Utilize existing tools
Common commands like reboots, remote assistance, and Wake-on-LAN are included as pre-built tools. See the full list below.
Craft custom commands
Additional custom tools can be added for any command that can be run within Windows. PDQ Inventory will execute the tool and send in the computer’s name (or other information).
What’s in the Tools Library?
Note: All Event Logs require PowerShell
|Get Application Errors||Display all events in the target’s Application Event Log that have an event level of Error or Critical.|
|Get Crash History||Display all events in target’s System Event Log that contain the word “crash”.|
|Get Rename History||Displays all events showing a computer name change.|
|Get TCP/IP All||Displays all events in System Event Log with TCP/IP provider and ID 4230.|
|Get TCP/IP Congestion||Display All TCP/IP messages from system Event Log.|
|Get Logon History||Shows Logon events on target machine.|
|Get Restart History||Shows all events in System log that contain “Shutdown Type” or “crash”.|
|Connect to IP via HTTP||If the target device has a webserver (such as a printer or IP Phone) this tool will attempt to start the default browser and connect to the IP address.|
|Get MAC||Uses a cmd shell to run `arp.exe -a` against target IP address.|
|Manage Services||Uses Services.msc to view/manage target’s Windows Services.|
|Ping (Persistent)||Sends a persistent Ping to target machine. This will open a CMD window. To stop the ping either press CTRL+C or simply close the CMD window. This utility is great to use when a computer has been rebooted and you want to know the moment it comes back online.|
|Open ADMIN$ Share||Attempts to connect via Windows Explorer (explorer.exe) to the target computer’s Windows directory. By default the %WINDIR% directory is shared as ADMIN$.|
|Flush DNS Resolver Cache (localhost)||Use this to flush (empty) the DNS cache on your console machine. This can be necessary when a target’s IP address has changed but your DNS cache stills has the old address. This tool is considered a “System Tool”. This means that a computer does not need to be selected to run it.|
|Lookup IP Address||Uses NSLOOKUP to perform a “Reverse lookup” to resolve the hostname from the supplied IP Address. Your environment must utilize PTR records in order to perform reverse lookups.|
|Lookup Hostname||Uses NSLOOKUP to resolve the IP Address for a target computer.|
|NetBIOS by IP||Uses NBTSTAT to resolve the hostname of a computer based on the IP Address.|
|NetBIOS by Name||Uses NBTSTAT to resolve the IP Address of a computer based on the computer name.|
With product guides, in-depth tutorials, and coverage of the latest cybersecurity threats, the PDQ blog is your one-stop-shop for all things IT.
Join us for our weekly live broadcast, where we cover everything from getting started to advanced use case scenarios and troubleshooting.