Jump to content

Duvak

Members
  • Content Count

    41
  • Joined

  • Last visited

Community Reputation

1 Neutral

My Information

  • Agent Count
    200+

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hi All, I'm asked to detect the difference between MSSQL Express Edition (free) and payed versions. So after a long search I found how to detect the difference. A powershell query like: "Get-WmiObject -Namespace root\Microsoft\SqlServer\ComputerManagement11 -Class SqlServiceAdvancedProperty | Where-Object {$_.PropertyName -eq 'SKUNAME'} | select PropertyStrValue | format-list" will return Express Edition (or another editions). This is the one for SQL Server 2012... other versions need to look at another version of ComputerManagement but in the end it will return the version. So I had a good idea, lets make it a role detection rule! But there's something I can't get to work. So who can tell me what i'm doing wrong? It simply will not detect the express editions... Why?! Role Detection MSSQL Server 2012 Express.sql
  2. Hi Martyn, Big fan of the Gen2 probe. So good work. I've got one question about monitoring snmp or Collecting SNMP info using emplates. Hope you can give me an example so I can use it in my search to knowledge because there's no info on the documentation site from Automate. There's a firewall. Lets call it a WatchGuard firewall. 😉 A Walk on the firewall shows me a ton of information but the information has a lot of variables. So there's no static OID to monitor. There's a Index table showing me indexing numbers for the next tables. The next table is the name table. Relating to the index above. The next table is the Status. Also relating on the index above. Is there a way to do this: Look for the name in the Name table. Find the index related to this name, find the status related to the index. Let me show: 1 find oid with value IKED 2 Find related index 3 Find status from this value with the related index. I guess this should be able with the SNMP Collection Templates and Sub Procedures. However..... how? Hope you can point me in the right direction. Kind regards, Bas van der Zanden
  3. Duvak

    Grafana and Labtech

    Hi Wupsje, Did you know you can also use the group by function? It saves you typing a lot of queries. Example: SELECT NOW() AS "time", computers.os as 'Operating System', COUNT(ComputerID) AS 'Number' FROM computers GROUP BY computers.os order by (Number) desc Use this as Query A, remove B,C,and the rest and you've got yourself a nice Pie
  4. Confirm! works fine. Was not aware the patch was pulled so installed it yesterday. Wish I was notified....
  5. Hi Fellow Geeks, I found some default script in CW Automate that will fail by default. I've reported them to CW Automate Support but one of them is exceptional and I want to share my findings with you guys. So the scripts that will fail by default: Exchange Database Report (This is the one i'd like to share with you below) Backup and Report on GPOs (Line 18 does a folder check but because trailing slash is missing it looks for a file) Exchange User Email Stats (Line 44 and 46 does a folder check but because trailing slash is missing it looks for a file) Exchange 2010 Best Practice Report (Line 33 does a folder check but because trailing slash is missing it looks for a file and a typo in line 34) Exchange Environment Summary (Line 31 en 33 does a folder check but because trailing slash is missing it looks for a file) So for the last 4 scripts, adding a trailing slash will solve the script problem. However, solution center overwrite this so i've reported them to CW Automate support. However, the first one: Exchange Database Report is some more advanced. The script fails on exchange servers with larger databases. It calls a powershell script Exch2010DB.ps1 and verifies the MD5 hash to make sure the file is not been modified. This powershell script is pulling some data from the exchange environment like database size. This is where the problem happens because the database size is tagged as [int] and so only handle 32bit values. Larger databases exceed this number and so the PS1 will fail. I was able to fix this by simply modifying the PS1 file and make [int] and [int64] (line 131, 137, 167). However, the file is being checked in the CW automate script by the MD5 hash. So modify the PS1 and the hash is different and will fail again. So disable the hash check functions from the script is a solution (?). And this will also be made undone by Solution center updates. But now the big question: CW Automate support states the PS1 script is not developed by CW Automate and therefore will not be changed by them. I do understand this in a certain way, but a user cant change this as well because it's being overwritten by solution center. So i've asked them now to change the CW automate script to remove the MD5 hash check part so users can modify the PS1 script. Waiting for an answer so I hope they will understand and apply my request. But what if they don't? Users cant change it, CW support won't. So in the end, CW Automate is provided out of the box with a failed script? Whats you opinion? Kind regards, Bas van der Zanden
  6. Duvak

    SNMP Monitoring

    It sure does. The map makes sense when all devices are detected correctly. But the new probe system does not make any changes in the device detection. it makes use of the same tables with device information. About the regex in the detection templates: It's not that hard. All i used where (?i) and ^. ^ when it need to match an OID like ^1.3.6.1.4.1.11.2.3.7.11.153. ^ means this is the start of the string. So ^1.3.6.1.4.1.11.2.3.7.11.153 detects a HP Procurve J9727A (?i) when the result contains text. It means don't bother about case sensitivity. So (?i)CF378A detects a HP Color Laserjet M477fdn that has the model number CG378A and can be detected even if the model is cg378a. And there's an exact match so the regex is CF378A. This must then be an exact match including upper/lower case.
  7. Duvak

    SNMP Monitoring

    Hi All, I've spend "a lot" of time lately to have all devices detected based on type. I've learned that SNMP is not that standard to be able to use a generic detection rule. For example: HP Switches are simple to discover since they've got a unique system oid: 1.3.6.1.2.1.1.2.0[sysObjectID] is a unique number for every type of switch (like 1.3.6.1.4.1.11.2.3.7.11.136 is a J9772A) However, HP's iLO 2/3/4 and 5 use an unusable SysObjectID so you need to discover them a different way. Best approach is to do a snmp walk on the device. Then try to google the sysobjectid and see if the device pops up in google. This makes 75% sure it's a unique identifier. If other results pop-up with the same OID, it's not unique and you need to look further. The second you can try is to see if there's a unique OID in the Manufacturer range. Scroll down in the walk result till 1.3.6.1.4.1.(enterprise id). For an example: HP printers are easy to detect using OID 1.3.6.1.4.1.11.2.3.9.4.2.1.1.3.1.0. This is the model number of the printer. If this is not there or you're unable to identify the device, you might try 1.3.6.1.2.1.1.1.0. However, this is a system discription and might vary per firmware/type/release and sometimes can be adjusted by user. Once a device is identified, you need to get it in the right "tree". Example: if a HP laserjet is already detected as a printer device and it's in the HP printers at HP Laserjet, all you need to do is to add a device with the right name, assign the detection template to it and it will be detected as this particular printer. However, when a device is in the top view as a "responded device" you can create a tree for yourself. So the detection template you've created applies to "responded Devices" and result in "your device". A lot of work to get things right but at the end, you'll have the benefit of it. So now you've got all devices in the right place, you can monitor in two different ways. You can put collection templates in place that will detect the right information, but you can also create groups and assign monitors to the group. The probe will then monitor these values like Ping, SNMP and even scripts with SSH/Telnet command in it.I found this much more effective then using collection templates. But this can be a personal preference. Hope you'll be able to get it to work with this information. Kind regards, Bas
  8. Hi All, I'm using the Custom Tabs plugin from early LT10 on. Not we're on twelve, the custom tabs are not showing in the computer management screen. They work fine in the client and location screens but when I open the computer screen (New GUI) and go to plugins, I do see the tab I’ve created but one I click it, it doesn't show anything. Am I the only one? or is this expected behavior in LT12?
  9. Duvak

    Windows Server Backup Monitoring

    Another way to monitor Windows Server Backup: Windows EventID 4 (Informational, Microsoft-Windows-Backup) is logged with a successful job. All possible fails are logged with other event id's. So monitoring them will be a pain in the ass because you have to apply a lot of monitors. But if you reverse the way of monitoring, you need to know when a backup server did not log eventid4 in a 24h time-span. So first of all, create a template for crimson events to receive events from Microsoft-Windows-Backup. Apply this template to the group of servers you need to monitor. Events will come in in the "other" logs. Next, blacklist the event. Monitoring blacklisted events is more database efficient then monitoring eventlogs. Create an internal monitor with the check condition: Eventlogs, blacklistID=XXX(the ID from the blacklisted event) and most important.... Check the Reverse Query checkbox. Put the interval on daily (or more often if you use multiple backup schemes) and alert frequency @ once per day. Add your alert and you're ready to go. Have a great day.
  10. Duvak

    Introduction to Custom Tabs

    Hi Greg, Tested this Custom Tabs on our test environment today. Just what I was looking for. Great way to get the Patch Day EDF's back in Automate. So wanted to implement it in our live environment but it simply doesn't install. Big difference is out live environment is a split-server setup. Running the EXE on the App server: nothing (Not even a pop-up) Running the EXE on the Webserver: ask for login, pass, url. Click install: nothing Running the EXE on the DB server: Same as Webserver Running the EXE on a client machine: App Crash (Windows 10) Got any suggestions? Workaround: Managed to install it from a Windows 7 machine
  11. Duvak

    Adding FSRM Role Detection

    Great tip! Was looking for the Windows-Server-Backup feature detection. So change the line and it works.
  12. it's your date settings form windows. Make sure it's in US format. So with the / instead of -
  13. Just came to the conclusion i didn't post my final solution. LT 11 is still not able to show cluster shared volume space from Microsoft Hyper-V clusters. So I found a new way to get it into Labtech. Attached a LT script based on LT11. (LT11 is required because it's using powershell instead op PS. Powershell uses single quotes instead of PS who was using double quotes) -Import the script into your LT environment -Edit the script to modify the name of the Cluster Shared Volume name * -Check if the custom fields where created in the location's info tab (like the screenshot in the zip file) -Run your modified script against a Hyper-V cluster node -Check the results in the commands tab from the cluster node or in the info field at the location the node is at. *The cluster shared volume name can be found in the Failover Cluster manager or if you are a powershell fanatic, use the command "Get-WmiObject -namespace root\mscluster -class MSCluster_DiskPartition" and find the name in the result. Still looking for a way to automate the script so it will be able to find the CSV name on it's own. Time will tell... CSV_bundle.zip
  14. Duvak

    LT 10 Generating Duplicate/Triplicate Monitors

    Good news... almost. My Duplicates where created by conflicts between group monitors and Management Packs. LT advised to update 10.5 to patch3 but the problem was caused by updating labtech ignite packs via the solution center. From all duplicate monitors, just one was controlled by the management pack and the other(s) controlled by groups. So, I know Patch3 should fix something and solution center updates should be installed very carefull to avoid this from happening again. Now the next challenge: How to get rid of the duplicates!? Removeing a remote monitor includes removing history, state, agents and a lot more I guess. Would be nice to have a script or query to run. Anyone got a brilliant idea? Looking at 800+ servers so give me a week to clean up and a broken mouse ;-)
  15. Duvak

    LT 10 Generating Duplicate/Triplicate Monitors

    Hi Gio, Same here with our own LabTech server with LT10.5. However a slight change is that our triplicated monitors are all based on the management packs. (as it seems). Reporten the bug only yesterday so don't have a status update. Did you hear any possible solution? Cleaning all monitors @ 850 servers is not something I wish to do manual. Bas
×