Archive for September, 2010

VisualBasic Script check_msmq.wsf

Project Objective:
Create a Nagios addon to be run with NRPE/NSClient++ that checks the Microsoft Message Queue for “stuck” messages.

Problem to be solved:
Increased monitoring of Microsoft Message Queue. Get notified when messages are not leaving message queue.

'***********************************************************************
' "check_msmq.wsf"
'
' Written by Aaron Wurthmann (aaron (AT) wurthmann (DOT) com)
'
' If you edit please keep my name as an original author and
' keep me apprised of the changes, see email address above.
' This code may not be used for commercial purposes.
' You the executor,runner,user accept all liability.
' This code comes with ABSOLUTELY NO WARRANTY.
' You may redistribute copies of the code under the terms of the GPL v2.
' -----------------------------------------------------------------------
' 2010.09.26 ver 1.0
' Checks number of messages in the Microsoft Message Queue. If warning or
' critical thresholds are reached number of messages are outputted.
'************************************************************************

<job>
<runtime>
  <description>

check_msmq (nrpe_nt-plugin) 1.0
This nrpe_nt plugin come with ABSOLUTELY NO WARRANTY. You may redistribute
copies of the plugins under the terms of the GNU General Public License.

  </description>
    <named
      name="h"
      helpstring="Help"
      type="simple"
      required="false"
    />
  />

  <example>

  You do not need a string for this plugin.

 Checks number of messages in the Microsoft Message Queue. If warning or
 critical thresholds are reached number of messages are outputted.

  Usage: command [check_msmq]
  c:Windowssystem32cscript.exe //NoLogo //T:10 check_msmq.wsf

  </example>

</runtime>

<script language="VBScript">

'*******************************************************************
' Help
'*******************************************************************
If Wscript.Arguments.Named.Exists("h") Then
      Wscript.Echo "Plugin help screen:"
      Wscript.Arguments.ShowUsage()
      Wscript.Quit(3)
End If

'*******************************************************************
' Main
'*******************************************************************
Dim objLocator
Dim objServices
Dim colItems
Dim colServiceList
Dim objExchService
Dim SumMessages
Dim intWarning
Dim intCritical
Dim objItem
Dim intResult
Dim strResult
Dim strComputer
Dim strServiceName

SumMessages = 0

strComputer = "."
strServiceName = "MSMQ"

intWarning = 100000
intCritical = 200000

On Error Resume Next
Set objLocator = CreateObject("WbemScripting.SWbemLocator")
Set objServices = objLocator.ConnectServer(strComputer, "Root/CimV2")

Set colServiceList = objServices.ExecQuery("Select * From Win32_Service Where Name='" & strServiceName & "'")

If (Err.Number = 0) And IsObject(colServiceList) Then
    If colServiceList.Count > 0 Then

        '
        Set colItems = objServices.ExecQuery("Select * From Win32_PerfRawData_MSMQ_MSMQQueue where MessagesInQueue > 1")
        For Each objItem in colItems
            SumMessages = SumMessages + objItem.MessagesInQueue
        Next
        If IsEmpty(SumMessages) Then
            strResult = "WARNING ALERT! Message Queue UNAVAILABLE"
            intResult = 1
        ElseIf SumMessages > intCritical Then
            strResult = "CRITICAL ALERT! Number of messages in queue: " & SumMessages
            intResult = 2
        ElseIf SumMessages > intWarning Then
            strResult = "WARNING ALERT! Number of messages in queue: " & SumMessages
            intResult = 1
        ElseIf SumMessages < intWarning Then
            strResult = "No Alert. Number of messages in queue: " & SumMessages
            intResult = 0
        End If
    Else
        strResult = "No Alert. System is not a MSMQ server."
        intResult = 0
    End If
End If

Select case intResult
  Case 0 wscript.echo strResult
         wscript.quit(0)
  Case 1 wscript.echo strResult
         wscript.quit(1)
  Case 2 wscript.echo strResult
         wscript.quit(2)
end select

VisualBasic Script check_exch_mq.wsf

PLEASE NOTE:
This script has been replaced with a PowerShell version that works with Exchange 2003 as well as Exchange 2010.
http://irl33t.com/blog/2011/08/powershell-script-watch-exchange-queues.ps1

Project Objective:
Create a Nagios addon to be run with NRPE/NSClient++ that checks the Exchange 2003 message queue for “stuck” messages.

Problem to be solved:
Increased monitoring of Exchange 2003 server. Get notified when messages are not leaving message queue.

'***********************************************************************
' "check_exch_mq.wsf"
'
' Written by Aaron Wurthmann (aaron (AT) wurthmann (DOT) com)
'
' If you edit please keep my name as an original author and
' keep me apprised of the changes, see email address above.
' This code may not be used for commercial purposes.
' You the executor,runner,user accept all liability.
' This code comes with ABSOLUTELY NO WARRANTY.
' You may redistribute copies of the code under the terms of the GPL v2.
' -----------------------------------------------------------------------
' 2010.09.26 ver 1.0
' Checks number of messages in Exchange message queue. If warning or
' critical thresholds are reached number of messages are outputted.
'************************************************************************

<job>
<runtime>
  <description>

check_exch_mq (nrpe_nt-plugin) 1.0
This nrpe_nt plugin come with ABSOLUTELY NO WARRANTY. You may redistribute
copies of the plugins under the terms of the GNU General Public License.

  </description>
    <named
      name="h"
      helpstring="Help"
      type="simple"
      required="false"
    />
  />

  <example>

  You do not need a string for this plugin.

 Checks number of messages in Exchange message queue. If warning or
 critical thresholds are reached number of messages are outputted.

  Usage: command [check_exch_mq]
  c:Windowssystem32cscript.exe //NoLogo //T:10 check_exch_mq.wsf

  </example>

</runtime>

<script language="VBScript">

'*******************************************************************
' Help
'*******************************************************************
If Wscript.Arguments.Named.Exists("h") Then
      Wscript.Echo "Plugin help screen:"
      Wscript.Arguments.ShowUsage()
      Wscript.Quit(3)
End If

'*******************************************************************
' Main
'*******************************************************************
Dim objLocator
Dim objServices
Dim colItems
Dim colServiceList
Dim objExchService
Dim SumMessages
Dim intWarning
Dim intCritical
Dim objItem
Dim intResult
Dim strResult
Dim strComputer
Dim strServiceName

SumMessages = 0

strComputer = "."
strServiceName = "MSExchangeSA"

intWarning = 10
intCritical = 20

On Error Resume Next
Set objLocator = CreateObject("WbemScripting.SWbemLocator")
Set objServices = objLocator.ConnectServer(strComputer, "Root/CimV2")

Set colServiceList = objServices.ExecQuery("Select * From Win32_Service Where Name='" & strServiceName & "'")

If (Err.Number = 0) And IsObject(colServiceList) Then
    If colServiceList.Count > 0 Then

        Set objExchService = objLocator.ConnectServer (strComputer, "rootcimv2ApplicationsExchange")
        Set colItems = objExchService.ExecQuery("SELECT * FROM ExchangeQueue",,48)
        For Each objItem in colItems
            SumMessages = SumMessages + objItem.NumberOfMessages
        Next
        If IsEmpty(SumMessages) Then
            strResult = "WARNING ALERT! Message Queue UNAVAILABLE"
            intResult = 1
        ElseIf SumMessages > intCritical Then
            strResult = "CRITICAL ALERT! Number of messages in queue: " & SumMessages
            intResult = 2
        ElseIf SumMessages > intWarning Then
            strResult = "WARNING ALERT! Number of messages in queue: " & SumMessages
            intResult = 1
        ElseIf SumMessages < intWarning Then
            strResult = "No Alert. Number of messages in queue: " & SumMessages
            intResult = 0
        End If
    Else
        strResult = "No Alert. System is not an Exchange server."
        intResult = 0
    End If
End If

Select case intResult
  Case 0 wscript.echo strResult
         wscript.quit(0)
  Case 1 wscript.echo strResult
         wscript.quit(1)
  Case 2 wscript.echo strResult
         wscript.quit(2)
end select

PowerShell Script Get-Quova-Ipinfo.ps1

Project Objective:
More or less this is a proof of concept script to show how easy it can be to query Quova’s IP info data. The script takes a parameter (an IPv4 address) and returns all known information on that IP address’ user including the city, where available.

Future Versions:
I may re-add a Get-NSlookup function I took out which converts hostnames to IP addresses (duh!). I removed it for this version so that I could make error handling simpler. See notes below, it appears that the simple error handling I was going for has a problem that I should address first.

Mandatory Requirements:
Requires Get-Hash from the PowerShell Community Extensions http://pscx.codeplex.com/
Requires system to have correct time. There are no time zone restrictions. Script uses UTC.
Requires API Key and Shared Secret from Quova’s developer program. http://developer.quova.com
As of this post, September 15th 2010, Quova gives you 1k queries a day and 2 queries per second for free.

Syntax:
Get-Quova-Ipinfo.ps1 <IPv4 ADDRESS>
Example:
Get-Quova-Ipinfo.ps1 64.41.241.254

Notes:
The default output of this script is verbose, you may want to comment out fields you don’t care to see. The error “No data is available for IP” is also given if api.quova.com isn’t reachable. For example you aren’t on the interweb. To fix that I’m going to have to add some real error handling in the next version.

# Get-Quova-Ipinfo.ps1
#
# Written by Aaron Wurthmann (aaron <AT> wurthmann <DOT> com)
#
# If you edit please keep my name as an original author and
# keep me apprised of the changes, see email address above.
# This code may not be used for commercial purposes.
# You the executor,runner,user accept all liability.
# This code comes with ABSOLUTELY NO WARRANTY.
# You may redistribute copies of the code under the terms of the GPL v2.
# -----------------------------------------------------------------------
# Prerequisites:
# Written for PowerShell v2
# Requires Get-Hash from the PowerShell Community Extensions
#    http://http://pscx.codeplex.com/
# Requires system to have correct time.
#    There are no time zone restrictions. Script uses UTC.
# Requires API Key and Shared Secret from Quova's developer program.
#    http://developer.quova.com
#    As of this post, September 15th 2010, Quova gives you 1k queries a day
#    and 2 queries per second for free.
#
# -----------------------------------------------------------------------
# 2010.09.15 ver 1.1
#
# Summary:
# This script can be used as is to gather geographic information on a
# provided IP address, or this script could be incorporated into a webpage
# that uses the geographic information, be it for ads, custom content,
# fraud, or other uses.
#
# Syntax:
#     Get-Quova-Ipinfo.ps1 <IPv4 ADDRESS>
# Example:
#     Get-Quova-Ipinfo.ps1 64.41.241.254
#
# Notes:
# In order to display the majority of the fields a given IP address has
# I opted for writing them all out to standard out. However I also wanted
# to show of the feature I find more interesting which is the exact location
# IF the exact location is available. Please edit as you see fit.
# I also opted for some mild error checking inline opposed to up front.
#************************************************************************

Param([string]$ip = '64.41.241.254')

# Edit Varibles Here, enter your API key and shared secret
$apikey = 'YOUR_API_KEY_HERE'
$secret = 'YOUR_SHARED_SECRET_HERE'
# End Editable Varibles Section

$service = 'http://api.quova.com/'
$version  = 'v1/'
$method = 'ipinfo/'

Function Check-IP {
    $IPAddress=$null
    $chkipresult=[System.Net.IPAddress]::tryparse($ip,[ref]$IPAddress) -and $ip -eq $IPaddress.tostring()
    return $chkipresult
}

Function Get-Sig {
    [int]$epochtime = Get-Date -date (Get-Date).ToUniversalTime()-uformat %s
    [string]$timestamp = $epochtime
    [string]$string=$apikey+$secret+$timestamp
    [string]$hash=$string | Get-Hash -StringEncoding ascii
    [string]$hashresult=$hash.ToLower()
    return $hashresult
}

$isIP=Check-IP
If ($isIP -eq $true) {
    $sig=Get-Sig
    If ($sig.Length -eq 32) {
        [string]$url=$service+$version+$method+$ip+'?apikey='+$apikey+'&sig='+$sig
        $ErrorActionPreference='SilentlyContinue'
        $content = (new-object System.Net.WebClient).DownloadString($url)
        write-host ''
        if ($content) {
            #$content
            $xml = New-Object xml
            $xml.Loadxml($content)
            $ipinfo=$xml.ipinfo
            $ip_address = $ipinfo.ip_address
            $ip_type = $ipinfo.ip_type
            $network = $ipinfo.network
            $domain = $ipinfo.network.domain
            $location = $ipinfo.location
            $countrydata = $ipinfo.location.countrydata
            $country = $ipinfo.location.countrydata.country
            $statedata = $ipinfo.location.statedata
            $state = $ipinfo.location.statedata.state
            $citydata = $ipinfo.location.citydata
            $city = $ipinfo.location.citydata.city

            write-host 'ip_address : '$ip_address
            write-host 'ip_type    : '$ip_type
            if ($ip_type -ne 'Reserved') {
                $network
                $domain
                $location
                $countrydata
                $citydata
                $statedata
                if ($city) {
                    $specificlocation = $city +', ' +$state +', ' +$country
                }
                Else {
                    if ($state) {
                        $specificlocation = $state +', ' +$country
                    }
                    Else {
                        $specificlocation = $country
                    }
                }
                $specificlocation
            }
        }
        Else {
            write-host 'No data is availible for:' $ip
        }
    }
    Else {
        write-host 'ERROR: Invalid signature length.'
    }
}
Else {
    write-host 'ERROR:' $ip 'is not a valid IPv4 address.'
}