discovery.registryKey

discovery.registryKey(target, key [, win64_redirect=true|false])


Retrieves a registry key from a Windows computer.

64 bit Windows hosts have the following registry keys:

  • HKEY_LOCAL_MACHINE\SOFTWARE — 64 bit values
  • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node — 32 bit values

win64_redirect is an optional flag which enables you to specify whether the search for the registry key should take place in the 32 bit section if not found in the 64 bit section. TRUE means search the 32 bit section, FALSE means do not search the 32 bit section even if the key is not found in the 64 bit section. The default is TRUE.

On non-Windows and 32 bit Windows systems win64_redirect has no effect.

The win64_redirect flag is new in 8.2.

Returns a DiscoveredRegistryValue node.

The following code examples shows discovery.registeryKey being used to determine the vendor of the first CPU of a the Windows machine.

// Get the vendor of the first CPU
vendor := discovery.registeryKey(host, "HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier");

if vendor then
    log.debug("Vendor value: %vendor.value%");
end if;
Was this page helpful? Yes No Submitting... Thank you

Comments