Options
PS Script to monitor services and notify in case of failure
We have a couple of clients who have these janky services that always seem to be having problems. I put this together over the weekend as my first powershell effort. I am certain there is a more elegant way of doing things. What do you guys think?
##############################################
#
#
#Powershell Monitoring Services
#
#
# written by some guy
#
# and
#
# his kool-aid
#
#
#
#
###############################################
$file = "C:\services.txt" # set file parameter from list of monitored services
$names = Get-Content $file # set names parameter, feeds names into command
Get-Service $names | Where-Object {$_.status -eq "stopped"} | Format-List | Out-file C:\powershell\psmonerrors.txt # Checking for dead services
$keyswitch = Get-ItemProperty -path C:\powershell\psmonerrors.txt -name "length"
####Below is email params
$emailfrom = "<alert address>"
$emailto= "<recipient address>"
$subject = "SERVICES STOPPED MESSAGE"
$body = Get-Content C:\powershell\psmonerrors.txt
$smtpserver = "<server address>"
$smtp = New-Object net.Mail.SmtpClient($smtpserver)
#If anything is dead, it extends the file length and triggers the email.
if ($keyswitch.length -gt 2) {$smtp.send($emailfrom, $emailto, $subject, $body)}
Get-Service $names | Where-Object {$_.status -eq "stopped"} | Start-Service #Attempts to restart the service
__________________________________________
Work In Progress: BSCI, Sharepoint
Work In Progress: BSCI, Sharepoint
Comments
-
Options
aordal
Member Posts: 372
I'm not up to snuff on PS ... yet. But I do know this is open source if you want to get your hands dirty with a little linux.
http://www.nagios.org/
There's walkthroughs telling you every step to do. No need to be a nix guru to get this running. -
Options
JDMurray
Admin Posts: 13,031 Admin
Do your clients already have PS installed on your machines, or are you requiring that it be installed as part of your maintenance? PS is a great hacking tool, and it's presence on a Windows machine makes the machine more vulnerable should it be compromised.
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray -
Options
royal
Member Posts: 3,352 ■■■■□□□□□□
JDMurray wrote:PS is a great hacking tool, and it's presence on a Windows machine makes the machine more vulnerable should it be compromised.
True, but that's a little extreme. Any software installed on a system makes it more vulnerable. Doesn't mean we should install software on machines. PS is the future and it's pretty secure out of the box as it doesn't let you run remote code. Besides, if your systems get compromised, you have a lot more things to worry about than someone running a PowerShell command.
“For success, attitude is equally as important as ability.” - Harry F. Banks -
Optionscnfuzzd
Member Posts: 208
JDMurray wrote:Do your clients already have PS installed on your machines, or are you requiring that it be installed as part of your maintenance? PS is a great hacking tool, and it's presence on a Windows machine makes the machine more vulnerable should it be compromised.
That makes sense. PS would only be installed on servers that only we touch, and if these servers get compromised, we have much bigger issues. I think I would be comfortable relying on our other security measures, but I am certainly willing to be persuaded otherwise.
John__________________________________________
Work In Progress: BSCI, Sharepoint -
OptionsJDMurray
Admin Posts: 13,031 Admin
Very few software programs do what PS does. If an intruder gains admin access to any machine they will immediately looks for any useful tools that are already installed. As a possible intruder, PS is one of the tools I most highly prize as being useful for my malicious intent. While I'm on your, machine I won't be playing Solitaire.royal wrote:True, but that's a little extreme. Any software installed on a system makes it more vulnerable. Doesn't mean we should install software on machines.
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray -
Optionsroyal
Member Posts: 3,352 ■■■■□□□□□□
JDMurray wrote:
Very few software programs do what PS does. If an intruder gains admin access to any machine they will immediately looks for any useful tools that are already installed. As a possible intruder, PS is one of the tools I most highly prize as being useful for my malicious intent. While I'm on your, machine I won't be playing Solitaire.royal wrote:True, but that's a little extreme. Any software installed on a system makes it more vulnerable. Doesn't mean we should install software on machines.
Guess everybody in the world who installs Windows 7 and Server 2008 R2 is screwed then eh?
And I understand you're big into security. I like security too. But not to the point where I feel like I'm wearing a tinfoil hat. Granted we should take precautions while installing any type of software, not installing PS because it may be used to exploit your system is a bit extreme as I mentioned in a previous post. With that type of logic in regards to Powershell, everybody should be removing regedit, Vbscript, dnscmd, Ad Management Tools.
Again, I understand your logic. And my "opinion" on your "opinion" is that your "opinion" on installing PowerShell is extreme.JDMurray wrote:While I'm on your, machine I won't be playing Solitaire.
I prefer minesweeper as well.“For success, attitude is equally as important as ability.” - Harry F. Banks -
Optionsaordal
Member Posts: 372
JDMurray wrote:Very few software programs do what PS does. If an intruder gains admin access to any machine they will immediately looks for any useful tools that are already installed. As a possible intruder, PS is one of the tools I most highly prize as being useful for my malicious intent. While I'm on your, machine I won't be playing Solitaire.
He'll be stealing your megahurtz. -
OptionsJDMurray
Admin Posts: 13,031 Admin
My point is that only the minimum necessary admin tools should be installed on any machine, and an admin tool shouldn't be requirement if it's only to have non-critical scripts run. A little prudence and due diligence now can potentially save a lot of grief later.
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray -
Options
dynamik
Banned Posts: 12,312 ■■■■■■■■■□
JDMurray wrote:
Very few software programs do what PS does. If an intruder gains admin access to any machine they will immediately looks for any useful tools that are already installed. As a possible intruder, PS is one of the tools I most highly prize as being useful for my malicious intent. While I'm on your, machine I won't be playing Solitaire.royal wrote:True, but that's a little extreme. Any software installed on a system makes it more vulnerable. Doesn't mean we should install software on machines.
Like Royal said, if you have admin access, it's game over anyway. It would be trivial to install it or any other administrative tools. Does PS actually increase a systems attack surface in any way?
There's always a trade-off between usability and security. Not having admin tools conveniently accessible may result in concessions being made elsewhere which could result in a significantly less secure environment. -
Options
Pash
Member Posts: 1,600 ■■■■■□□□□□
powershell. It's reduced tons of my vbscripts to just a few lines in many cases, rock on. DevOps Engineer and Security Champion. https://blog.pash.by - I am trying to find my writing style, so please bear with me.
