Lukas BeranAzure Sentinel is a cloud SIEM and SOAR. It is therefore used for the supervision of a customer environment, from which it...
Own monitoring script in PowerShell
Lukas Beran Server monitoring is important part of every infrastructure. For basic (and free) monitoring you can use simple PowerShell script and Task Scheduler.
You can write your own script or you can use any available script for example from Technet Script Center. I also use one script from Script Center.
This script reads list of servers from external file and if the script reaches unavailable server, sends email notification. You can download the script from here. Original script is available here.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 | # reset the lists of hosts prior to looping $OutageHosts = $Null # specify the time you want email notifications resent for hosts that are down $EmailTimeOut = 720 # specify the time you want to cycle through your host lists. $SleepTimeOut = 30 # specify the maximum hosts that can be down before the script is aborted $MaxOutageCount = 15 # specify who gets notified # specify where the notifications come from # specify the SMTP server $smtpserver = "smtp.domain.com" Do{ $available = $Null $notavailable = $Null # Read the File with the Hosts every cycle, this way to can add/remove hosts # from the list without touching the script/scheduled task, # also hash/comment (#) out any hosts that are going for maintenance or are down. get-content servers.txt | Where-Object {!($_ -match "#")} | ForEach-Object { if(Test-Connection -ComputerName $_ -Count 1 -ea silentlycontinue) { } else { if(!(Test-Connection -ComputerName $_ -Count 4 -ea silentlycontinue)) { # If the host is still unavailable for 4 full pings, write error and send email [Array]$notavailable += $_ if ($OutageHosts -ne $Null) { if (!$OutageHosts.ContainsKey($_)) { # First time down add to the list and send email $OutageHosts.Add($_,(get-date)) $Now = Get-date $Body = "$_ has not responded for 5 pings at $Now" Send-MailMessage -Body "$body" -to $notificationto -from $notificationfrom ` -Subject "Host $_ is down" -SmtpServer $smtpserver } else { # If the host is in the list do nothing for 1 hour and then remove from the list. if (((Get-Date) - $OutageHosts.Item($_)).TotalMinutes -gt $EmailTimeOut) {$OutageHosts.Remove($_)} } } else { # First time down create the list and send email $OutageHosts = @{$_=(get-date)} $Body = "$_ has not responded for 5 pings at $Now" Send-MailMessage -Body "$body" -to $notificationto -from $notificationfrom ` -Subject "Host $_ is down" -SmtpServer $smtpserver } } } } sleep $SleepTimeOut if ($OutageHosts.Count -gt $MaxOutageCount) { # If there are more than a certain number of host down in an hour abort the script. $Exit = $True $body = $OutageHosts | Out-String Send-MailMessage -Body "$body" -to $notificationto -from $notificationfrom ` -Subject "More than $MaxOutageCount Hosts down, monitoring aborted" -SmtpServer $smtpServer } } while ($Exit -ne $True) |
My primary focus is the security of identities, devices and data in the cloud using Microsoft services, technologies and tools.
Comments 1
Alban