Jump to content

MGreen

Administrator
  • Content Count

    151
  • Joined

  • Last visited

  • Days Won

    10

Everything posted by MGreen

  1. MGreen

    CWA Agent Version Update Monitor

    Amazing monitor
  2. See the recording for this cast, start at around 12 minutes in order to skip the countdown until 8:30 There was some confusion as I quickly ballooned from simple Searches and Groups to a Remote Monitor that changed into a complex Powershell script that then turned into a confusing State Based monitor. I'll break it down here for people who want a quick review without watching the entire show. The goal: Determine which Virtual Machines are supposed to be running on the Host that are not actually running right now, and start them or make a ticket if they fail to start. To identify these virtual machines I have to make sure I find machines that are either A) Not a replica B) If it is a replica, its the PRIMARY Replica. Additionally I have to confirm that the machine is supposed to be running. I use two methods to do this 1) I confirm that the VHD(x) was recently written to, and also confirm that the VM Settings itself is configured to start automatically. I use the following Powershell Modules to determine what I listed above.. Get-VM Get-VMReplication Get-VMHardDiskDrive Get-ChildItem I use the following PowerShell parsing methods and logical processing to properly handle the data received from the above modules. where For-Each If () { } else {} My first step is to get a list of all Virtual Machines that are NOT in a running state. Specifically because there are other states (Starting, Shutting down) I limit my search to those that are either Saved or Off. Get-VM | where {$_.State -in "Off","Saved"} I'm using the "-in" logical comparison to match the value of the VM State retrieved from the Get-VM command to either Off or Saved. This will return any VM that isn't running. This is the base check. Next we want to check for machines that are meant to be on. This is just an additional condition of looking for Virtual Machines that are configured to start automatically. Get-VM | where {$_.State -in "Off","Saved" -and $_.AutomaticStartAction -ne "Nothing"} Using "-and" and "-ne" (not equals) I'm able to string a second check on the same VM object to exclude anything that is configured to DO NOTHING on reboot. My next step is to get the VM Replication status, using the powershell module Get-VMReplication I will be returned with a list of all Virtual Machines that are replicas.This is similar to the Get-VM module except that I'm specifically getting ONLY Replicas. Using similar logic to above I know that I only want to get Virtual Machine replicas where the Primary Server is the same as the server that the name itself is running under. Get-VMReplication|?{$_.PrimaryServer -eq ([System.Net.Dns]::GetHostByName($env:computerName).HostName)} If you look at Get-VMReplication you'll see a property "PrimaryServer" that has the full FQDN of the servername. The only way to get the FQDN in Powershell without using WMI is by tapping into .NET (which is faster) and that is the second part of the command. Combining addressing the DNS Namespace in .NET to retrieve the FQDN we combine it with the environment variable computername to generate the same string that would match within the PrimaryServer attribute. We now have a full list of VMs that exist on the VM as the primary replica copy. Combining the first two modules together so we can get a single list of Virtual Machines the command will look like this. Get-VM | where {($_.State -in "Off","Saved" -and $_.AutomaticStartAction -ne "Nothing") -and ($_.Name -in (Get-VMReplication|?{$_.PrimaryServer -eq ([System.Net.Dns]::GetHostByName($env:computerName).HostName)}).VMName)} Note how we created separate groups in the logic, because two statements are AND but the second statement (the replica primary server) is going to be an OR against a final check -if Replica is even enabled at all. The final piece to point out is how I'm specifically selecting a specific property from the output by doing ".VMName" which is the value I want to compare against the $_.Name from Get-VM. Adding in the final and last condition check to confirm that we're getting NON REPLICA Vm's as well as Replica VMs where the primary server is itself I'm going to adjust the code as follows. Get-VM | where {($_.State -in "Off","Saved" -and $_.AutomaticStartAction -ne "Nothing") -and ($_.Name -in (Get-VMReplication|?{$_.PrimaryServer -eq ([System.Net.Dns]::GetHostByName($env:computerName).HostName)}).VMName -or $_.ReplicationState -eq "Disabled")} We now have a list of VM's that are Off/Not Running, Configured to turn on automatically, will run on this host if it was on however we still don't know if the VM was recently used. Using Get-ChildItem and Get-VMHardDiskDrive I can pull out the path to the first VHD on the VM (which will always be the boot disk) and check the last write time. However note, that this can take some time and I only want to do this for the Virtual Machines that we know are supposed to be on. This means we need to create an If statement to see IF results are returned then we'll check for the Last Write TIme. #Create variable containing all the Virtual Machines. $VirtualMachines = Get-VM | where {($_.State -in "Off","Saved" -and $_.AutomaticStartAction -ne "Nothing") -and ($_.Name -in (Get-VMReplication|?{$_.PrimaryServer -eq ([System.Net.Dns]::GetHostByName($env:computerName).HostName)}).VMName)} #Create If Statement and check if the variable is NULL if ($null -ne $VirtualMachines) { #Loop through the virtual machines and check last write time $VirtualMachines|foreach { #create the actual check for the last write time, follow along as we nest additional modules within the IF Check if ( (Get-ChildItem (Get-VMHardDiskDrive -VMName $_.Name -ControllerLocation 0).Path).LastWriteTime -gt (Get-Date).AddDays(-2) ) { #Start VM Start-VM $_ #Output Hostnames or VM Object $_ } #end If statement for last write time } #end Loop statement } # End If statement for Null variable, create else statement that no issues found. else {Write-Host "No issues detected."} The above script has been written in long hand with lots of comments to indicate what the script is doing. As you can see we're still sticking to the basics explained in previous examples of pulling information as we just overlay commands over with themselves to do more complex comparisons and matching. The above script will do everything we need, you can remove the Start-VM line and just have it echo out the results or you can remove the $_ line by itself to remove the output from occurring in the event the machines start successfully. Keep in mind about the Escape Characters, when using the above script in Automate Remote Monitor you will need it to be one line, and will need to call it in by executing the poewrshell interpreter directly. The full command to use in the remote monitor is as follows. %SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -command " & {$a = get-vm|? {($_.State -in \"Saved\",\"Off\" -and $_.AutomaticStartAction -ne \"Nothing\") -and ($_.ReplicationState -eq \"Disabled\" -or ($_.Name -in (Get-VMReplication|?{$_.PrimaryServer -eq ([System.Net.Dns]::GetHostByName($env:computerName).HostName)}).VMName))}; if ($a){$a|% {if ((gci (Get-VMHardDiskDrive -VMName $_.Name -ControllerLocation 0).Path).LastWriteTime -gt (Get-Date).AddDays(-2)){Start-VM $_} }}else {Write-Host \"No issues detected.\"} }" Using ";" to indicate line breaks to allow multi line scripts to be executed on a single line. Regarding the remote monitor itself you can set it to be State Based by following the below screenshot. The details of the state based conditions are covered more inside the video, and will not be covered in detail here. This post was just to cover the areas that I "rushed" through so that I could focus on Automate. Please hit me up if you have any questions.
  3. MGreen

    AV Dashboard Exclusions

    Gavin does this by creating his own fake Anti Virus detection and dumping those files on computers he wants excluded.... @Gavsto
  4. MGreen

    Department Field and Reporting

    HI Amin, You can add the field into a copy of the report if you add a datasource and bring the EDF tables in. If you have SQLYog access you can identify the exact name and field to select from the table and use that to add it into the report.
  5. We have a monitor for agent install date so we get alerted in old computers coming back and new computers being installed.
  6. The official connectwise fix is posted above by timbo. This fix is pushed to Patch 12 which is still in Pilot.
  7. MGreen

    Call local Automate agent to run Automate script

    It doesn't exist but honestly you can create a remote monitor to check for the condition of a file existing/registry entry (the monitor would fail when it does exist) that would auto fix your script to do whatever you want. You can even have the value of the entry be read in to use that as the identifier for which script should be called.... The auto fix script would clear that entry at the end of the run thus clearing the monitor state..
  8. MGreen

    Data Growth Monitoring

    Moving this post to a forum more suitable for this request
  9. MGreen

    Thycotic Secret Server Integration

    From a quick search on the forums, it looks like there was once integration that was basically useless and since then has died off.
  10. MGreen

    Web Control Center Missing Permissions?

    This is something that is well known by everyone and has been loudly advertised that the Automate Web App is still new and under constructions. I honestly thought your post was a prank when I first started reading it.
  11. MGreen

    Monitoring EDF Changes

    Hi Robert, This is the monitor i was talking about the identify field is as follows CONCAT('DBAgent: ',`DBAgentServerPatchVersion`,', ControlCenter: ',`ControlCenterPatchVersion`,', RemoteAgent: ',`RemoteAgentPatchVersion`,', WebServer: ',`WebServerPatchVersion`) AS VersionInfo @DarrenWhite99 can explain the exact logic behind it, but basically it detects any change, and then the next time it runs it assumes it as the correct result so the monitor flips back to success.
  12. Locationid will work without client id
  13. MGreen

    Auth Tab is SSH Putty Re-director?

    Can't you just make your own custom redirector for a later version of putty?
  14. Missing lots of things, the MSI requires parameters to be passed including the Automate server URL, Client ID, Location ID, server password etc. Check the docs for more information. https://docs.connectwise.com/ConnectWise_Automate/ConnectWise_Automate_Documentation/040/050 You need at minimum SERVERPASS, SERVERADDRESS, and LOCATION (at the very bottom of the doc). Most people will tell you that you should be using the LT Posh module to do this, built by @CTaylor and contributed by various other community members (but really I only know of @DarrenWhite99) https://github.com/LabtechConsulting/LabTech-Powershell-Module
  15. MGreen

    How to check "Agent OS Version" and Jump to Label

    Hey Brian, The idea you want to do is pretty simple; there are a few challenges here. 1. Get the data that you want to act on 2. Compare the data with a preset condition 3. Take action based on the result of that condition. I've mocked up a quick script that shows with comments how you would do that and pasted a screenshot here. I've left the hard work for you For the version checking I grabbed the version from the database and then used the Script String Find String function to find the specific version numbers im interested in picking out from the string (using https://docs.connectwise.com/ConnectWise_Automate/ConnectWise_Automate_Documentation/070/240/050/040/020/170 as a reference). There are hundreds of ways for you to grab this data, and you can use SQL to strip the numbers to what you're interested in and then compare it as a math equation instead of the very very sloppy way I'm doing it in this mock up. This is just an example I've also exported and attached a copy of the script I wrote up so you can look at the script functions and notes that I made more clearly. I hope this helps! Let us know if you need help with anything else, or come talk to us in slack Mock Script - Condition checking and jumping.xml
  16. MGreen

    Does enableFIPSPolicy fix still work?

    That's an interesting work around, and rings close to home for another issue I just finally resolved last night after several hours lol.
  17. MGreen

    Does enableFIPSPolicy fix still work?

    This is what I was talking about https://blogs.technet.microsoft.com/secguide/2014/04/07/why-were-not-recommending-fips-mode-anymore/, doesn't really tell you NOT to do it, but they're not telling you TO do it. Well written post.
  18. MGreen

    Applications - Last Executed

    Keep in mind Labtech can only do what Windows does outside of its own database. Since we aren't talking about applications launched through Labtech then the database isn't an option..... Sticking to windows you'll have the problem you're running into now - windows doesn't track last execute anywhere by default. Your best bet is probably auditing but you'll need to turn that on and keep the log history as well as work out a good search parameter for the security audit log (overall not very practical) See https://superuser.com/questions/346858/how-can-i-find-out-when-i-last-executed-a-particular-bat-file where it's heavily discussed.
  19. MGreen

    Monitoring EDF Changes

    Hi Robert, Darren has a monitor that looks for changes to a table (specifically it looks for changes to the installed version of Labtech and alerts via email when a Patch is installed.) if you can find it on here you can adjust it easily to look at an EDF state and then trigger a script/email on that... The monitor looks in a table and compares the value to itself (I think?) so it always succeeds until a time when it changes causing it to fail until the next monitor reset where it'll succeed again. I probably got it all wrong but Darren can correct me. 😁
  20. MGreen

    Does enableFIPSPolicy fix still work?

    Doesn't Microsoft tell you not to use FIPS mode because if the application doesn't follow specific .NET procedures then it won't do anything and you won't know that the application isn't FIPS compliant? I recall seeing that somewhere...
  21. Very nice will have to check this out when I get back to my desk!
  22. No problem, I specifically mapped out steps like that because the most popular question we get is "I have this monitor doing xyz and its not running the script blah blah/making a ticket/sending an email". My steps outlined the basic process that gets followed broken down so for troubleshooting just keep it in mind and work step by step to see where an issue is
  23. MGreen

    Custom S.M.A.R.T. monitor

    So the v_smartattributes isn't a table but a view which is basically a custom sql query created to gather data from multiple tables and saved into a view permanently so you don't have to keep running the same query again and again to pull the informatino you want to see. This view has the DriveID which identifies the specific drives talked about, in this case you can use something like AND (v_smartattributes.attributeid <> 195 AND v_smartattributes.driveID IN (Select DriveID from Drives where SSD=1)) So your entire block would be v_smartattributes.Threshold > 0 AND ((Computers.Flags & 2048) <> 2048) AND (computers.os NOT LIKE 'Mac OS X%' AND computers.os NOT LIKE 'Linux%') AND v_smartattributes.attributeid <> 190 AND (v_smartattributes.attributeid <> 195 AND v_smartattributes.driveID IN (Select DriveID from Drives where SSD=1)) AND Computers.LastContact > DATE_ADD(NOW(),INTERVAL -15 MINUTE) or something like that. This is all without testing but gives you an idea of what you can do, and there are definitely "better" ways of doing this as well as I'm definitely not a master of SQL
  24. MGreen

    Router address

    Wow I'm on a roll lol. Fixed.
×