Hello,
I would like to see applications installed in %appdata%, such as Signal or WhatsApp Web, in the software inventory.
Is this possible?
Thank you
, Frédérique
Software inventory, missing software
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
Hello
, you can use this package: https://wapt.tranquil.it/store/fr/tis-a ... -softwares
This will display the software in the audit data.
There's also this package for apps:
https://wapt.tranquil.it/store/fr/detai ... _PROD.wapt
, you can use this package: https://wapt.tranquil.it/store/fr/tis-a ... -softwares
This will display the software in the audit data.
There's also this package for apps:
https://wapt.tranquil.it/store/fr/detai ... _PROD.wapt
-
dcardon
- WAPT Expert
- Messages: 1930
- Registration: June 18, 2014 - 09:58
- Location: Saint Sébastien sur Loire
- Contact :
Hello Frédérique,
and once you've completed your audit and standardized the installations, the ultimate measure from a security and controlled asset management perspective is to configure AppLocker/SRP to block executable files in the %appdata% directory. This is very effective in preventing all kinds of malware.
Best regards,
Denis
and once you've completed your audit and standardized the installations, the ultimate measure from a security and controlled asset management perspective is to configure AppLocker/SRP to block executable files in the %appdata% directory. This is very effective in preventing all kinds of malware.
Best regards,
Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Thank you.
I downloaded the TIS and pushed the package to my computer. Unfortunately, I can't find Signal and WhatsApp Web in the software inventory, even though they appear in Add/Remove Programs
. We'll implement AppLocker (via SentinelOne).
I downloaded the TIS and pushed the package to my computer. Unfortunately, I can't find Signal and WhatsApp Web in the software inventory, even though they appear in Add/Remove Programs
. We'll implement AppLocker (via SentinelOne).
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
oh yes indeed
{"id":524,"host":"4c4c4544-0046-5010-8036-c8c04f585633","value_id":2,"value_date":"2025-03-19T15:44:19.951259","value_section":"audit-user-install d-softwares","value_key":"audit-user-installed-softwares","value":{"C:\\Users\\14166":[{"key":"7d96caee-06e6-597c-9f2f-c7bb2e0948b4","name":"Signal 7.46.1","version":"7.46.1","publisher":"Signal Messenger, LLC","install_date":"","install_location":"","system_component":0,"uninstall_string":"\"C:\\Users\\14166\\AppData\\Local\\Programs\\signal-desktop\\Uninstall Signal.exe\" /currentuser"},{"key":"ab389edf02bdd1062629fbc418c7983f","name":"WhatsApp Web","version":"1.0","publisher":"Google\\Chrome","install_date":"20240926","install_location":"","system_component":0,"uninstall_string":"\"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe\" --profile-directory=Default --uninstall-app-id=hnpfjngllnobngcgfapefoaidbinmjnm"}]},"expiration_date":null,"created_on":"2025-03-19T15:44:21.294252","created_by":null,"computer_fqdn":"delpl-202400010.ad.sdis91.fr","description":"GSIC FIXE Fred Emme","server_name":"wapt.intra.sdis91.fr","_section":"audit-user-installed-softwares","_key":"audit-user-installed-softwares"}
I now need to extract this data with a report, I think.
Thank you.
{"id":524,"host":"4c4c4544-0046-5010-8036-c8c04f585633","value_id":2,"value_date":"2025-03-19T15:44:19.951259","value_section":"audit-user-install d-softwares","value_key":"audit-user-installed-softwares","value":{"C:\\Users\\14166":[{"key":"7d96caee-06e6-597c-9f2f-c7bb2e0948b4","name":"Signal 7.46.1","version":"7.46.1","publisher":"Signal Messenger, LLC","install_date":"","install_location":"","system_component":0,"uninstall_string":"\"C:\\Users\\14166\\AppData\\Local\\Programs\\signal-desktop\\Uninstall Signal.exe\" /currentuser"},{"key":"ab389edf02bdd1062629fbc418c7983f","name":"WhatsApp Web","version":"1.0","publisher":"Google\\Chrome","install_date":"20240926","install_location":"","system_component":0,"uninstall_string":"\"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe\" --profile-directory=Default --uninstall-app-id=hnpfjngllnobngcgfapefoaidbinmjnm"}]},"expiration_date":null,"created_on":"2025-03-19T15:44:21.294252","created_by":null,"computer_fqdn":"delpl-202400010.ad.sdis91.fr","description":"GSIC FIXE Fred Emme","server_name":"wapt.intra.sdis91.fr","_section":"audit-user-installed-softwares","_key":"audit-user-installed-softwares"}
I now need to extract this data with a report, I think.
Thank you.
-
dcardon
- WAPT Expert
- Messages: 1930
- Registration: June 18, 2014 - 09:58
- Location: Saint Sébastien sur Loire
- Contact :
Hello Frédérique,
And well, as I said earlier, the best thing to do is to block the installation in %appdata%
Denis
The Add/Remove Programs interface in Windows aggregates system-wide software and software installed within the user session. If this content is displayed, the information shown in WAPT would depend on the currently logged-in user, which could be misleading. It's important to differentiate between the two (and Microsoft doesn't help by mixing everything together...).
And well, as I said earlier, the best thing to do is to block the installation in %appdata%
Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
