Script Monitoring

Script Monitoring

In Offsite Disaster Backups, I outlined three methods I use to move backup data to a backup machine with removable hard drives.  Essentially, this backup system replaced our tapes almost entirely.  The one thing that I didn’t like about it was the way that each of the systems to be backed up were being logged.  I used three methods: NTBackup, Robocopy, and Veeam.

  • The native NTBackup utility copied all of the log files to a directory and rotated the log file names.  This was difficult to manage in its native form so I compiled a workaround script to copy the log files over to the backup media.  The trouble with this workaround is that I had to manually go and clear the logs off the backup drive.  This is not a significant problem but it is a hassle.
  • The Robocopy scripts with the /MIR switch are pretty straightforward.  The log file path can be determined in the script which I usually put alongside the mirrored file structure on the backup disk.
  • Veeam e-mails me when it is done copying to the media.  The script also logs to a file and sends e-mails to me saying that a backup is commencing and when it’s finished.

The real concern I have is coordinating all of these events and reading entire separate and individual log files scattered around the disk.  Should something go wrong, how would I know without looking at the logs?  Research HO!

Read the rest of this entry »


Shoretel Events to SysLog

In my last post I described how to configure windows events to syslog using a free application called SyslogAgent. When I showed Ben he thought it was really cool.  After I had shown him how it was done, we sat there and watched people log in and out of their computers in real-time and kept renewing out IP addresses to check out the delay of the service.  It was awesome.

“Hey, can we syslog the Shoretel?  There’s a CDR text file in the c: drive somewhere…”  Ben asked.

CDR or Call Detail Reporting is a logging service that runs on the Shoreware Director. It logs all calls that seize an outbound circuit to this file.  Because it is a file running on Windows, we should be able to port this file to syslog similar to the way I did it with the DHCP event logs in my prior post. Read the rest of this entry »

Windows Events to Syslog

The Problem

My Syslog server is up and running. We now have all our network devices and Linux/Unix like servers sending their events to the Dude’s Syslog server. But what about Microsoft Windows Servers? Microsoft’s products do not have native support for Syslog.

Up to this point I have gone through the event logs manually.  I’ve considered using Hyena, an application that I’ve used in the past to monitor windows hosts’ logs but I want to do this for free.  Besides, the only systems that I am monitoring right now are the servers and VM’s in the computer room.  I’d like to start monitoring all of my client PCs as well.  It would be better if I can kill all these birds with one stone. Read the rest of this entry »