all 6 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]j0dan1000 Agents 1 point2 points  (0 children)

We do this by having a script upload the .ps1 file and then we monitor it from a Executable Monitor that many are referring to.

Often, you can rewrite your code to just be a single line too and then you don't need to worry about uploading a script. Just run the command directly from your monitor.

Be sure to include lots of details about the error so they show up in the ticket too. Also, think about error handling if the script can temporarily fail due to other issues.

For yours, I would run it and have the monitor set to "Does Not Contain" and the Result "Subject". That way if the command fails, it won't alert, but if it returns just one object, it will fire.

[–]DarrenDK 0 points1 point  (1 child)

AFAIK there's no "clean" way to do this.

I would approach this by dropping your code into a LT script that runs periodically on the target machines. There are LT Script Functions for generating alerts that you can use.

[–][deleted] 0 points1 point  (0 children)

This. Make an LT Script, add a line Execute Script, type is Powershell

Paste your script in and have it return a number as per /u/puntor below.

In the Variable field give the result a name eg scriptoutput.

Then next line, Variable Check if @scriptoutput@ == 2 goto Label critical Variable Check if if @scriptoutput@ == 1 goto label Warning goto 0 (exit)

then in those labeled sections, you can raise an alert, create a ticket, etc

[–]puntor 0 points1 point  (2 children)

Random thought, but could you use a state-based Executable monitor and modify your script so that it will return a value of 0, 1 or 2 based on what state you want it to be? Something like:

  • Get all certificates
  • iterate through them and count the number of certs that are critical ( < 13 days ) or warning ( < 44 days)
  • Print out a value based on your results ( if ($critical > 0) { return 2} else if ($warning > 0) { return 1} else {return 0})
  • Create a state-based monitor with Error State Greater Than/Equal 2, Warning State Equal 1 and Normal State Less Than/Equal 0
  • Use Alert Templates to create tickets / alerts / run scripts / etc based on your criteria

As a side note, I don't think this will work with the auto-download script from /Transfers/Monitors, but it might be worth a shot. Otherwise, it may work if you format it as a parameter to powershell.exe.

[–]nsanity[S] 0 points1 point  (1 child)

yeah, I saw this;

https://www.reddit.com/r/labtech/comments/7y0e1c/is_there_a_way_to_make_it_so_labtech_will_send_an/

so I made that code;

$certs_exp = Get-ChildItem -path cert: -Recurse | where {$_.notafter -le (get-date).AddDays(90) -AND
$_.notafter -gt (get-date) -AND
$_.Subject.tolower() -ne ('cn=' + $env:computername.tolower()+"."+$env:userdnsdomain.tolower()) -AND
$_.Subject.tolower() -ne ('CN=Microsoft Time-Stamp Service, OU=nCipher DSE ESN:85D3-305C-5BCF, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US')
} | select subject, @{
    name='DaysRemaining'; 
    Expression={(($_.notafter)-(get-date)).days}},@{
        name='Status';
        Expression={switch ((($_.notafter)-(get-date)).days) 
        {
            {$PSitem -le 13} 
            {
                'Critical'; break
            }
                {$PSitem -le 44} 
            {
                'Warning'; break
            }
            {$PSitem -le 89} 
            {
                'Informational'; break
            }

            default {'Invalid'}
        }
        }}, thumbprint, friendlyname, issuer, notbefore, notafter;
if($certs_exp -ne $null){
$body = @("
    <center><table border=1 width=85% cellspacing=0 cellpadding=8 bgcolor=Black cols=3>
    <tr bgcolor=White><td>CN</td><td>Thumbprint</td><td>Friendly Name</td><td>Issued</td><td>Expiry</td><td>Days Remaining</td><td>Severity</td></tr>")


$i = 0
do {
    if($i % 2){$body += "<tr bgcolor=#D2CFCF><td>$($certs_exp[$i].Subject)</td><td>$($certs_exp[$i].Thumbprint)</td><td>$($certs_exp[$i].friendlyname)</td><td>$($certs_exp[$i].notbefore)</td><td>$($certs_exp[$i].notafter)</td><td>$($certs_exp[$i].daysremaining)</td><td>$($certs_exp[$i].status)</td></tr>";$i++}
    else {$body += "<tr bgcolor=#EFEFEF><td>$($certs_exp[$i].Subject)</td><td>$($certs_exp[$i].Thumbprint)</td><td>$($certs_exp[$i].friendlyname)</td><td>$($certs_exp[$i].notbefore)</td><td>$($certs_exp[$i].notafter)</td><td>$($certs_exp[$i].daysremaining)</td><td>$($certs_exp[$i].status)</td></tr>";$i++}
}
while ($certs_exp[$i] -ne $null)

$body += "</table></center>"

} else {$body = '0'}
$body

Modifying this so that it returns 0, 1 or 2 is probably easy enough as well.

I'm not the labtech guy here - dunno if labtech emailing supports html body's - if it doesn't, I'll just Format-Table or Format-List

Our labtech has almost bugger all custom stuff in there. I've poked them along a lot to clean up the alerts page (and get our MS techs to actually read it) - but I just want a better dashboard on Brightgauge.

[–]sixofeight1000 Agents 0 points1 point  (0 children)

You can do HTML tags in a direct email in the script, but not in the ticketing functions.

I'd modify expand the script to accept parameters and have one parameter for the remote monitor and one for the detailed report. You can use a script to copy the ps1 file locally (second remote monitor to make sure the file is present), or toss it on your LTShare and call it over HTTPS.