5 Replies Latest reply on Oct 23, 2019 8:03 AM by sturdyerde

    Powershell monitor

    jpaluch

      Hello,

       

      I'm having issue with a simple script to monitor expiration of certificates on our NPS servers.

       

      I wrote a simple script:

       

      $certident=(Get-ItemProperty -Path Registry::HKEY_LOCAL_MACHINE\Software\Microsoft\AzureMFA).CLIENT_CERT_IDENTIFIER

      Set-Location cert:\LocalMachine\My

      $certs=(Get-ChildItem | ? Subject -eq $certident).Thumbprint

       

       

      $date=get-date

      $date_30=$date.AddDays(30)

       

       

      foreach ($cert in $certs) {

      $expiration=(Get-Item cert:\LocalMachine\My\$cert).NotAfter

      if ($date_30 -ge $expiration) {

      $stat1=0

      }

      else {

      $stat1=1

      }

      }

       

      if ($stat1 -eq 0) {

      $mon_result = "Expiring"

      }

      else {

      $mon_result = "Valid"

      }

       

       

      Write-Host "Statistic.Name1: $stat1";

      Write-Host "Message.Name1: Monitoring result: $mon_result"

       

      Whenever I run a test in SolarWinds I get the following error:

       

       

      I have verified that $stat1 is of Int32 type so there shouldn't be any problem with Not being A Number. I'm pretty sure that I'm missing something simple but it's Friday and I'm probably not thinking straight.

       

      Maybe someone will be able to point me where I'm making the mistake.

        • Re: Powershell monitor
          sturdyerde

          It all looks good. Try dropping $stat1 outside your write-host string. Also, have you done any debugging to confirm that the stat variable is always either a 0 or a 1?

           

          jpaluch  wrote:

           

          Write-Host "Statistic.Name1: $stat1";

          Write-Host "Message.Name1: Monitoring result: $mon_result"

          Changed to:

           

          Write-Host "Statistic.Name1: "$stat1

          Write-Host "Message.Name1: Monitoring result: $mon_result"

          1 of 1 people found this helpful
            • Re: Powershell monitor
              jpaluch

              Thanks for the reply.

               

              I tried debugging and $stat1 is always 1 or 0. When I run the script on server directly then output is displayed properly. The issue only happens when it's run in SolarWinds script editor.

              I also tried declaring $stat1 before foreach and whenever I do that it looks like SolarWinds is skiping/not processing the if statement (when I set it to 1 then it always returns 1, etc.):

               

                • Re: Powershell monitor
                  sturdyerde

                  I don't see any problems with your script. That leaves me with one or two theories about the script editor not actually running this [properly] against the remote machine specified in your test.

                   

                  It could be that the script editor is (for some reason) running the code locally and not finding a certificate thumbprint in the HKLM\Software\Microsoft\AzureMFA registry key on your Orion server. That would result in an empty array of $certs, an empty foreach loop, and the if statement never being evaluated.

                   

                  Try adding $certident to your message output line:

                  Write-Host "Message.Name1: Monitoring result: $mon_result. Thumbprint is $certident."

                  1 of 1 people found this helpful