LeeSartorelli
LeeSartorelli
/ Get-LastReboot.ps1
Last active
April 27, 2017 00:48
This function gets the last boot up time of one or more computers from WMI.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Get-LastReboot{ | |
| <# | |
| .SYNOPSIS | |
| Get last reboot time. | |
| .DESCRIPTION | |
| This function gets the last boot up time of a computer from WMI. It can accept both pipeline input and parameter input. | |
| .PARAMETER $ComputerName | |
| Required. Name of the Computer to return data for. | |
| .EXAMPLE | |
| Get-LastReboot -ComputerName localhost |
LeeSartorelli
/ Reset-Time.ps1
Last active
November 20, 2017 22:22
This script is designed to be used in a command channel triggered by the Time Skew Monitor (https://social.technet.microsoft.com/Forums/en-US/66e30eab-5cee-491a-bd2e-1f9ffefac8b3/time-skew-monitoring?forum=operationsmanagergeneral). Sets time of remote server to the PDC time, recalculates time skew and resets monitor health if time skew is below…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .Synopsis | |
| Sets time of remote server to the PDC time, recalculates time skew and resets monitor health if time skew is below threshold. | |
| .DESCRIPTION | |
| This script is designed to be used in a command channel triggered by the Time Skew Monitor (https://social.technet.microsoft.com/Forums/en-US/66e30eab-5cee-491a-bd2e-1f9ffefac8b3/time-skew-monitoring?forum=operationsmanagergeneral). The monitor detects if the time on a server is more than 10 seconds out from the PDC. This script attempts to set the time on the server to the PDC time. | |
| It then recalculates the time skew, and resets the monitor health if the time skew is now under 10 seconds. | |
| .NOTES | |
| The SCOM notification account will require permissions to run a remote powershell session on the target server. This can be configured without giving the account administrator rights: | |
| PowerShell v4: https://4sysops.com/archives/powershell-remoting-without-administrator-rights/ |
LeeSartorelli
/ Update-CustomField.ps1
Created
November 7, 2017 20:53
This script is designed to be run as a scheduled task. It gets all recent SCOM alerts, finds the Management Pack display name of the rule or monitor that triggered the alert, and assigns this value to CustomField1. The Custom Field can then be used to create alert views or subscriptions based on Management Pack.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .Synopsis | |
| Adds Management Pack display name to CustomField1 of SCOM alerts. | |
| .DESCRIPTION | |
| This script is designed to be run as a scheduled task every 5 minutes. It gets all SCOM alerts raised in the past 6 minutes, finds the Management Pack display name of the rule or monitor that triggered the alert, | |
| and assigns this value to CustomField1. The Custom Field can then be used to create alert views or subscriptions based on Management Pack. | |
| .NOTES | |
| Created by Lee Sartorelli 08/11/2017 | |
| The time overlap (run every 5 minutes, but get alerts from the past 6 minutes) is designed to ensure alerts aren't missed. | |
| #> |
LeeSartorelli
/ Reset-LogicalDiskHealth.ps1
Created
December 3, 2017 19:44
Reset health of Disk space alerts that have changed state from Warning to Critical.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .Synopsis | |
| Reset health of Disk space alerts that have changed state from Warning to Critical. | |
| .DESCRIPTION | |
| This script is designed to be run as a scheduled task. It gets Logical Disk Free Low alerts that are critical and have a repeat count (indicating they have changed from warning to critical state), and resets the health of the monitor. | |
| This causes a new critical alert to be raised, which will trigger the notification subscription. | |
| .NOTES | |
| Created by Lee Sartorelli 19/04/2016 | |
| #> |
LeeSartorelli
/ Install-MSIRemotely.ps1
Created
May 31, 2018 03:56
Installs an MSI remotely on multiple computers.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Install software | |
| .DESCRIPTION | |
| This script installs software on a list of servers, using powershell remoting. It requires an .msi installer. | |
| The script loops through each server from the list. The target file will be copied and installed using msiexec (silently). EVERY action will be recorded in a file specified after /L switch. | |
| Then the script verifies that the application is installed and is the correct version | |
| .NOTES | |
| Author: Lee Sartorelli | |
| Created: 31/5/2018 |
LeeSartorelli
/ CheckIntegrity.py
Created
February 17, 2019 20:03
This script gets a list of the indexes with data integrity enabled, and runs the Splunk check-integrity command on each index. It is designed to run as a Splunk scripted input.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python -u | |
| # This script gets a list of the indexes with data integrity enabled, and runs the Splunk check-integrity command on each index. | |
| # It is designed to run as a Splunk scripted input. | |
| # Created by Lee Murray 18/2/2019 | |
| import urllib, httplib2, netrc, os, subprocess | |
| from xml.dom import minidom | |
| baseurl = 'https://localhost:8089' |
LeeSartorelli
/ SplunkSearch.py
Last active
February 17, 2019 21:54
This function runs a Splunk search, and can be added to any python script that requires input from a Splunk search.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # function that accepts a Splunk URL and Splunk search query, and returns the search results | |
| # requires Splunk credentials to be stored in a .netrc file in the user's home directory | |
| # adapted from https://docs.splunk.com/Documentation/Splunk/7.2.4/RESTTUT/RESTsearches) | |
| # Note this won't work for searches with over 50,000 results - https://www.splunk.com/blog/2013/09/15/exporting-large-results-sets-to-csv.html | |
| import urllib, httplib2, netrc | |
| from xml.dom import minidom | |
| baseurl = 'https://localhost:8089' | |
| searchQuery = 'ENTER SEARCH QUERY HERE' |
LeeSartorelli
/ SCOMHealthCheck.ps1
Created
February 3, 2020 02:24
Comprehensive SCOM health report that can be run daily
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| SCOM daily health check report | |
| .DESCRIPTION | |
| Runs a number of powershell commands and one SQL script to provide a comprehensive SCOM health report. Only outputs items that require attention. | |
| .NOTES | |
| Author: Lee Murray | |
| Created: 24/1/2020 | |
| SQL powershell module required | |
| This script is intended to be run from a management server as a scheduled task |