Monitoring raid arrays in Windows Core

image

/ > Hello!

In recent years we've learned that can and should monitor all of the many tools ranging from simple logs, ending with Zabbix, and all can be linked. Microsoft, in turn, also gave us a great tool WinRM, by which we can monitor the operating systems and not only. But as always there is a fly in the ointment, in fact about the "bypass" this fly in the ointment will be discussed.

As was said above, we have all the necessary tools to monitor the IT structure, but it so happened that we have no "automated" tool for monitoring Intel raid arrays in Windows core. Draw Your attention to the fact that we are talking about the usual "yellow iron".

We all know that there is software from Intel matrix storage and rapid, but unfortunately the standard Windows core it does not work, also there is a utility raidcfg32, it works in command-line mode, able to serve in manual mode and show the status, also in manual mode. I think America shouldn't be opened.

Constantly in manual mode to check the status of the raid or wait for the failure of the server virtualization is not the best choice.

To implement the insidious plan of the system on Intel raid we use
main tools:

the
    the
  • Powershell
    • the
  • EventLog
    • the
  • Raidcfg32.exe
    • the
  • Auxiliary:
    • the
  • WinRM
    • the
  • Rsyslog
    • the
  • LogAnalyzer

The first thing you need to install driver for raid controller:
cmd.exe pnputil.exe -i-a [path to *.inf]

Copy raidcfg32.exe in c:\raidcfg32\

Check whether the correct driver is installed:
cmd.exe C:\raidcfg32\raidcfg32.exe /stv

If we get the raid status and disk, then everything is OK.

Create a source in the application log:

*Then everything is done in powershell

the 
New-EventLog -Source "RAID" -LogName "Application"

Executes the query of the status of the raid, remove the quotes for ease of parsing plug-in file contents.

the 
c:\RAIDCFG32\RAIDCFG32.exe /stv > c:\RAIDCFG32\raidcfgStatus.txt
Get-Content "c:\RAIDCFG32\raidcfgStatus.txt" | ForEach-Object {$_ -replace ('"'),' '} > c:\RAIDCFG32\raidstatus.txt
$1 = Get-Content c:\RAIDCFG32\raidstatus.txt
$2 = "$1"

Looking for key words, if one of the words below would be found in the file errorRAID.txt appears set to true, it will indicate error if no match is found, the value will be false.

the 
$2 -match "failed" > c:\RAIDCFG32\errorRAID.txt
$2 -match "disabled" >> c:\RAIDCFG32\errorRAID.txt
$2 -match "degraded" >> c:\RAIDCFG32\errorRAID.txt
$2 -match "rebuild" >> c:\RAIDCFG32\errorRAID.txt
$2 -match "updating" >> c:\RAIDCFG32\errorRAID.txt
$2 -match "critical" >> c:\RAIDCFG32\errorRAID.txt

The plug-in file written true and false, looking in the file true if true is found, replace it on Error, false on model Information.

Zapisyam result in EntryType.txt

the 
$3 = Get-Content c:\RAIDCFG32\errorRAID.txt
$4 = "$3"
$5 = $4 -match "true"
$6 = "$5"
$7 = $6 -replace "true", "Error" > c:\RAIDCFG32\EntryType.txt
$8 = $6 -replace "false", "Information" >> c:\RAIDCFG32\EntryType.txt

Connected the contents of the file EntryType.txt and remove the False, thus, we get correct-EntryType which in turn is the "Level" messages.

Recorded in the EventLog message, where in case if keywords are found, the message level is Error, if not found, the Information.

the 
$9 = Get-Content c:\RAIDCFG32\EntryType.txt
$10 = "$9"
$11 = $10 -replace "False"
Write-EventLog-LogName Application -Source "RAID" -EventID 9999-EntryType "$11" -Message "$1"
exit

Stored code in the *.ps1

Create a scheduler task to run the script, I start the job 1 every day and at every boot.

If you are collecting logs to another Windows OS in the Eventlog, the log collection server you must create a source of "RAID", the example is above.

We transport the logs through rsyslog rsyslog Adison for Windows.

The output is this picture:

image

Script without comments
c:\RAIDCFG32\RAIDCFG32.exe /stv > c:\RAIDCFG32\raidcfgStatus.txt
Get-Content "c:\RAIDCFG32\raidcfgStatus.txt" | ForEach-Object {$_ -replace ('"'),' '} > c:\RAIDCFG32\raidstatus.txt
$1 = Get-Content c:\RAIDCFG32\raidstatus.txt
$2 = "$1"
$2 -match "failed" > c:\RAIDCFG32\errorRAID.txt
$2 -match "disabled" >> c:\RAIDCFG32\errorRAID.txt

$2 -match "rebuild" >> c:\RAIDCFG32\errorRAID.txt
$2 -match "updating" >> c:\RAIDCFG32\errorRAID.txt
$2 -match "critical" >> c:\RAIDCFG32\errorRAID.txt
$3 = Get-Content c:\RAIDCFG32\errorRAID.txt
$4 = "$3"
$5 = $4 -match "true"
$6 = "$5"
$7 = $6 -replace "true", "Error" > c:\RAIDCFG32\EntryType.txt
$8 = $6 -replace "false", "Information" >> c:\RAIDCFG32\EntryType.txt
$9 = Get-Content c:\RAIDCFG32\EntryType.txt
$10 = "$9"
$11 = $10 -replace "False"
Write-EventLog-LogName Application -Source "RAID" -EventID 9999-EntryType "$11" -Message "$1"

Article based on information from habrahabr.ru

Comments

Post a Comment

Popular posts from this blog

Powershell and Cyrillic in the console (updated)

Image
In the development process is very often necessary to run a powershell script from a console application. What could be easier? the #test.ps1 & $PSScriptRoot\ConsoleApp.exe Examine the behavior of console applications when running them from the command line, using PowerShell and using PowerShell ISE: execution Result In PowerShell ISE, there is a problem with encoding, as the ISE expects the output to the encoding 1251. Use Google and find two problem solving: c use [Console]::OutputEncoding and through the powershell pipeline. Let's use the first solution: test2.ps1 $ErrorActionPreference = "Stop" function RunConsole($scriptBlock) { $encoding = [Console]::OutputEncoding [Console]::OutputEncoding = [System.Text.Encoding]::GetEncoding("cp866") try { &$scriptBlock } finally { [Console]::OutputEncoding = $encoding } } RunConsole { & $PSScriptRoot\ConsoleApp1.exe } execution Result At the command prompt, all is well, bu...
Read more

Active/Passive PostgreSQL Cluster, using Pacemaker, Corosync

Image
Description This article describes an example of configuring Active/Passive PostgreSQL cluster, using Pacemaker, Corosync. As the disk subsystem is considered the drive from the system data storage (CSV). Similar to the Windows Failover Cluster from Microsoft. Technical details: OS Version — CentOS 7.1 Version package pacemaker — 1.1.13-10 Package version pcs — 0.9.143 PostgreSQL — 9.4.6 As servers(2pcs) — iron server 2*12 CPU/ memory 94GB As a CSV(Cluster Shared Volume) — an array of class Mid-Range Hitachi RAID 1+0 Preparation of cluster nodes Rule /etc/hosts on both hosts and make the visibility of hosts to each other by short names, for example: the [root@node1 ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 10.1.66.23 node1.local.lan node1 10.1.66.24 node2.local.lan node2 Also make exchange between servers using SSH keys and ...
Read more

Experience with the GPS logger Holux M-241. Working from under Windows, Mac OS X, Linux

Image
Inspired by the recent article on the GPS logger. I would like to tell you about GPS logger (GPS Receiver / Data Logger) Holux M-241, its features, capabilities and usability. May be someone this review will seem useful in the selection of such devices. The logger I needed to create tracks velopokatushki, forest walks skiing and snapping photos to coordinates. Bought this device at Dealextreme back in 2011 for about the same price for which he sold there now, something around 70$. There are of course the device is newer and cheaper, but for some features they lose this logger. (Photos of the device borrowed from Dealextreme) photos When choosing a logger, watching the small avaricious reviews of devices and spent a lot of time to form a view about the necessary for me features. In the end, I came to the following requirements: 1. Power supply — always removable, preferably standard batteries AA or AAA. After all, if you have to foray outside of civiliz...
Read more