
Still, we can look at the "how" by looking at this class as well as another that does feature descriptions, as that might help you in the future should you find yourself working with a provider that has populated the description qualifier.
First, let's look at an example where the Description qualifier has been populated on the class definition.
And now let's compare that to MSFT_MpComputerStatus, where we can see we get a $null back when we try asking for the Description qualifier:
The approach is the same for members - we're just stepping down one level.
Here, we can see that a Description qualifier has been set on the WorkOffline property:
While for the MSFT_MpComputerStatus class, we can see (I've trimmed the screenshot to show just the first property) that Description has not been defined (only a qualifier named "read" has been defined):
So, if we ask for it, we'll only get back a $null value:
Hopefully that helps you navigate WMI classes more broadly, despite the inability to achieve what you're after with MSFT_MpComputerStatus.
Cheers,
Lain