# Create a Proactive remediations script package In this simple example, we'll create a script package in Proactive remediations in the MEM portal which will report on whether a device is pending a restart from software updates. ## Create the script package In the MEM portal, navigate to Reports > Endpoint Analytics > Proactive remediations Click **Create script package** and give it a name and description ![](https://3886807721-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWe9ieepRHnj7T8odXt%2F-Mj_9KXQOr7ZEGKWHgIt%2F-Mj_A8DcZuTw97u3SeAT%2F2021-09-14%2017_29_27-Window.png?alt=media\&token=d1efecfe-019d-47e2-847d-e9c56581dd38) Download the following script, then on the **Settings** page in the script package upload it as the **Detection script file**. There is no need to add a remediation script. Run the script in 64-bit PowerShell. {% hint style="success" %} Have a read of the script so you understand how it works. You can use it as a starting point for your own scripts. The key things are that the inventoried data is outputted as key-value pairs in JSON format and that the output is not longer than the permitted length. {% endhint %} {% embed url="" %} ![](https://3886807721-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWe9ieepRHnj7T8odXt%2F-Mj_9KXQOr7ZEGKWHgIt%2F-Mj_AJji0JAcONVRxFoK%2F2021-09-14%2017_30_38-Window.png?alt=media\&token=dbd9923c-abd1-4df8-affe-4ad9bcbee6e3) Add a scope tag if you need to. ![](https://3886807721-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWe9ieepRHnj7T8odXt%2F-Mj_9KXQOr7ZEGKWHgIt%2F-Mj_BCAu6SmUt5-g3jvI%2F2021-09-14%2017_31_15-Window.png?alt=media\&token=dcd5b2d4-27bd-4237-94b8-7eb05b3f3b2c) On the **Assignments** page add an **assignment** and set the **schedule**. {% hint style="info" %} Don't run the script more frequently than necessary. If the data you are inventorying doesn't change often, don't inventory it often. Also consider how often you will be exporting the data - if that's once per day, for example, a daily schedule on the PR should suffice. {% endhint %} ![](https://3886807721-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWe9ieepRHnj7T8odXt%2F-Mj_9KXQOr7ZEGKWHgIt%2F-Mj_BGIkD46hYRbbPaFI%2F2021-09-14%2017_31_58-Window.png?alt=media\&token=adb8ea89-2626-48dd-aca6-a77e8e0161e1) Click **Create**. ![](https://3886807721-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWe9ieepRHnj7T8odXt%2F-Mj_9KXQOr7ZEGKWHgIt%2F-Mj_BK3NGfXWGNY9O_y0%2F2021-09-14%2017_32_24-Window.png?alt=media\&token=5846bfea-bed5-40f0-aafb-1f99aceba5ff) ### View the output Once some of your targeted devices have run the script, you can view the output in the MEM portal and verify that it's good. In Proactive remediations, click on the script package you created and view the **Device status** report. ![](https://3886807721-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWe9ieepRHnj7T8odXt%2F-Mj_9KXQOr7ZEGKWHgIt%2F-Mj_DHYFvU4IOuycdNyi%2F2021-09-14%2017_51_48-Window.png?alt=media\&token=9251fa24-c490-4acb-92ab-92c73a13de1b) To view the output, click **Columns** and select at least the **Pre-remediation detection output** column. ![](https://3886807721-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWe9ieepRHnj7T8odXt%2F-Mj_9KXQOr7ZEGKWHgIt%2F-Mj_DYAjYypyz802Sy5v%2F2021-09-14%2017_52_37-Window.png?alt=media\&token=632d2009-e839-4695-bf7e-95862420e0f6) In that column, click **Review** to see the output. ![](https://3886807721-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWe9ieepRHnj7T8odXt%2F-Mj_9KXQOr7ZEGKWHgIt%2F-Mj_DkaUTbeR15nEA_Bw%2F2021-09-14%2017_53_37-Window.png?alt=media\&token=1a125b11-3c77-43e2-819a-dd136c2a7ae5) ![](https://3886807721-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MWe9ieepRHnj7T8odXt%2F-Mj_9KXQOr7ZEGKWHgIt%2F-Mj_DuNm45pBRC4obBTD%2F2021-09-14%2017_54_36-Window.png?alt=media\&token=1dd03976-7c6f-4bf7-8723-8266774587fc) Note that the output is in JSON format - this makes it easy for the automation runbook to use the data.