Add ConfigManagerErrorCode to drivers table

[hussainhyder23]

What new feature do you want?

This feature request proposes enhancing the drivers table in osquery to include the ConfigManagerErrorCode property from the Win32_PNPEntity WMI class. This addition will provide valuable insights into driver status and potential issues, enabling proactive monitoring and troubleshooting capabilities.

The current drivers table provides a useful overview of installed drivers. However, it lacks detailed information about the driver's operational state and potential problems. The ConfigManagerErrorCode property, available through WMI's Win32_PNPEntity class, offers a standardized way to retrieve the status of a device and its associated driver. Including this information in the drivers table would significantly enhance osquery's ability to detect and diagnose driver-related issues.

How is this new feature useful?

The ConfigManagerErrorCode property returns a numeric code indicating the status of a device as reported by the Windows Configuration Manager. These codes provide a granular view of potential driver problems, ranging from simple warnings to critical errors that prevent the device from functioning correctly. A comprehensive list of these error codes can be found in Microsoft's documentation
By incorporating this property into the drivers table, users can leverage osquery to:

Proactively monitor driver health: Regularly querying the drivers table with the new ConfigManagerErrorCode column allows for automated detection of driver issues before they impact system stability or user experience.
Troubleshoot driver problems: When a device malfunction occurs, the ConfigManagerErrorCode can provide valuable clues about the root cause, accelerating troubleshooting and reducing downtime.
Automate driver management: Scripts and workflows can be developed to automatically identify and address driver issues based on the reported error codes.
Improve security posture: Identifying drivers with errors can be important for security investigations, as outdated or malfunctioning drivers can introduce vulnerabilities.

How can this be implemented?

Enhance the drivers table schema to include a new column named config_manager_error_code. This column should store the integer value returned by the ConfigManagerErrorCode property of the corresponding Win32_PNPEntity instance.