Monitoring your network with Powershell
Author: Peter Van Eeckhoutte
Add this post to Your Favorite Posts | Print This Post
| 
This page as PDF
(0 votes, average: 0.00 out of 5)You need to be a registered member to rate this post.
Loading ...I have written a small powershell script that will help you to monitor various hosts on your network. Instead of using ping to see if a host is alive, this script will connect to tcp ports, so you can also monitor hosts behind firewalls (or hosts that cannot be pinged). In addition to this, you can also test that a port is closed (and report that this is ok if that is what you want); and only report a problem when the port is found open (instead of closed)
The script can be downloaded from the link at the bottom of this post.
This is how it works
1. Download the script, unzip it, and put it in a folder on a machine that
- has Powershell installed
- has access to the hosts you want to monitor
2. Create a text file in the same folder, containing the hosts you want to monitor. You can only put one entry per line. This is the syntax :
host:port:status (which can be ‘open’ or ‘closed’)
so suppose you want to monitor a host called www.myserver.com and verify that port 80 is open, add a line that says
www.myserver.com:80:open
If you want to monitor port 22 of host server1.mydomain.com, which should be closed by default, add a line that says
server1.mydomain.com:22:closed
Note : You can group certain servers by adding a group title between square brackets.
Example :
[internal servers]
www.myserver.com:80:open
dns.mydomain.com:53:open
host1.mydomain.com:139:open
server1.mydomain.com:22:closed
[external servers]
www.mycompany.com:80:open
3. Create a file called smtp.cfg and with the following entries (and replace the text surrounded by <> with your own settings)
smtpserver=<ip address of your smtp server>
smtpserverport=25
from=<email address>
to=<emailaddress1,emailaddress2,>
subject=[%hostname%] Port Monitor report (%events% event(s)) - %timestamp%
reportmode=2
alertmode=1
(all of the settings are mandatory)
As you can see, you can use 3 variables in the Subject field. (and of course, you are free to build your own subject field.)
Both “reportmode” and “alertmode” have 2 possible values :
reportmode=1 means : only show alert entries in the report
reportmode=2 means : show all entries in the report
alertmode=1 means : only send a report when something is wrong
alertmode=2 means : always send the report
How to use the script
You should have 3 files : the powershell script, the smtp.cfg file, and the file that contains the host entries.
From a powershell command line, launch the script, and use the filename of the “host entries” file as parameter. The script will assume that smtp.cfg is in the local path.
Let’s say the hosts file is called hosts.txt and contains the following entries :
smtp.cfg is configured to send reports with all entries, to peter.ve@telenet.be and peter.ve@corelan.be, but only when there is something wrong (so alertmode = 1, reportmode = 2)
Launch the script :
c:\scripts> '.\pve_portmonitor.ps1' hosts.txt
---------------------------------
pve_portmonitor.ps1
Written by Peter Van Eeckhoutte
http://www.corelan.be:8800
---------------------------------
[+] Reading input file
- Connecting to host www.corelan.be to verify that port tcp 8800 is open
Result : port is open
- Connecting to host freetools.corelan.be to verify that port tcp 80 is open
Result : port is open
- Connecting to host ftp.microsoft.com to verify that port tcp 21 is open
Result : port is open
- Connecting to host fw03.corelan.be to verify that port tcp 8888 is closed
Result : port is closed
[+] Writing report to report.html
|
The report is written to html, but no email is sent (because there are no unexpected results)
When you set alertmode to 2, an email will be sent every time
[+] Sending email to peter.ve@telenet.be,peter.ve@corelan.be
Done.
|
The report looks like this :
Of course, you would need to schedule this script in order to be able to continuously monitor the hosts on your network. You can use the explanation at the bottom of this post to find out how to launch the script from a batch file. All that is left for you is to schedule the batch file thru Task Scheduler / Scheduled Tasks.
Download the script
You need to be logged in to download this script. Click this link to register if you don’t have a useraccount yet
PVE Port Monitor (Log in before downloading this file ! ) - Downloaded 100 times
Final notes
I don’t mind that you use/change this script to suit your own environment – but don’t forget to give me some credits :-)
© 2009, Peter Van Eeckhoutte. All rights reserved. Terms of Use are applicable to all content on this blog. If you want to use/reuse parts of the content on this blog, you must provide a link to the original content on this blog.
Posted in My Free Tools, Networking, Powershell | 
Tags: closed port, free tool, monitor, network, open port, powershell, report
hello,
very nice script, but when I tried to run it, it gave me an error. I created smtp.cfg, hosts.txt. ps1 script with no change (maybe there´s a fault???)
Unexpected token ‘hosts.txt’ in expression or statement.
At line:1 char:34
+ ‘.\pve_portmonitor.ps1′ hosts.txt <<<<
Thank you for your answer
Martin Braczek
Hello Martin,
Can you please create a new forum topic for this issue (http://www.corelan.be:8800/index.php/forum/pve-powershell-scripts) , and post the contents of your hosts.txt file ?
thanks