Auditing Software with Chocolatey

Auditing Software with Chocolatey

Posted on July 11, 2018 0 Comments

Knowing what software is installed on your desktops and servers is crucial in an organization. This is common sense to sysadmins. We like to know information such as installation date, version and who installed it. By default, in Windows, you can get some of this information, but not all of it. It also helps to find packages that need to be upgraded to newer versions.

Chocolatey helps in these areas as it provides insight into the information I referenced. The power of Chocolatey, in my opinion, is in its CLI (command-line interface). In this article, I will show how Chocolatey can provide a great way to audit software installed on Windows machines.

Showing Chocolatey Packages in Programs and Features

Free Trial

Chocolatey manages packages separately from Windows. This is a very important concept to understand for beginners. What packages you install with Chocolatey usually show up in Programs and Features, but not always. What you install outside of Chocolatey does not show up by default. Ideally, you want Windows and Chocolatey software to be identical. In my opinion, once Chocolatey is installed, you should never install software outside of Chocolatey as you will make auditing and upgrading more difficult.

Certain Windows software does not show up in Programs and Features because it is not really “installed” on the system. A great example is PuTTY, a terminal software which only consists of a single executable. You do not have to run an installer for Putty, you can just download it and run it. So how do we get these to show up in Programs and Features? Chocolatey.

By setting this configuration, all Chocolatey packages will show up in Programs and Features:

choco feature enable -n showAllPackagesInProgramsAndFeatures

As you can see, Putty now shows up on my Windows 10 computer:

putty

Viewing Package Audit Information

One command I find myself using often is choco list. Not only does it allow you to view packages installed on your system, but also packages available in repositories. One of the great parameters to use is –audit which provides a lot of great information like install time, user who installed, Active Directory domain and software version.

PS C:\> choco list -lo --audit

Chocolatey v0.10.11 Business

7zip 18.5 User:dfrancis-adm Domain:MYCOMP Original User:dfrancis-adm InstallDateUtc:2018-05-03 20:55:12Z

7zip.install 18.5 User:dfrancis-adm Domain:MYCOMP Original User:dfrancis-adm InstallDateUtc:2018-05-03 20:55:12Z

adobe-acrobat-xi-pro 11.0.00 User:admin Domain:DOMAIN Original User:hermes InstallDateUtc:2018-04-18 10:59:12Z

autohotkey.portable 1.1.28.02 User:dfrancis-adm Domain:MYCOMP Original User:dfrancis-adm InstallDateUtc:2018-04-20 16:22:04Z

bind-toolsonly 9.12.1 User:dfrancis-adm Domain:MYCOMP Original User:dfrancis-adm InstallDateUtc:2018-05-18 12:25:40Z

Notice I used the parameter –lo which means look at packages installed locally.

Related: Setting Up An Internal Chocolatey Package Repository

View All Windows Installed Packages in Chocolatey

As I mentioned, Chocolatey manages packages separately from Windows, but what if we want to see software installed outside of Chocolatey or before Chocolatey was installed? For this, we can use the parameter –include-programs with choco list:

PS C:\> choco list -lo --include-programs

With this command you will see a second list of software; these are the packages installed outside of Chocolatey:

ABBYY FineReader 11|11.11.194

AD Replication Status Tool 1.0|2.6.60913.0

ADManager Plus Free Tools|4.0

Finding Outdated Packages

One of the best features of Chocolatey is the ability to quickly see what packages need to be upgraded and then upgrade them. In this article, I will only focus on finding outdated packages, which we can do with the command choco outdated.

Learn how to automate IT tasks with PowerShell. Download this eBook. 

Here, I want to see any package that can be upgraded on my local machine:

PS C:\> choco outdated

Chocolatey v0.10.11 Business

Outdated Packages

 Output is package name | current version | available version | pinned?

 

autohotkey.portable|1.1.28.02|1.1.29.01|false

bitvise-ssh-client|7.39|7.43|false

calibre|3.25.0|3.26.1|false

chocolatey.extension|1.12.11|1.12.12|false

citrix-receiver|4.10.1|4.12|false

As you can see, this allows me to see all outdated packages, their current version, available version and if they are “pinned” or not. Pinning a package means that a user specified that they do not want a package to be upgraded.

Conclusion

I think it is clear to see that managing your packages with Chocolatey will allow you to better audit and upgrade your software. Chocolatey provides information and methods that simply do not exist in Windows natively, or if they do exist, are difficult to do.

Dan Franciscus

Dan Franciscus is a systems engineer and VMware Certified Professional (VCP) specializing in VMware, PowerShell, and other Microsoft-based technologies. You can reach Dan at his blog (http://www.winsysblog.com/) or Twitter at @dan_franciscus.

Comments

Comments are disabled in preview mode.
Topics

Sitefinity Training and Certification Now Available.

Let our experts teach you how to use Sitefinity's best-in-class features to deliver compelling digital experiences.

Learn More
Latest Stories
in Your Inbox

Subscribe to get all the news, info and tutorials you need to build better business apps and sites

Loading animation