Webroot Key AuditMatch

Purpose

This solution fetches the Webroot KeyCode audit and monitors to find any mismatches.

Content	Type	Function
Script - Webroot Keycode Verification [DV]	Script	This script collects the Webroot hashed keycode from the machine and matches it with the keycode set up in the Webroot plugin and the keycode present on the machine. We can review the results using the DV.
Dataview - Webroot KeyCode Audit [Script]	Dataview	This dataview shows the Webroot hashed keycode present on the machine, the status of the keycode, and whether it matches the keycode set up under the Webroot plugin.
Monitor - Execute Script - Webroot Keycode Verification	Monitor	Alerts if a computer or computers have the wrong Webroot Keycode assigned.
△ CUSTOM - Execute Script - Webroot Hashed Key Retrieval	Alert Template	This will call the script EPM - Data Collection - Script - Webroot Hashed Key Retrieval to perform a re-audit of the code and then create alerts if the keycode mismatches.

Import: Script - Webroot Keycode Verification [DV]
Import: Dataview - Webroot KeyCode Audit [Script]
Import: Monitor - Proval - Production - AV - Wrong Webroot KeyCode Detected.
Import the alert template "△ CUSTOM - Execute Script - Webroot Hashed Key Retrieval".
Schedule the Script - Webroot Hashed Key Retrieval to the group "Antivirus Management/Webroot SecureAnywhere" every week to perform the audit of the Key where the Webroot Antivirus is installed.
Set the Monitor - Proval - Production - AV - Wrong Webroot KeyCode Detected to run daily and apply the alert template △ CUSTOM - Execute Script - Webroot Hashed Key Retrieval to perform a re-audit and alert if the keycode mismatches.
Go through the documentation SWM - Software Install - Solution - Webroot to understand how to set the Webroot site keycode in the plugin.

Will the ticket auto-close if the KeyCode matches for the agent where the KeyCode mismatch was detected?
- Yes, the autofix has the auto-closure of the ticket feature added.