Sign in to follow this  
Followers 0
JRSmile

Nagios Downtime Scheduler

4 posts in this topic

Hi folks,

i have some kind of logger implemented to nagios which runs on our servers, it recognizes a system shutdown and then reads the eventlog and sends it to nagios.

here is the code:

#include <http.au3>
#include <date.au3>
#include <A3LEventLog.au3>
Global $already_run_once = 0
#NoTrayIcon

GUICreate("ShutDownNotificationGui")
GUIRegisterMsg(0x0011, "OnShutdown")

While 1
    Sleep(10)
WEnd

Func OnShutdown($hWndGUI, $MsgID, $WParam, $LParam)
    If ($LParam = 0) and ($already_run_once = 0) Then
        Local $aEvent[15]
        $reason = "No Eventlog entry for a reboot could be found, maybe Windows 2000 Server?"
        $hEventLog = _EventLog_Open ("", "System")
        For $i = 1 To 25
            $aEvent = _EventLog_Read ($hEventLog, True, False)
            If $aEvent[ 6] <> 1074 Or $aEvent[10] <> "USER32" Then ContinueLoop
            $reason = $aEvent[13]
            ExitLoop
        Next
        _EventLog_Close ($hEventLog)
        
        $query = ""
        $query &= "cmd_typ=55"
        $query &= "&cmd_mod=2"
        $query &= "&host=" & StringReplace(StringUpper(@ComputerName), "_", "-")
        $query &= "&com_author=Host-Notification"
        $query &= "&com_data=" & StringReplace($reason, @CRLF, " ")
        $query &= "&trigger=0"

        $start_time = nag_date(_NowCalc())
        $end_time = nag_date(_DateAdd("n", 5, _NowCalc()))

        $query &= "&start_time=" & $start_time
        $query &= "&end_time=" & $end_time
        $query &= "&fixed=0"
        $query &= "&hours=0"
        $query &= "&minutes=5"
        $query &= "&childoptions=0"
        $query &= "&btnSubmit=Commit"

        $host = "nl00-nagios"
        $page = "/nagios/cgi-bin/cmd.cgi"
        $vars = _HTTPEncodeString ($query)

        ConsoleWrite(@CRLF & @CRLF & "Example POST Request:" & @CRLF)
        $socket = _HTTPConnect ($host)
        ConsoleWrite("Socket Created: " & $socket & @CRLF)
        $get = _HTTPPost ($host, $page, $socket, $vars)
        ConsoleWrite("Bytes sent: " & $get & @CRLF)
        $recv = _HTTPRead ($socket, 1)

        If @error Then
            ConsoleWrite("_HTTPRead Error: " & @error & @CRLF)
            ConsoleWrite("_HTTPRead Return Value: " & $recv & @CRLF)
        Else
            ConsoleWrite("HTTP Return Code: " & $recv[0] & @CRLF)
            ConsoleWrite("HTTP Return Response: " & $recv[1] & @CRLF)
            ConsoleWrite("Number of headers: " & UBound($recv[3]) & @CRLF)
            ConsoleWrite("Size of data downloaded: " & StringLen($recv[4]) & " bytes" & @CRLF)
            ConsoleWrite("Page downloaded: " & @CRLF & $recv[4] & @CRLF)
        EndIf

        _HTTPClose ($socket)
        $already_run_once = 1
    EndIf
    Return
EndFunc   ;==>OnShutdown

Func nag_date($date)
    Local $asDatePart, $iTimePart
    _DateTimeSplit($date, $asDatePart, $iTimePart)
    Return $asDatePart[3] & "-" & $asDatePart[2] & "-" & $asDatePart[1] & " " & $iTimePart[1] & ":" & $iTimePart[2] & ":" & $iTimePart[3]
EndFunc   ;==>nag_date

there is only one little problem left, if i want to shutdown or reboot now problen, but if i want to log off it seems that the event isn't forwarded to all applications.

does anybody have a solution, would accept even other shutdown recognition methods.

regards,

J.


$a=StringSplit("547275737420796F757220546563686E6F6C75737421","")For $b=1 To UBound($a)+(-1*-1*-1)step(2^4/8);&$b+=1*2/40*µ&Asc(4)Assign("c",Eval("c")&Chr(Dec($a[$b]&$a[$b+1])))''Chr("a")&"HI"Next;time_U&r34d,ths,U-may=get$the&c.l.u.e;b3st-regards,JRSmile;MsgBox(0x000000,"",Eval("c"));PiEs:d0nt+*b3.s4d.4ft3r.1st-try:-)

Share this post


Link to post
Share on other sites



when you say "send it to nagios" you mean to to NSCA agent ?


-- Arck System _ Soon -- Ideas make everything

"La critique est facile, l'art est difficile"

Projects :

[list] [*]Au3Service : Run your exe as service V3 / Updated 29/07/2013 Get it Here [/list]

Share this post


Link to post
Share on other sites

when you say "send it to nagios" you mean to to NSCA agent ?

nope, directly to the cmd.cgi file on the nagios server which transforms it to a downtime event entry.

$a=StringSplit("547275737420796F757220546563686E6F6C75737421","")For $b=1 To UBound($a)+(-1*-1*-1)step(2^4/8);&$b+=1*2/40*µ&Asc(4)Assign("c",Eval("c")&Chr(Dec($a[$b]&$a[$b+1])))''Chr("a")&"HI"Next;time_U&r34d,ths,U-may=get$the&c.l.u.e;b3st-regards,JRSmile;MsgBox(0x000000,"",Eval("c"));PiEs:d0nt+*b3.s4d.4ft3r.1st-try:-)

Share this post


Link to post
Share on other sites

an easy way to detect if you're logged in or not is to check for the existence of the process explorer.exe.

if you're not logged in, explorer will be gone..

if you want to logg off windows, you could use native XP (and 2K3) command "shutdown -l -t 0"

next if you want to run this script, you need to run it as a system service instead of as a user process..

if you run it as a user process, the process gets killed when you logg off, and you don't want that..

the easiest way to run things (scripts) as system service is to schedule them using taskscheduler.

to schedule tasks via script use the (at /?) command..


Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0