JRSmile Posted October 2, 2007 Share Posted October 2, 2007 Hi folks, i have some kind of logger implemented to nagios which runs on our servers, it recognizes a system shutdown and then reads the eventlog and sends it to nagios. here is the code: expandcollapse popup#include <http.au3> #include <date.au3> #include <A3LEventLog.au3> Global $already_run_once = 0 #NoTrayIcon GUICreate("ShutDownNotificationGui") GUIRegisterMsg(0x0011, "OnShutdown") While 1 Sleep(10) WEnd Func OnShutdown($hWndGUI, $MsgID, $WParam, $LParam) If ($LParam = 0) and ($already_run_once = 0) Then Local $aEvent[15] $reason = "No Eventlog entry for a reboot could be found, maybe Windows 2000 Server?" $hEventLog = _EventLog_Open ("", "System") For $i = 1 To 25 $aEvent = _EventLog_Read ($hEventLog, True, False) If $aEvent[ 6] <> 1074 Or $aEvent[10] <> "USER32" Then ContinueLoop $reason = $aEvent[13] ExitLoop Next _EventLog_Close ($hEventLog) $query = "" $query &= "cmd_typ=55" $query &= "&cmd_mod=2" $query &= "&host=" & StringReplace(StringUpper(@ComputerName), "_", "-") $query &= "&com_author=Host-Notification" $query &= "&com_data=" & StringReplace($reason, @CRLF, " ") $query &= "&trigger=0" $start_time = nag_date(_NowCalc()) $end_time = nag_date(_DateAdd("n", 5, _NowCalc())) $query &= "&start_time=" & $start_time $query &= "&end_time=" & $end_time $query &= "&fixed=0" $query &= "&hours=0" $query &= "&minutes=5" $query &= "&childoptions=0" $query &= "&btnSubmit=Commit" $host = "nl00-nagios" $page = "/nagios/cgi-bin/cmd.cgi" $vars = _HTTPEncodeString ($query) ConsoleWrite(@CRLF & @CRLF & "Example POST Request:" & @CRLF) $socket = _HTTPConnect ($host) ConsoleWrite("Socket Created: " & $socket & @CRLF) $get = _HTTPPost ($host, $page, $socket, $vars) ConsoleWrite("Bytes sent: " & $get & @CRLF) $recv = _HTTPRead ($socket, 1) If @error Then ConsoleWrite("_HTTPRead Error: " & @error & @CRLF) ConsoleWrite("_HTTPRead Return Value: " & $recv & @CRLF) Else ConsoleWrite("HTTP Return Code: " & $recv[0] & @CRLF) ConsoleWrite("HTTP Return Response: " & $recv[1] & @CRLF) ConsoleWrite("Number of headers: " & UBound($recv[3]) & @CRLF) ConsoleWrite("Size of data downloaded: " & StringLen($recv[4]) & " bytes" & @CRLF) ConsoleWrite("Page downloaded: " & @CRLF & $recv[4] & @CRLF) EndIf _HTTPClose ($socket) $already_run_once = 1 EndIf Return EndFunc ;==>OnShutdown Func nag_date($date) Local $asDatePart, $iTimePart _DateTimeSplit($date, $asDatePart, $iTimePart) Return $asDatePart[3] & "-" & $asDatePart[2] & "-" & $asDatePart[1] & " " & $iTimePart[1] & ":" & $iTimePart[2] & ":" & $iTimePart[3] EndFunc ;==>nag_date there is only one little problem left, if i want to shutdown or reboot now problen, but if i want to log off it seems that the event isn't forwarded to all applications. does anybody have a solution, would accept even other shutdown recognition methods. regards, J. $a=StringSplit("547275737420796F757220546563686E6F6C75737421","") For $b=1 To UBound($a)+(-1*-1*-1)step(2^4/8);&$b+=1*2/40*µ&Asc(4) Assign("c",Eval("c")&Chr(Dec($a[$b]&$a[$b+1])));''Chr("a")&"HI" Next ;time_U&r34d,ths,U-may=get$the&c.l.u.e;b3st-regards,JRSmile; MsgBox(0x000000,"",Eval("c"));PiEs:d0nt+*b3.s4d.4ft3r.1st-try:-) Link to comment Share on other sites More sharing options...
arcker Posted October 2, 2007 Share Posted October 2, 2007 when you say "send it to nagios" you mean to to NSCA agent ? -- Arck System _ Soon -- Ideas make everything "La critique est facile, l'art est difficile" Projects :[list] [*]Au3Service : Run your exe as service V3 / Updated 29/07/2013 Get it Here [/list] Link to comment Share on other sites More sharing options...
JRSmile Posted October 2, 2007 Author Share Posted October 2, 2007 when you say "send it to nagios" you mean to to NSCA agent ?nope, directly to the cmd.cgi file on the nagios server which transforms it to a downtime event entry. $a=StringSplit("547275737420796F757220546563686E6F6C75737421","") For $b=1 To UBound($a)+(-1*-1*-1)step(2^4/8);&$b+=1*2/40*µ&Asc(4) Assign("c",Eval("c")&Chr(Dec($a[$b]&$a[$b+1])));''Chr("a")&"HI" Next ;time_U&r34d,ths,U-may=get$the&c.l.u.e;b3st-regards,JRSmile; MsgBox(0x000000,"",Eval("c"));PiEs:d0nt+*b3.s4d.4ft3r.1st-try:-) Link to comment Share on other sites More sharing options...
lordofthestrings Posted October 3, 2007 Share Posted October 3, 2007 an easy way to detect if you're logged in or not is to check for the existence of the process explorer.exe. if you're not logged in, explorer will be gone.. if you want to logg off windows, you could use native XP (and 2K3) command "shutdown -l -t 0" next if you want to run this script, you need to run it as a system service instead of as a user process.. if you run it as a user process, the process gets killed when you logg off, and you don't want that.. the easiest way to run things (scripts) as system service is to schedule them using taskscheduler. to schedule tasks via script use the (at /?) command.. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now