Use the windows_task Inspec audit resource to test a scheduled tasks configuration on a Windows platform. Microsoft and application vendors use scheduled tasks to perform a variety of system maintaince tasks but system administrators can schedule their own.


A windows_task resource block declares the name of the task (as its full path) and tests its configuration:

describe windows_task('task name uri') do
  its('parameter') { should eq 'value' }
  it { should be_enabled }


  • 'parameter' must be a valid parameter defined within this resource ie logon_mode, last_result, task_to_run, run_as_user
  • 'value' will be used to compare the value gather from your chosen parameter
  • 'be_enabled' is an example of a valid matcher that checks the state of a task, other examples are exist or be_disabled


This InSpec audit resource has the following matchers:


Use the be matcher to use a comparison operator—= (equal to), > (greater than), < (less than), >= (greater than or equal to), and <= (less than or equal to)—to compare two values: its('value') { should be >= value }, its('value') { should be < value }, and so on.


Use the cmp matcher compare two values, such as comparing strings to numbers, comparing a single value to an array of values, comparing an array of strings to a regular expression, improving the printing of octal values, and comparing while ignoring case sensitivity.

Compare a single value to an array:

describe some_resource do
  its('users') { should cmp 'root' }
  its('users') { should cmp ['root'] }

Compare strings and regular expressions:

describe some_resource do
  its('setting') { should cmp /raw/i }

Compare strings and numbers:

describe some_resource do
  its('setting') { should eq '2' }


describe some_resource do
  its('setting') { should cmp '2' }
  its('setting') { should cmp 2 }

Ignoring case sensitivity:

describe some_resource do
  its('setting') { should cmp 'raw' }
  its('setting') { should cmp 'RAW' }

Printing octal values:

describe some_resource('/proc/cpuinfo') do
  its('mode') { should cmp '0345' }

expected: 0345
got: 0444


Use the eq matcher to test the equality of two values: its('Port') { should eq '22' }.

Using its('Port') { should eq 22 } will fail because 22 is not a string value! Use the cmp matcher for less restrictive value comparisons.


Use the include matcher to verify that a string value is included in a list: its('list') { should include 'string' }.


Use the match matcher to check if a string matches a regular expression: its('string') { should_not match /regex/ }.


The following examples show how to use this InSpec resource.

Test’s that a task is enabled

describe windows_task('\Microsoft\Windows\Time Synchronization\SynchronizeTime') do
  it { should be_enabled }

Test’s that a task is disabled

describe windows_task('\Microsoft\Windows\AppID\PolicyConverter') do
  it { should be_disabled }

Test’s the configuration parameters of a task

describe windows_task('\Microsoft\Windows\AppID\PolicyConverter') do
  its('logon_mode') { should eq 'Interactive/Background' }
  its('last_result') { should eq '1' }
  its('task_to_run') { should cmp '%Windir%\system32\appidpolicyconverter.exe' }
  its('run_as_user') { should eq 'LOCAL SERVICE' }

Test’s that a task is defined

describe windows_task('\Microsoft\Windows\Defrag\ScheduledDefrag') do
  it { should exist }

Gathering Tasknames

Rather then use the GUI you can use the schtasks.exe to output a full list of tasks available on the system

schtasks /query /FO list

rather than use the list output you can use CSV if it is easier.

Please make sure you use the full TaskName (include the prefix \) within your control

C:\>schtasks /query /FO list
Folder: \Microsoft\Windows\Diagnosis
HostName:      XPS15
TaskName:      \Microsoft\Windows\Diagnosis\Scheduled
Next Run Time: N/A
Status:        Ready
Logon Mode:    Interactive/Background