PowerShell custom check exits with "OK" if script is not found

good morning all :slight_smile:

I’m having slight trouble with a cusotm script command for the powershell I added to execute scripts on the Windows agents.

The (base) command:

object CheckCommand "PowerShell Custom Script" {
    import "plugin-check-command"
    command = [
    timeout = 3m
    arguments += {
        "-command" = {
            description = "This will contain the path to our PowerShell script, script path has to be input like this: \"& 'C:\\\\Program Files\\\\ICINGA2\\\\sbin\\\\check_reboot.ps1'\" (without the double quotes)"
            required = true
            value = "$ps_script_path$"
        ";exit" = {
            required = true
            value = "$$LastExitCode"

The command for the custom script, which extends the bas command by two arguments

object CheckCommand "mdatp-status_win" {
    import "plugin-check-command"
    import "PowerShell Custom Script"

    arguments += {
        "-crit" = {
            description = "Critical threshold in hours for definition age"
            required = true
            value = "$mdatp_win_definition_crit$"
        "-warn" = {
            description = "Warning threshold in hours for definition age"
            required = true
            value = "$mdatp_win_definition_warn$"

With this I have the problem that the check returns 0/OK if the script is not present on the server
Command line:

'C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe' '-executionpolicy' 'bypass' '-noprofile' '-command' '& '\''C:/scripts/monitoring/mdatp/mdatp_status.ps1'\''' '-crit' '8' '-warn' '5' ';exit' '$LastExitCode'

Plugin Output:

& : Die Benennung "C:/scripts/monitoring/mdatp/mdatp_status.ps1" wurde nicht als Name eines Cmdlet, einer
Funktion, einer Skriptdatei oder eines ausführbaren Programms erkannt. Überprüfen Sie die Schreibweise des Namens, 

oder ob der Pfad korrekt ist (sofern enthalten), und wiederholen Sie den Vorgang.

In Zeile:1 Zeichen:3

+ & 'C:/scripts/monitoring/mdatp/mdatp_status.ps1' -crit 8 -warn 5  ...

+   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : ObjectNotFound: (C:/scripts/...datp_status.ps1:String) [], CommandNotFoundException

    + FullyQualifiedErrorId : CommandNotFoundException

This is obviously not helpful and I would like to change it to exit with a 3/UNKNOWN if the script is not present.
The closest I got was with a try/catch around the command, which work on the Powershell directly:

C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -noprofile -command { try{& C:/scripts/monitoring/mdatp/mdatp_status.ps1 -crit 8 -warn 5} catch [System.Management.Automation.CommandNotFoundException] {exit 3} }

But the Director put the whole thing in single quotes, rendering the whole plugin call useless

'C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe' '-executionpolicy' 'bypass' '-noprofile' '-command' '{try{& C:/scripts/monitoring/mdatp/mdatp_status.ps1 -crit 8 -warn 5} catch [System.Management.Automation.CommandNotFoundException] {exit 3}}' ';exit' '$LastExitCode'


Anyone here got an idea on how to make this work?

greetings :slight_smile: