• State Suggested Answer
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 36 subscribers
  • Views 570 views
  • Users 0 members are here
Options
Related

Monitoring and Alerting Specific Scheduled Task on multiple Windows Servers

itengineer

How can I perform Monitoring and Alerting Specific Scheduled Tasks on multiple Windows Servers?

The scheduled Task execution details can be queried using these:

Provider Name: Microsoft-Windows-TaskScheduler/Operational
Windows Event ID: 101
Type: Error

I wanted to monitor just specific Scheduled Tasks that are manually created by the users/admins but not the built-in ones.

Thank you.

  • 0

    you won't be able to monitor specific scheduled tasks with the built in windows scheduled task SAM template, it just monitors everything as I'm sure you're aware. But you can alert off specific tasks or exclude certain system created tasks. You could try testing an alert filter via task Author field.

    You listed a windows event ID, I'm not sure what event that represents but you could also setup a Windows Event Log monitor that scans for that event id combined with regex matching. 

  • 0

    If you want to monitor specific scheduled tasks, powershell SAM component would probably be your best bet.

    To filter, you would probably just swap out this:          "FALSE" {$SchTask = Get-ScheduledTask -ErrorAction Stop | Where-Object {$_.TaskName -notIn $Exclusions}}, to be an In instead of notIn.

    Then you could just provide a list of schtasks you want in the script argument line (comma seperated list)

    #Build Exclusion List
    If ([String]::IsNullOrWhiteSpace($Args) -eq $False) {
        $Exclusions = $Args
    }

#Retrieve Scheduled Tasks
    Try {
        Switch ([String]::IsNullOrEmpty($Exclusions)) {
            "TRUE" {$SchTask = Get-ScheduledTask -ErrorAction Stop}
            "FALSE" {$SchTask = Get-ScheduledTask -ErrorAction Stop | Where-Object {$_.TaskName -notIn $Exclusions}}
        }
        
    } Catch {
        Write-Host "Message:  Error running scheduled task $($Error[0].Exception)"
        Exit 1
    }

#Display State Count
    Write-Host "Statistic.StateReady:  $(($SchTask | Where-Object {$_.State -eq "Ready"} | Measure-Object).count)"
    Write-Host "Statistic.StateDisabled:  $(($SchTask | Where-Object {$_.State -eq "Disabled"} | Measure-Object).count)"
    Write-Host "Statistic.StateRunning:  $(($SchTask | Where-Object {$_.State -eq "Running"} | Measure-Object).Count)"

#Detect Failed Jobs
    $ActiveTasks = $Schtask | Where-Object {$_.State -eq "Ready" -or $_.State -eq "Running"}
    Try {
        $ActiveTasksInfo = $ActiveTasks | Get-ScheduledTaskInfo -ErrorAction Stop
    } Catch {
        Write-Host "Message:  Error running scheduled task info $($Error[0].Exception)"
        Exit 1
    }
#Results
    Write-Host "Statistic.ResultSuccess: $(($ActiveTasksInfo | Where-Object {$_.LastTaskResult -eq 0} | Measure-Object).Count)"
    Write-Host "Statistic.ResultError: $(($ActiveTasksInfo | Where-Object {($_.LastTaskResult) -ne 0 -and ($_.LastRunTime -gt (Get-Date).AddMonths(-1))} | Measure-Object).Count)"
    Write-Host "Message.ResultError: $(($ActiveTasksInfo | Where-Object {($_.LastTaskResult) -ne 0 -and ($_.LastRunTime -gt (Get-Date).AddMonths(-1))}).TaskName -Join ",")"
    Exit 0

  • 0 in reply to SteveK

    Thank you ,  ,
    When running the above PowerShell script you've shared above, I got this on the console:

    Statistic.StateReady: 223
    Statistic.StateDisabled: 44
    Statistic.StateRunning: 7
    Statistic.ResultSuccess: 135
    Statistic.ResultError: 22
    Message.ResultError: OneDrive Per-Machine Standalone Update Task,Start Collaboration Keyboard Process,HP Collaboration Keyboard Controller,VerifiedPublisherCertStoreCheck,BgTaskRegistrationMaintenanceTask,SynaMonApp,MicTray,SilentCleanup,Schedule created by enrollment client for automatically enrolling in MDM from AAD,FODCleanupTask,ProcessMemoryDiagnosticEvents,PrinterCleanupTask,
    SystemSoundsService,ThemesSyncedImageDownload,SynchronizeTime,Windows Defender Cache Maintenance,Windows Defender Cleanup,ResolutionHost,Windows Defender Scheduled Scan,Windows Defender Verification,Calibration Loader,CacheTask

  • 0 in reply to SteveK

    How to implement the PowerShell script to the Nodes that are already added to the SAM?

  • 0 in reply to weston.hood

     ,
    Thank you for the reply. Yes, that does make sense. How can I edit the existing rule or default template since a few hundreds of Nodes has been added already for basic monitoring such as Disk Capacity and Uptime.

  • 0 in reply to itengineer

    I would say you would want to review those items in the ResultError and either resolve the problems or exclude them from the monitor.  When you have the monitor added to the nodes, you could put a comma seperated list of the name into the script argument, and it would exclude them from the report.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 200,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification SolarWinds Lab Link Customer Portal
About THWACK SolarWinds Blog Federal & Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2021 SolarWinds Worldwide, LLC. All Rights Reserved.