recently we had a stolen laptop, and though we were able to figure out that it was online via the agent checking in, its IP was only the one of our Firewall since it was outside our LAN perimeter. Obviously, that was useless in tracking it down.
So, I wrote a small script, similar to the one for listing local admins, to query for the public IP and storing it in a text file, then shooting that text file over in the next inventory. I thought I’d share the process:
- Create an online Shell Script:
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.CreateTextFile("C:\windows\PublicIP.txt",True)
Set o = CreateObject("MSXML2.XMLHTTP")
o.open "GET", "http://ifconfig.me/ip", False
o.send objFile.WriteLine "Public IP: " & o.responseText
BREAK ON $ = SetConsole("Hide") $web=createobject("MSXML2.XMLHTTP") $web.open("GET","http://ifconfig.me/ip",not) $web.send $response = $web.responseText if len($response) for each $line in split($response,chr(10)) if len($line) $ = RedirectOutput("C:\Windows\PublicIP.txt",1) "Public IP: " + $line $ = RedirectOutput("") endif next endif
- Set this to run daily at some point, and target machines of interest (in my case, it was laptops only)
- Create a Custom Inventory Rule, i.e: (CIR)Public IP with the following:
Alternatively you can also use the site http://checkip.dyndns.org, which returns a result faster than the above, but will require a couple string manipulation function clean up the output, though not much.
And that’s it. Works like a charm.