PS Script to monitor services and notify in case of failure
We have a couple of clients who have these janky services that always seem to be having problems. I put this together over the weekend as my first powershell effort. I am certain there is a more elegant way of doing things. What do you guys think?
############################################## # # #Powershell Monitoring Services # # # written by some guy # # and # # his kool-aid # # # # ############################################### $file = "C:\services.txt" # set file parameter from list of monitored services $names = Get-Content $file # set names parameter, feeds names into command Get-Service $names | Where-Object {$_.status -eq "stopped"} | Format-List | Out-file C:\powershell\psmonerrors.txt # Checking for dead services $keyswitch = Get-ItemProperty -path C:\powershell\psmonerrors.txt -name "length" ####Below is email params $emailfrom = "<alert address>" $emailto= "<recipient address>" $subject = "SERVICES STOPPED MESSAGE" $body = Get-Content C:\powershell\psmonerrors.txt $smtpserver = "<server address>" $smtp = New-Object net.Mail.SmtpClient($smtpserver) #If anything is dead, it extends the file length and triggers the email. if ($keyswitch.length -gt 2) {$smtp.send($emailfrom, $emailto, $subject, $body)} Get-Service $names | Where-Object {$_.status -eq "stopped"} | Start-Service #Attempts to restart the service
__________________________________________
Work In Progress: BSCI, Sharepoint
Work In Progress: BSCI, Sharepoint
Comments
-
aordal Member Posts: 372I'm not up to snuff on PS ... yet. But I do know this is open source if you want to get your hands dirty with a little linux.
http://www.nagios.org/
There's walkthroughs telling you every step to do. No need to be a nix guru to get this running. -
JDMurray Admin Posts: 13,089 AdminDo your clients already have PS installed on your machines, or are you requiring that it be installed as part of your maintenance? PS is a great hacking tool, and it's presence on a Windows machine makes the machine more vulnerable should it be compromised.
-
royal Member Posts: 3,352 ■■■■□□□□□□JDMurray wrote:PS is a great hacking tool, and it's presence on a Windows machine makes the machine more vulnerable should it be compromised.
True, but that's a little extreme. Any software installed on a system makes it more vulnerable. Doesn't mean we should install software on machines. PS is the future and it's pretty secure out of the box as it doesn't let you run remote code. Besides, if your systems get compromised, you have a lot more things to worry about than someone running a PowerShell command.“For success, attitude is equally as important as ability.” - Harry F. Banks -
cnfuzzd Member Posts: 208JDMurray wrote:Do your clients already have PS installed on your machines, or are you requiring that it be installed as part of your maintenance? PS is a great hacking tool, and it's presence on a Windows machine makes the machine more vulnerable should it be compromised.
That makes sense. PS would only be installed on servers that only we touch, and if these servers get compromised, we have much bigger issues. I think I would be comfortable relying on our other security measures, but I am certainly willing to be persuaded otherwise.
John__________________________________________
Work In Progress: BSCI, Sharepoint -
JDMurray Admin Posts: 13,089 Adminroyal wrote:True, but that's a little extreme. Any software installed on a system makes it more vulnerable. Doesn't mean we should install software on machines.
-
royal Member Posts: 3,352 ■■■■□□□□□□JDMurray wrote:royal wrote:True, but that's a little extreme. Any software installed on a system makes it more vulnerable. Doesn't mean we should install software on machines.
Guess everybody in the world who installs Windows 7 and Server 2008 R2 is screwed then eh? And I understand you're big into security. I like security too. But not to the point where I feel like I'm wearing a tinfoil hat. Granted we should take precautions while installing any type of software, not installing PS because it may be used to exploit your system is a bit extreme as I mentioned in a previous post. With that type of logic in regards to Powershell, everybody should be removing regedit, Vbscript, dnscmd, Ad Management Tools.
Again, I understand your logic. And my "opinion" on your "opinion" is that your "opinion" on installing PowerShell is extreme.JDMurray wrote:While I'm on your, machine I won't be playing Solitaire.
I prefer minesweeper as well.“For success, attitude is equally as important as ability.” - Harry F. Banks -
aordal Member Posts: 372JDMurray wrote:Very few software programs do what PS does. If an intruder gains admin access to any machine they will immediately looks for any useful tools that are already installed. As a possible intruder, PS is one of the tools I most highly prize as being useful for my malicious intent. While I'm on your, machine I won't be playing Solitaire.
He'll be stealing your megahurtz. -
JDMurray Admin Posts: 13,089 AdminMy point is that only the minimum necessary admin tools should be installed on any machine, and an admin tool shouldn't be requirement if it's only to have non-critical scripts run. A little prudence and due diligence now can potentially save a lot of grief later.
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□JDMurray wrote:royal wrote:True, but that's a little extreme. Any software installed on a system makes it more vulnerable. Doesn't mean we should install software on machines.
Like Royal said, if you have admin access, it's game over anyway. It would be trivial to install it or any other administrative tools. Does PS actually increase a systems attack surface in any way?
There's always a trade-off between usability and security. Not having admin tools conveniently accessible may result in concessions being made elsewhere which could result in a significantly less secure environment. -
Pash Member Posts: 1,600 ■■■■■□□□□□powershell. It's reduced tons of my vbscripts to just a few lines in many cases, rock on.DevOps Engineer and Security Champion. https://blog.pash.by - I am trying to find my writing style, so please bear with me.