Labtech and MySQL to Monitor Exchange Backpressure

So, we decided we needed to monitor Exchange servers for Backpressure so we can be more proactive in preventing problems.

I wrote a script in Labtech to monitor the event log for incidents that indicate potential issues.  Check out the SQL concat!  The logic checks for existing tickets, either creates a ticket, makes a note on an existing ticket or closes the ticket it if the situation no longer exists.  I didn’t include putting time into the ticket, but that would be fairly easy as well.

See the script export below:

Resend EventLogs
SET:  @[email protected] = SQLRESULT[SELECT Concat(eventlogs.TimeGen, ” “, eventlogs.Message) As dEvent FROM eventlogs WHERE eventlogs.`Message` like ‘%resource pressure increased from Medium to High%’ AND (timegen > DATE_SUB(NOW(), INTERVAL 1 HOUR)) AND ComputerID=%computerid% LIMIT 1]
IF  @[email protected]  Contains  High  THEN  Jump to :Alert
SET:  @[email protected] = SELECT COUNT(v_tickets.`TicketID`) FROM v_tickets WHERE v_tickets.`Subject` = ‘%locationname% / %computername% / Exchange Backpressure Detected’ ‘
SET:  @[email protected] = SQLRESULT[SELECT COUNT(v_tickets.`TicketID`) FROM v_tickets WHERE v_tickets.`Subject` = ‘%locationname% / %computername% / Exchange Backpressure Detected’]
IF  @[email protected]  >=  1  THEN  Jump to :ProcessTicket
GOTO :END
:Alert – Label
Note: Backpressure! – need to create a ticket!
:CheckTicket – Label
SET:  @[email protected] = SELECT COUNT(v_tickets.`TicketID`) FROM v_tickets WHERE v_tickets.`Subject` = ‘%locationname% / %computername% / Exchange Backpressure Detected’ ‘
SET:  @[email protected] = SQLRESULT[SELECT COUNT(v_tickets.`TicketID`) FROM v_tickets WHERE v_tickets.`Subject` = ‘%locationname% / %computername% / Exchange Backpressure Detected’]
IF  @[email protected]  >=  1  THEN  Jump to :UpdateTicket
:CreateTicket – Label
LOG:  Exchange Backpressure High! Creating Ticket
Create New Ticket for %clientid%\%computerid% Email:%ContactEmail% Subject:%locationname% / %computername% / Exchange Backpressure Detected
SET:  @[email protected] = SQLRESULT[SELECT v_tickets.`TicketID` FROM v_tickets WHERE v_tickets.`Subject` = ‘%locationname% / %computername% / Exchange Backpressure Detected’]
Send Email To:[email protected] Subject:Exchange Backpressure – %clientname% – %computername%
GOTO :END
:UpdateTicket – Label
SET:  @[email protected] = SQLRESULT[SELECT v_tickets.`TicketID` FROM v_tickets WHERE v_tickets.`Subject` = ‘%locationname% / %computername% / Exchange Backpressure Detected’]
LOG:  Exchange Backpressure High! updating Ticket
Comment Ticket @[email protected] to Admin
GOTO :END
:ProcessTicket – Label
Note: If the Ticket exists then Finish it.
SET:  @[email protected] = SQLRESULT[SELECT v_tickets.`TicketID` FROM v_tickets WHERE v_tickets.`Subject` = ‘%locationname% / %computername% / Exchange Backpressure Detected’]
IF  @[email protected]  =  0  THEN  Exit Script
IF [SQL SELECT COUNT(ticketid) FROM tickets WHERE [email protected]@]  <  1  THEN  Exit Script
IF @[email protected] Ticket Status equals Resolved  THEN  Jump to :ClearMonitorTicketID
RUN SCRIPT:  _System Automation\Functions\Load Properties – Ticketing*
Finish Ticket @[email protected] to @[email protected]
:ClearMonitorTicketID – Label
SET:  @[email protected] = 0
SET:  [STATE @[email protected]]  =  @[email protected]  for computer @[email protected]
:EndProcessTicket – Label
:END – Label

 

Whats so good about Labtech?

Labtech.  RMM tool.  (Remote Monitoring and Management).

What is so great about it?  Well, once you learn it… once you understand it… you can do anything you want with it.

Like what?  Well, you have your normal RMM things like keep track of the computers on the network, what OS, what programs, keeping up with Microsoft patching, installing software, removing software, etc.  Then you have the monitoring – you can monitor just about anything you can think of from registry entries (including installed programs), event logs, pretty much anything you can find in a readable file on the computer, you can monitor and trigger alerts or even emails and text messages on those events.

Then you have scripting.  Some of the things I can accomplish with scripting:

Extract the backup status of a computer from the logs of the backup program and send an email if there is a failure.

Read a file version, compare to an internet site and send an alert if the two are different or off by more than two, etc.

Launch a series of powershell scripts to configure a new windows server, with variables put in when starting the script in Labtech.

With a little creativity, anything you can do via command line or powershell, can be done remotely, in the background, with Labtech.

Yes, that is very cool.