What is VEST?
VEST is the V&E Support Tool. Our help desk needed something to quickly triage machines and find common issues. I wrote VEST to meet this need, and to help teach myself PowerShell by creating something practical.
What does VEST do?
Log lots of useful system information (hardware specs, pc name, SSD firmware info, KMS info, etc)
Check the BIOS, OS and main apps to see if they're up to date
Check and flag key services that aren't running but should be
Check if BitLocker is enabled on physical PCs
Check KMS activation status and attempt repair if broken
Check/fix Config Mgr remote control service
Check for pending reboots (ie: patches & updates)
Check last boot time and flag if it's more than 7 days in the past
Check free disk space and flag if <20gb free
Check for broken MS Office file associations and offer to repair them
Show a popup when issues are found
Repair software/apps (except Office)
What does VEST --NOT-- do?
Reboot a computer
Notify anyone in the firm about anything it may find on the PC
Install missing core apps
Backup or restore user data
Find iManage documents
Fix numbering schemes
Fix login/password problems
What should I do after running VEST?
Look at the log! It might have information that will let you solve the problem for the user without needing to escalate to another group.
Take action based on what you see in the log:
Pending reboot? Reboot!
Disk full? Clean it up!
BIOS old? Upgrade from Software Center!
OS not patched? Run Updates in Software Center
After taking action (disk cleanup, reboot, etc) run VEST again to verify that the condition has been resolved, then see if the user's problem still exists.
How to use the VEST Log file:
The VEST log is stored in c:\temp\logs\
Note that it may not always open in CMTrace. Without CMTrace, there will be no red or yellow highlighting, but you can still look for warnings and errors by scrolling and looking for <<<<<<<<<<<<<< or ----------------, or using the search function to find ERROR or WARNING text.
General system information is collected at the top of the log – pc name, make/model, specs, network info, etc. This is purely informational – nothing will be flagged here.
Items highlighted in YELLOW and marked with ---------- are simply warnings. They don't necessarily mean something is actually wrong (especially in the Services section of the log), but it's worth at least looking at these to see what they are. Some could potentially point you in the right direction, depending on the problem the user is experiencing.
Items highlighted in RED and marked with <<<<<<<<<< are actual problems that should be addressed immediately. These are typically things like low disk space, old versions of BIOS or OS patches, or key services that are not running which can cause issues. Pending reboots (caused by updates, patches or software installations) also fall under this category.
VEST also has a silent mode which can be activated by adding -silent to the command line. This is useful when you want to check a user's machine without interrupting them. I have it deployed in Config Manager as required ASAP to a "VEST - Run Now" collection. Then I just add a PC to that collection, update client notification, and it runs within a few minutes. Since VEST automatically copies its log to a network drive, I don't even have to connect to the user's machine, and can view the log at my leisure.
I've tried my best to make the log as human-readable as possible, but if you have any suggestions on ways to improve it or any additional items you'd like checked during the scan, I'm all ears!