Tag: PowerShell

One stop PowerShell script to setup Prometheus, Grafana and Windows Exporter on Windows Machine

After setting up Prometheus, Grafana over Linux host, I was approached for similar setup over Windows. That had separate set of challenges since Prometheus and Grafana projects, despite of requests in last couple of years, are not yet compatible with Microsoft Service Framework. Even official documentation proposes solution via nssm, which is another OSS project (in a way).

Though I would have created similar step by step doc for Windows, thought to do better this time and almost half day work brought us a PowerShell script, which can download almost all the latest packages (except nssm, which is not github hosted) and then proceed to configure them on the same machine. Functions to download and create services are created in a way that select set of package can be downloaded or installed as putting everything on the same server may not be good idea.

This is still not ready for production use as there might be random quirks but here we do with the complete script, which has an experiment Prometheus configuration function as well.

Continue reading “One stop PowerShell script to setup Prometheus, Grafana and Windows Exporter on Windows Machine”

PowerShell: Quickly finding source of Brute Force attack on O365 Tenant

A small PowerShell Script to quickly find out source IPs in case of a brute force attack on O365 Infra. This can save manual efforts and can improve turnaround time to mitigate the issue in Infrastructures which still not using MFA or ExtraNetLockOut. This is just a basic code. One can set email alerts basis the thresholds or even can write a custom event on any of the server to be picked by SCOM or OMS.

Continue reading “PowerShell: Quickly finding source of Brute Force attack on O365 Tenant”

PowerShell: Script for patching Domain Servers remotely

In line with the last post on File Server inventory, here comes the another script to perform patching for Domain Servers from a remote machine.

PowerShell already has methods to perform patching on any server, where we can list what all patches are available and create a downloader to download and install them all, but a limitation to the capability is, the same can not be done remotely. As a workaround for that, we would be creating schedule task on the remote machine via the script and performing the patching via triggering that schedule task.

It would involve two scripts InstallPatches.ps1 and PatchServer.ps1, whose code I would be listing below. It would make use of c:\temp directory and would be keeping logs and scripts in the same location. Also we would need any shared location, where we would keep a copy of InstallPatches.ps1, which then would be copied dynamically over the servers during patching. I have kept script source path as “\\ABCXYZ\sources\installpatches.ps1” while it can be changed as per your environment.

Continue reading “PowerShell: Script for patching Domain Servers remotely”

PowerShell: File Share inventory of all File Servers

Managing a large infra never happens to be easy without right kind of tools and tools usually come with cost. In past Unix users used to taunt Windows users on this point as they used to enjoy many open source products and scripts which Windows users weren’t privy of. Things changed a lot since PowerShell.

Presenting you a script to have a size and permission inventory of all your shares on all file servers. Below would be the pre-requisites:

1. Names of all file servers.
2. All the file servers should have WinRM enabled (Windows 2012 servers have it on by default and for Windows 2008, winrm quickconfig may do the trick).
3. Obviously Local Administrator permissions on all File Servers, which should have permissions on shares as well.

After that just change the variable $RemoteComputers value with the name of file servers in place of dummy values placed in form of array right now. That’s it.

This script lists names of all servers (provided by you), shares on them, NTFS permissions, Size in MB, Last modified date and Last accessed date.

Continue reading “PowerShell: File Share inventory of all File Servers”

PowerShell: WSUS – Declining and Deleting updates based on keywords

I am back again with just another write-up on WSUS in a very short time. Last time we talked about Reporting and Cleanup, this time its more into troubleshooting, which often requires one to find particular updates and nuke them out.

Yes! We are talking about those pesky Event IDs 364, which often mention about certain cab files and we System Admin bang their heads on walls to find out that which particular updates they belong to.

Let me give you an easy permanent way out via a Custom PowerShell module named PoshWSUS.

How to use that?
Continue reading “PowerShell: WSUS – Declining and Deleting updates based on keywords”