Fleet logo
Menu An icon indicating that interacting with this button will open the navigation menu.
Fleet logo An 'X' icon indicating that this can be interacted with to close the navigation menu.
Multi platform
Device management + MDM Orchestration + monitoring Software management + CVEs, usage, software catalog Integrations
Docs Pricing
More
News Case studies Ask around Meetups Share your story
The handbook Get your license Schedule a demo
Try it yourself

Vitals

Fleet’s built-in queries for collecting and storing important device information.

macOS Apple

Linux Linux

Windows Windows

Chrome ChromeOS

MDM

click to open the table of contents

MDM

Retrieves information about the mobile device management (MDM) solution a windows device is enrolled in.

WITH registry_keys AS (
            SELECT *
            FROM registry
            WHERE path LIKE 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments\%%'
          ),
          enrollment_info AS (
            SELECT
              MAX(CASE WHEN name = 'UPN' THEN data END) AS upn,
              MAX(CASE WHEN name = 'DiscoveryServiceFullURL' THEN data END) AS discovery_service_url,
              MAX(CASE WHEN name = 'ProviderID' THEN data END) AS provider_id,
              MAX(CASE WHEN name = 'EnrollmentState' THEN data END) AS state,
              MAX(CASE WHEN name = 'AADResourceID' THEN data END) AS aad_resource_id
            FROM registry_keys
            GROUP BY key
          ),
          installation_info AS (
            SELECT data AS installation_type
            FROM registry
            WHERE path = 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\InstallationType'
            LIMIT 1
          )
          SELECT
            e.aad_resource_id,
            e.discovery_service_url,
            e.provider_id,
            i.installation_type
          FROM installation_info i
          LEFT JOIN enrollment_info e ON e.upn IS NOT NULL
      -- coalesce to 'unknown' and keep that state in the list
      -- in order to account for hosts that might not have this
      -- key, and servers
          WHERE COALESCE(e.state, '0') IN ('0', '1', '2', '3')
      -- old enrollments that aren't completely cleaned up may still be aronud
      -- in the registry so we want to make sure we return the one with an actual
      -- discovery URL set if there is one. LENGTH is used here to prefer those
      -- with actual URLs over empty string/null if there are multiple
          ORDER BY LENGTH(e.discovery_service_url) DESC
          LIMIT 1;

$installationKey = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion"
try {
    $installProps = Get-ItemProperty -Path $installationKey -ErrorAction Stop
    $installationType = $installProps.InstallationType
}
catch {
    $installationType = $null
}

$enrollmentsPath = "HKLM:\SOFTWARE\Microsoft\Enrollments"
$enrollmentKeys = Get-ChildItem -Path $enrollmentsPath -ErrorAction SilentlyContinue

foreach ($key in $enrollmentKeys) {
    try {
        $props = Get-ItemProperty -Path $key.PSPath -ErrorAction Stop
    }
    catch {
        continue
    }
    
    $upn = $props.UPN
    $discoveryServiceUrl = $props.DiscoveryServiceFullURL
    $providerId = $props.ProviderID
    $state = $props.EnrollmentState
    $aadResourceId = $props.AADResourceID

    if (-not $state) { $state = "0" }

    if ($upn -and @("0","1","2","3") -contains $state) {
        $result = [PSCustomObject]@{
            AADResourceID         = $aadResourceId
            DiscoveryServiceURL   = $discoveryServiceUrl
            ProviderID            = $providerId
            InstallationType      = $installationType
        }
        $result | ConvertTo-Json -Compress
        break
    }
}
An icon indicating that this section has important information

PowerShell commands are currently work in progress, contributions welcome.

An icon indicating that this section has important information

Bash commands are currently work in progress, contributions welcome.

Vitals

Battery Disk encryption Disk space Google Chrome profiles Host certificates MDM MDM configuration profiles MDM Disk encryption key file MDM Disk encryption key file lines Munki info Network interfaces Orbit information Operating system information Osquery flags Osquery information Scheduled osquery statistics Software Software codesign Software Firefox Software Python packages Software Python packages including user directory VScode extensions Uptime Users
Disk encryption Disk space Google Chrome profiles Network interfaces Orbit information Operating system information Osquery flags Osquery information Scheduled osquery statistics Software Software Python packages Software Python packages including user directory VScode extensions Uptime Users
Battery Disk encryption Disk space Google Chrome profiles MDM Network interfaces Orbit information Operating system information Operating system version Osquery flags Osquery information Scheduled osquery statistics Software Python packages Software Python packages including user directory VScode extensions Software System information Uptime Users Windows update history
ChromeOS profile user info Google Chrome profiles Network interfaces Operating system information Software Users