Skip to content

Instantly share code, notes, and snippets.

LeeSartorelli

Block or report user

Report or block LeeSartorelli

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@LeeSartorelli
LeeSartorelli / SplunkSearch.py
Last active Feb 17, 2019
This function runs a Splunk search, and can be added to any python script that requires input from a Splunk search.
View SplunkSearch.py
# function that accepts a Splunk URL and Splunk search query, and returns the search results
# requires Splunk credentials to be stored in a .netrc file in the user's home directory
# adapted from https://docs.splunk.com/Documentation/Splunk/7.2.4/RESTTUT/RESTsearches)
# Note this won't work for searches with over 50,000 results - https://www.splunk.com/blog/2013/09/15/exporting-large-results-sets-to-csv.html
import urllib, httplib2, netrc
from xml.dom import minidom
baseurl = 'https://localhost:8089'
searchQuery = 'ENTER SEARCH QUERY HERE'
@LeeSartorelli
LeeSartorelli / CheckIntegrity.py
Created Feb 17, 2019
This script gets a list of the indexes with data integrity enabled, and runs the Splunk check-integrity command on each index. It is designed to run as a Splunk scripted input.
View CheckIntegrity.py
#!/usr/bin/python -u
# This script gets a list of the indexes with data integrity enabled, and runs the Splunk check-integrity command on each index.
# It is designed to run as a Splunk scripted input.
# Created by Lee Murray 18/2/2019
import urllib, httplib2, netrc, os, subprocess
from xml.dom import minidom
baseurl = 'https://localhost:8089'
@LeeSartorelli
LeeSartorelli / Install-MSIRemotely.ps1
Created May 31, 2018
Installs an MSI remotely on multiple computers.
View Install-MSIRemotely.ps1
<#
.SYNOPSIS
Install software
.DESCRIPTION
This script installs software on a list of servers, using powershell remoting. It requires an .msi installer.
The script loops through each server from the list. The target file will be copied and installed using msiexec (silently). EVERY action will be recorded in a file specified after /L switch.
Then the script verifies that the application is installed and is the correct version
.NOTES
Author: Lee Sartorelli
Created: 31/5/2018
@LeeSartorelli
LeeSartorelli / Reset-LogicalDiskHealth.ps1
Created Dec 3, 2017
Reset health of Disk space alerts that have changed state from Warning to Critical.
View Reset-LogicalDiskHealth.ps1
<#
.Synopsis
Reset health of Disk space alerts that have changed state from Warning to Critical.
.DESCRIPTION
This script is designed to be run as a scheduled task. It gets Logical Disk Free Low alerts that are critical and have a repeat count (indicating they have changed from warning to critical state), and resets the health of the monitor.
This causes a new critical alert to be raised, which will trigger the notification subscription.
.NOTES
Created by Lee Sartorelli 19/04/2016
#>
@LeeSartorelli
LeeSartorelli / Update-CustomField.ps1
Created Nov 7, 2017
This script is designed to be run as a scheduled task. It gets all recent SCOM alerts, finds the Management Pack display name of the rule or monitor that triggered the alert, and assigns this value to CustomField1. The Custom Field can then be used to create alert views or subscriptions based on Management Pack.
View Update-CustomField.ps1
<#
.Synopsis
Adds Management Pack display name to CustomField1 of SCOM alerts.
.DESCRIPTION
This script is designed to be run as a scheduled task every 5 minutes. It gets all SCOM alerts raised in the past 6 minutes, finds the Management Pack display name of the rule or monitor that triggered the alert,
and assigns this value to CustomField1. The Custom Field can then be used to create alert views or subscriptions based on Management Pack.
.NOTES
Created by Lee Sartorelli 08/11/2017
The time overlap (run every 5 minutes, but get alerts from the past 6 minutes) is designed to ensure alerts aren't missed.
#>
@LeeSartorelli
LeeSartorelli / Reset-Time.ps1
Last active Nov 20, 2017
This script is designed to be used in a command channel triggered by the Time Skew Monitor (https://social.technet.microsoft.com/Forums/en-US/66e30eab-5cee-491a-bd2e-1f9ffefac8b3/time-skew-monitoring?forum=operationsmanagergeneral). Sets time of remote server to the PDC time, recalculates time skew and resets monitor health if time skew is below…
View Reset-Time.ps1
<#
.Synopsis
Sets time of remote server to the PDC time, recalculates time skew and resets monitor health if time skew is below threshold.
.DESCRIPTION
This script is designed to be used in a command channel triggered by the Time Skew Monitor (https://social.technet.microsoft.com/Forums/en-US/66e30eab-5cee-491a-bd2e-1f9ffefac8b3/time-skew-monitoring?forum=operationsmanagergeneral). The monitor detects if the time on a server is more than 10 seconds out from the PDC. This script attempts to set the time on the server to the PDC time.
It then recalculates the time skew, and resets the monitor health if the time skew is now under 10 seconds.
.NOTES
The SCOM notification account will require permissions to run a remote powershell session on the target server. This can be configured without giving the account administrator rights:
PowerShell v4: https://4sysops.com/archives/powershell-remoting-without-administrator-rights/
@LeeSartorelli
LeeSartorelli / Get-LastReboot.ps1
Last active Apr 27, 2017
This function gets the last boot up time of one or more computers from WMI.
View Get-LastReboot.ps1
Function Get-LastReboot{
<#
.SYNOPSIS
Get last reboot time.
.DESCRIPTION
This function gets the last boot up time of a computer from WMI. It can accept both pipeline input and parameter input.
.PARAMETER $ComputerName
Required. Name of the Computer to return data for.
.EXAMPLE
Get-LastReboot -ComputerName localhost
You can’t perform that action at this time.