Windows Server 2012R2 (Amazon EC2) Monitoring Solution + Salesforce REST API Integration

Performance Monitoring Solution Sending Alerts to CRM System via REST API (C++/PowerShell/WinForms/REST)

DESCRIPTION:
PowerShell scripts permanently registered as Windows services to monitor various activities and send alerts to Salesforce (Cloud CRM system).

DOCUMENTATION:

1. XML Settings File Creator Tool

XML_Settings_Creator1

Description: The PowerShell/WinForms tool is designed to create an XML file based on a user input.
The produced XML file contains settings which will be used by the monitoring services and the SalesForce REST API posting script.
The “Password”, “Security Token”, and “Consumer Secret” will be stored encrypted into the XML file.

Example:

<Password>76492d1116743f0423413b16050a5345MgB8AHoASAB2AHAAZgBRAFEAegBUAHkAUQBBADEAdgAzAEkAUgByAGkAdwB5AHcAPQA9AHwAMAAxAGQAZgA5AGUAZgBmAGQAYgBhADAANgAzADEAMQBlAGUAZgA2ADMAZQBjADUAOQA4AGEANABmADUANAA5AGMAYgA0AGEAYwBlADkAYQAyAGQAMwBiADcANABjADkAYgAwAGMAMwBiAGEAYwA3ADgAYwAzADEANABmAGEAYQA=</Password>

<SecurityToken>76492d1116743f0423413b16050a5345MgB8AEQAVwBiAEsAVwAzAEQAQQBVAHUARwBPADcAdQBEAFoAWgBHAFgAbABnAEEAPQA9AHwAZAAyADIAYgA3ADAAYgAxADAANAAwADUAYwA3ADgAYQA0ADMAZQBmADUAMgBkAGIANQA1ADYAYgBkAGEAMgA1ADUAMgA0ADkANwAzAGQAZgA5ADQAMAAwAGUAYwA0ADMANgA5AGEAZQBiAGEANQAxADIAMQA2AGQAYwA4AGQAMgA5ADgAZABiAGYAZAAyADgANQAxADUAOABkADUAYwA4AGMANQA5AGIANAA1AGUAZgA2ADgAOABkADYANwA4ADYAMQBkADgANABiAGYANgAwADIAZQAyADUAOABiADcANABhADUAZQA1ADQAMwA5AGYAMQBlAGMAOQA5ADgANgA0AA==</SecurityToken>

<ConsumerSecret>76492d1116743f0423413b16050a5345MgB8AHgANABLAFIAeAA4AHoAcAAxAE0AWABQAEIASABKAHgAQgBvAEoAQQBUAGcAPQA9AHwANAA2ADgAMABlAGUAOAA3ADUANgAwADkAMwBkAGIAZABmADQAYQAwADAAMAAyAGIAOQBlADkAYgBiADkAZQA3ADQAMQA0ADMANABkAGMAYwBlAGQANwA2AGIAMABhADAAMgA2AGEAYQA2ADMAZABlAGYAZgA1ADAAZgA4AGMAOABjADcAYQA3AGMANAA5AGMAZABiADYAYgAyAGMANAA1AGQAMgAwADMAMAAzADAAMwAzADMANgAyADMANwBhADYA</ConsumerSecret>

The encryption algorithm is hard-coded into the tool executable for maximum security.

2.    Performance Monitoring Services

PowerShell/C++ solution for real-time server performance monitoring and alerting.
Each monitoring tool consists of a PowerShell script which runs continuously as a Windows service. Each of these services create event logs based on parameters set in the Settings file.

2.1.    Services general notes

Services ensure the PowerShell monitoring scripts are constantly running even when the server is rebooted.
Available commands:
install  to install the service to Windows Service Controller
uninstall to uninstall the service. The opposite operation of above.
start to start the service. The service must have already been installed.
stop to stop the service.
restart to restart the service. If the service is not currently running, this command acts like start.
status to check the current status of the service. This command prints one line to the console. NonExistent to indicate the service is not currently installed, Started to indicate the service is currently running, and Stopped to indicate that the service is installed but not currently running.

Logging:
After successful start, each process will generate the following 3 log files:

Services_Logs

.wrapper.log – logs events related to the service (start, stop, restart, etc.)
.out.log – stores the PowerShell script output if such
.err.log – logs error events related with the PowerShell monitoring script

2.2.    MSMQMon

The MSMQMon is monitoring all local Microsoft Message Queuing queues until one of them reaches the threshold specified in the XML settings file. Then it will create an event log stating which exact queue (queue name) has reached the quota.

Event log Example (body)

<event>
<ServerName>WIN-1EQP3L29OVO</ServerName>
<Message>Message queue > 4</Message>
<MessageLong>QUEUE_LENGTH_THRESHOLD = 4 QUEUE_NAME = BLMM</MessageLong>
<Severity>WARNING</Severity>
<Type>WEBSERVICES</Type>
<StartTime>04-18-2016 52:20:28</StartTime>
</event>

Files:
MSMQMon.exe  – Service executable.
MSMQMon.exe.config – Configuration file that defines .NET 4.0 runtime support (Windows Server 2012) and offline service support.
MSMQMon.xml  – Configuration file that defines the service.
MSMQMon.ps1 – PowerShell monitoring script.

Schedule:
Performs the MSMQ message number check each 60 seconds
To alter this setting, edit MSMQMon.ps1 file, line 61:
Start-Sleep -Seconds 300

2.3.    CPUMon

The CPUMon is monitoring the CPU utilization. If the threshold specified in the XML settings file is met it will create an event log.

Event log Example (body)

<event>
<ServerName>WIN-1EQP3L29OVO</ServerName>
<Message>CPU Usage > 80%</Message>
<MessageLong>CUP_USAGE_THRESHOLD = 80</MessageLong>
<Severity>WARNING</Severity>
<Type>WEBSERVICES</Type>
<StartTime>04-18-2016 52:20:28</StartTime>
</event>

Files:
CPUMon.exe  – Service executable.
CPUMon.exe.config – Configuration file that defines .NET 4.0 runtime support (Windows Server 2012) and offline service support.
CPUMon.xml  – Configuration file that defines the service.
CPUMon.ps1 – PowerShell monitoring script.

Schedule:
If the CPU load reaches and exceed the threshold for 5 seconds, start monitoring for 30 min. period.
If the average CPU usage after 30 min. test is greater than the threshold write event log.
To alter this schedule, edit lines 50 and 53:
$TotalCpuUsage = (Get-Counter -Counter “\Processor(_Total)\% Processor Time” -SampleInterval 1 -MaxSamples 5 -ErrorAction Stop | select -ExpandProperty countersamples | select -ExpandProperty cookedvalue | Measure-Object -Average).average

$TotalCpuUsage = (Get-Counter -Counter “\Processor(_Total)\% Processor Time” -SampleInterval 30 -MaxSamples 60 -ErrorAction Stop | select -ExpandProperty countersamples | select -ExpandProperty cookedvalue | Measure-Object -Average).average

2.4.    WinwordCountMon

The WinwordCountMon is monitoring the number of running WINWORD.exe processes. If the number of running Winword.exe processes reaches the threshold specified in in the XML settings file writes event log.

Event log Example (body)

<event>
<ServerName>WIN-1EQP3L29OVO</ServerName>
<Message>WINWORD concurrent count > 10</Message>
<MessageLong>WINWORD_CONCURRENT_LIMIT = 10</MessageLong>
<Severity>WARNING</Severity>
<Type>WEBSERVICES</Type>
<StartTime>04-18-2016 52:20:28</StartTime>
</event>

Files:
WinwordCountMon.exe  – Service executable.
WinwordCountMon.exe.config – Configuration file that defines .NET 4.0 runtime support (Windows Server 2012) and offline service support.
WinwordCountMon.xml  – Configuration file that defines the service.
WinwordCountMon.ps1 – PowerShell monitoring script.

Schedule:
Perform the WINWORD count check each 30 seconds.
To alter this setting, edit WinwordCountMon.ps1 file, line 57:
Start-Sleep -Seconds 30

2.5.    WinwordTimeMon

The WinwordTimeMon is monitoring WINWORD.exe process time duration. If a single WINWORD process runs more than a time limit specified in in the XML settings file writes event log.

Event log Example (body)

<event>
<ServerName>WIN-1EQP3L29OVO</ServerName>
<Message>Single WINWORD process is running > 5 minutes</Message>
<MessageLong>WINWORD_DURATION_LIMIT = 5</MessageLong>
<Severity>WARNING</Severity>
<Type>WEBSERVICES</Type>
<StartTime>04-18-2016 52:20:28</StartTime>
</event>

Files:
WinwordTimeMon.exe  – Service executable.
WinwordTimeMon.exe.config – Configuration file that defines .NET 4.0 runtime support (Windows Server 2012) and offline service support.
WinwordTimeMon.xml  – Configuration file that defines the service.
WinwordTimeMon.ps1 – PowerShell monitoring script.

Schedule:
Performs the WINWORD processes check each 5 minutes.
To alter this setting, edit MSMQMon.ps1 file, line 57:
Start-Sleep -Seconds 300

3.    Deployment on Windows Server 2012R2

  • Copy over the script and executable files with the exact directory structure on the target machine.
    The Settings.xml file must be placed in “D:\Monitoring_Tools” folder in order to be accessible by the scripts.
  • Use the configuration file generator tool (Create-SettingsXML.exe) to set the threshold and REST settings.XML_Settings_Creator_Steps
  • Create custom Event log container and source.Under PowerShell console (run as administrator) navigate to “D:\Monitoring_Tools\Scripts” and execute the following command:
    .\New-EventLogContainer.ps1 -EventLogName BGBL -SourceName “Letter Monitor Service”Please refer to the script description under “Monitoring Tools Directory Structure” section.
  • Install and start the monitoring services
    Once the settings.xml file is generated, install and start the monitoring services.
    Each folder under “D:\Monitoring_Tools\Services” contains executable which is used to manage the respective service.
    All services need to be loaded into the Windows Service Controller (installed).Example of CpuMon installation:
    From CMD (run as administrator) navigate to the service folder and execute:cpu_mon_console

    If you want to start the service and initiate the monitoring:cpu_mon_console_start
    Under the services in Windows Task Manager, you will see now that the process is loaded and running:Task_ManagerTo stop the CpuMon service you can use the Services console, or CMD:cpu_mon_console_stop
    Once a certain threshold is reached, an event log will be created and automatically send to  the CRM system via REST API.

    CPU_eventlog

facebooktwittergoogle_plus

Leave a Reply

Your email address will not be published. Required fields are marked *