Add scanner 'Get-ScheduledTaskActions' to get more info about Scheduled Tasks

PowerShell Scanners/Get-ScheduledTasksActions/Get-ScheduledTasksActions.ps1

@@ -0,0 +1,61 @@
+<#
+.SYNOPSIS
+    PDQ Inventory Scanner to retrieve Scheduled Tasks including action(s)
+
+.PARAMETER TaskName
+    Specifies an array of one or more names of a scheduled task. You can use "*" for a wildcard character query.
+
+.PARAMETER TaskPath
+    Specifies an array of one or more paths for scheduled tasks in Task Scheduler namespace. You can use "*" for a wildcard character query. 
+    You can use \* for the root folder. To specify a full TaskPath you need to include the leading and trailing \.
+
+.INPUTS
+    None. You can't pipe objects.
+
+.OUTPUTS
+    System.Management.Automation.PSCustomObject. 
+    Get-ScheduledTasksActions.ps1 returns a PSCustomObject each action within a scheduled task.
+    Note that a single Scheduled Tasks can have multiple actions.
+
+.LINK
+    Parameters TaskName and TaskPath are the same as the built-in cmdlet `Get-ScheduledTask`
+
+.EXAMPLE
+    PS> .\Get-ScheduledTasksActions.ps1 -TaskName "Microsoft*"
+    TaskName          : Microsoft Compatibility Appraiser
+    TaskPath          : \Microsoft\Windows\Application Experience\
+    TaskActionExe     : %windir%\system32\compattelrunner.exe
+    [...]
+
+#>
+param (
+    [PSDefaultValue(Help = "Wildcard filter, display all Scheduled Tasks by name")]
+    [SupportsWildcards()]
+    [string[]]$TaskName = "*",
+    [PSDefaultValue(Help = "Wildcard filter, display all Scheduled Tasks by path")]
+    [SupportsWildcards()]
+    [string[]]$TaskPath = "\*"
+)
+
+$tasks = Get-ScheduledTask -TaskName $TaskName -TaskPath $TaskPath -ErrorAction SilentlyContinue
+
+if (!$tasks) {
+    throw "No scheduled tasks found"
+}
+
+foreach ($task in $tasks) {
+    foreach ($action in $task.Actions) {
+        [PSCustomObject]@{ 
+            TaskName          = $task.TaskName
+            TaskPath          = $task.TaskPath
+            TaskURI           = $task.URI
+            TaskAuthor        = $task.Author
+            TaskRunAsUser     = $task.Principal.UserId
+            TaskEnabled       = $task.Settings.Enabled
+            TaskHidden        = $task.Settings.Hidden
+            TaskActionExe     = $action.Execute
+            TaskActionArgs    = $action.Arguments
+            TaskActionWorkDir = $action.WorkingDirectory
+        }
+    }
+}

PowerShell Scanners/Get-ScheduledTasksActions/README.md

@@ -0,0 +1,16 @@
+# Instructions
+[How to use this repository](../../README.md)
+
+# Description
+Retrieve Scheduled Tasks including action(s). Tasks can be filtered by TaskName and TaskPath.
+Run `Get-Help Get-ScheduledTasksActions.ps1` for more information and examples. 
+
+# Parameters
+## TaskName
+Specifies an array of one or more names of a scheduled task. You can use "*" for a wildcard character query.
+
+## TaskPath
+Specifies an array of one or more paths for scheduled tasks in Task Scheduler namespace. You can use "*" for a wildcard character query. You can use \* for the root folder. To specify a full TaskPath you need to include the leading and trailing \.
+
+# Author
+David Bekker

PowerShell Scanners/Get-ScheduledTasksActions/Scan Profile.xml

@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="utf-8"?>
+<AdminArsenal.Export Code="PDQInventory" Name="PDQ Inventory" Version="19.3.30.0" MinimumVersion="19.0">
+  <ScanProfile>
+    <Collections type="list" />
+    <Scanners type="list">
+      <Scanner>
+        <ModifiedDate>2024-11-18T13:52:01.7672096+01:00</ModifiedDate>
+        <Name>Get-ScheduledTasksActions</Name>
+        <UID>4614b4ed4b734b14bb32b15df48937d4</UID>
+        <Script>
+        </Script>
+        <FileName>C:\PowerShell-Scanners\PowerShell Scanners\Get-ScheduledTasksActions\Get-ScheduledTasksActions.ps1</FileName>
+        <Parameters>
+        </Parameters>
+        <AdditionalFiles>
+        </AdditionalFiles>
+        <RowLimit value="100" />
+        <TypeName>PowerShell</TypeName>
+        <SourceScannerId value="90" />
+      </Scanner>
+    </Scanners>
+    <Description>Retrieve Scheduled Tasks including action(s)</Description>
+    <ScanProfileId value="33" />
+    <Name>PS - Get-ScheduledTasksActions</Name>
+    <ScheduleTriggerSet name="ScheduleTriggers">
+      <Triggers type="list" />
+    </ScheduleTriggerSet>
+  </ScanProfile>
+</AdminArsenal.Export>