Scripting on the Windows side Disclaimer These slides

  • Slides: 40
Download presentation
Scripting. . . …on the Windows side

Scripting. . . …on the Windows side

Disclaimer! � These slides represent the work and opinions is not theirconstitute fault! of

Disclaimer! � These slides represent the work and opinions is not theirconstitute fault! of the author Itand do not official positions of any organization sponsoring the author’s work It is not my fault! � This material has not been peer reviewed and It is your fault! is presented here as-is with the permission of the author. � The author assumes no liability for any content or opinion expressed in this presentation and or use of content herein.

Agenda � External Scripts � Internal Scripts � Arguments � Scripting: Batch files �

Agenda � External Scripts � Internal Scripts � Arguments � Scripting: Batch files � Wrapped scripts � Scripting: VBA � Internal Scripts

Windows monitoring NSClient++ (from a scripters perspecitve)

Windows monitoring NSClient++ (from a scripters perspecitve)

Two kinds of scripts � External Scripts ◦ The normal kind of scripts ◦

Two kinds of scripts � External Scripts ◦ The normal kind of scripts ◦ Can be written in: �Batch �VBA/VBScript (pretty popular on Windows) �Powershell (a rather strange language) ◦ But also: �Perl, python, bash, etc… � Internal ◦ ◦ Can Can Scripts interact with (other) internal commands access settings hold state be written in: �Lua �Python (requires python on the machine)

Configuring External Scripts 1. Enable the check module [/modules] Check. External. Scripts= NRPEServer= 2.

Configuring External Scripts 1. Enable the check module [/modules] Check. External. Scripts= NRPEServer= 2. # Runs the script # NRPE server Each script requires a definition [/settings/External Scripts] check_es_test=scriptstest. bat 3. Options disabled by default (for a reason) allow arguments = false allow nasty characters = false

Configuring Internal Scripts 1. Enable the check module [/modules] LUAScript= Python. Script= 2. Each

Configuring Internal Scripts 1. Enable the check module [/modules] LUAScript= Python. Script= 2. Each script requires a definition [/settings/LUA/Scripts] <alias>=test. lua [/settings/python/Scripts] <alias>=test. py 3. Scripts requires NRPE/NSCA (or NSCP) [/modules] NRPEServer=

Allow arguments � Can be configured in many places � The server module �

Allow arguments � Can be configured in many places � The server module � The script module ◦ Is probably more confusing then it is worth ◦ Means NO commands can have arguments ◦ Means NO external script can have arguments

Allow arguments script. bat External. Scripts script. vbs Check. CPU NRPE NSClient++ Check. System

Allow arguments script. bat External. Scripts script. vbs Check. CPU NRPE NSClient++ Check. System Check. Mem Check. Event. Log Check. Task. Sched

Writing our first Scripts The first batch script

Writing our first Scripts The first batch script

Writing a Script (Batch) � Output: ◦ Use: echo <text> ◦ Don’t forget @echo

Writing a Script (Batch) � Output: ◦ Use: echo <text> ◦ Don’t forget @echo off (or all commands will be echoed) � Exit statuses: ◦ Use: exit <code> � 0 = OK � 1 = Warning � 2 = Critical � 3 = Unknown � NSC. ini syntax: [/settings/External Scripts/scripts] my_script=scriptsscript. bat � Reference: ◦ http: //www. ss 64. com/nt/ � Don’t let preconceptions fool you: batch can actually do a lot!

A basic script (batch) @echo off echo CRITICAL: Everything is not going to be

A basic script (batch) @echo off echo CRITICAL: Everything is not going to be fine exit 2

Running from Command Line …NSClient++scripts>cmd /c test. bat CRITICAL: Everything is not going to

Running from Command Line …NSClient++scripts>cmd /c test. bat CRITICAL: Everything is not going to be fine …NSClient++scripts>echo %ERRORLEVEL% 2

Running from NSClient D: demo>nscp --test NSClient++ 0, 4, 0, 98 2011 -09 -06

Running from NSClient D: demo>nscp --test NSClient++ 0, 4, 0, 98 2011 -09 -06 x 64 booting. . . Boot. ini found in: D: /demo//boot. ini Boot order: ini: //${shared-path}/nsclient. ini, old: //${exe-path}/nsc. ini Activating: ini: //${shared-path}/nsclient. ini Creating instance for: ini: //${shared-path}: 80/nsclient. ini Reading INI settings from: D: /demo//nsclient. ini Loading: D: /demo//nsclient. ini from ini: //${shared-path}/nsclient. ini Booted settings subsystem. . . On crash: restart: NSClientpp Archiving crash dumps in: D: /demo//crash-dumps booting: : loading plugins Found: Check. External. Scripts as Processing plugin: Check. External. Scripts. dll as add. Plugin(D: /demo//modules/Check. External. Scripts. dll as ) Loading plugin: Check External Scripts as NSClient++ - 0, 4, 0, 98 2011 -09 -06 Started! Enter command to inject or exit to terminate. . .

Running from NSClient Re tu rn M es sa ge Enter command to inject

Running from NSClient Re tu rn M es sa ge Enter command to inject or exit to terminate. . . my_scripts Command Injecting: my_script. . . Arguments: Result my_script: WARNING Re tur WARNING: Hello World n. S tat us

Demo Writing our first Scripts

Demo Writing our first Scripts

Writing our first Scripts Killing notepad once and or all!

Writing our first Scripts Killing notepad once and or all!

Killing notepad once and for all! TASKKILL [/S dator [/U användarnamn [/P lösenord]]]] {

Killing notepad once and for all! TASKKILL [/S dator [/U användarnamn [/P lösenord]]]] { [/FI filter] [/PID process-ID | /IM avbildning] } [/T][/F] Beskrivning: Det här verktyget används för att avsluta en eller flera aktiviteter utifrån process-ID (PID) eller avbildningsnamn. Parameterlista: … /FI filter Använder ett filter för att välja aktiviteter. Jokertecknet * kan användas, t. ex: imagename eq note* /PID process-ID Anger process-ID för den process som ska avbrytas. Använd kommandot Tasklist för att hämta process-ID /IM avbildning Anger avbildning för den process som ska avslutas. Jokertecknet * användas för att ange alla aktiviteter eller avbildningar.

KILL!!! @echo off taskkill /im notepad. exe 1>NUL 2>NUL IF ERRORLEVEL 128 GOTO err

KILL!!! @echo off taskkill /im notepad. exe 1>NUL 2>NUL IF ERRORLEVEL 128 GOTO err IF ERRORLEVEL 0 GOTO ok GOTO unknown : unknown echo UNKNOWN: unknown problem killing notepad. . . exit /B 3 : err echo CRITICAL: Notepad was not killed. . . exit /B 1 : ok echo OK: Notepad was killed! exit /B 0

Demo Killing notepad…

Demo Killing notepad…

Wrapped scripts Interlude

Wrapped scripts Interlude

Adding a Script (. bat) � NSC. ini syntax: ◦ [External Scripts] ◦ check_bat=scriptscheck_test.

Adding a Script (. bat) � NSC. ini syntax: ◦ [External Scripts] ◦ check_bat=scriptscheck_test. bat � Or ◦ ◦ [Wrapped Scripts] check_test=check_test. bat

Adding a Script (. VBS) � NSC. ini syntax: ◦ [External Scripts] ◦ check_test=cscript.

Adding a Script (. VBS) � NSC. ini syntax: ◦ [External Scripts] ◦ check_test=cscript. exe /T: 30 /No. Logo scriptscheck_test. vbs � Or ◦ ◦ [Wrapped Scripts] check_test=check_test. vbs

Adding a Script (. VBS) w/ libs � NSC. ini syntax: ◦ [External Scripts]

Adding a Script (. VBS) w/ libs � NSC. ini syntax: ◦ [External Scripts] ◦ � check_test=cscript. exe /T: 30 /No. Logo scriptslibwrapper. vbs scriptscheck_test. vbs Or ◦ ◦ [Wrapped Scripts] check_test=check_test. vbs

Adding a Script (. PS 1) � NSC. ini syntax: ◦ [External Scripts] ◦

Adding a Script (. PS 1) � NSC. ini syntax: ◦ [External Scripts] ◦ � check_test=cmd /c echo scriptscheck_test. ps 1; exit($lastexitcode) | powershell. exe -command - Or ◦ ◦ [Wrapped Scripts] check_test=check_test. ps 1

What is wrapped scripts? […/wrappings] bat=scripts%SCRIPT% %ARGS% vbs=cscript. exe //T: 30 //No. Logo scriptslibwrapper.

What is wrapped scripts? […/wrappings] bat=scripts%SCRIPT% %ARGS% vbs=cscript. exe //T: 30 //No. Logo scriptslibwrapper. vbs %SCRIPT% %ARGS% ps 1=cmd /c echo scripts%SCRIPT% %ARGS%; exit($lastexitcode) | powershell. exe -command […/wrapped scripts] check_test_vbs=check_test. vbs /arg 1: 1 /variable: 1 check_test_ps 1=check_test. ps 1 arg 2 check_test_bat=check_test. bat $ARG 1$ arg 2 check_battery=check_battery. vbs check_printer=check_printer. vbs ; So essentially it is a macro! (but a nice one)

Writing your first Scripts Writing a simple VB script

Writing your first Scripts Writing a simple VB script

Writing a Script (VBS) � Output: ◦ Use: Wscript. Std. Out. Write. Line <text>

Writing a Script (VBS) � Output: ◦ Use: Wscript. Std. Out. Write. Line <text> � Exit statuses: ◦ Use: Wscript. Quit(<code>) � 0 = OK � 1 = Warning � 2 = Critical � 3 = Unknown � NSC. ini syntax: [External Scripts] check_vbs=cscript. exe //T: 30 //No. Logo scriptscheck_vbs. vbs //T: 30 Is the timeout and might need to be changed. � Reference: ◦ http: //msdn. microsoft. com/en-us/library/t 0 aew 7 h 6(VS. 85). aspx

Hello_World. vbs wscript. echo ”Hello World" wscript. quit(0)

Hello_World. vbs wscript. echo ”Hello World" wscript. quit(0)

Object oriented programming (ish) � Set <variable name>=Create. Object(“<COM Object>") There is A LOT

Object oriented programming (ish) � Set <variable name>=Create. Object(“<COM Object>") There is A LOT of objects you can create A nice way to interact with other applications � For instance: � � ◦ Set obj. Word = Create. Object("Word. Application") ◦ obj. Word. Visible = True ◦ Set obj. Doc = obj. Word. Documents. Add() ◦ Set obj. Selection = obj. Word. Selection ◦ ◦ obj. Selection. Font. Name = “Comic Sans MS" obj. Selection. Font. Size = “ 28" obj. Selection. Type. Text “Hello World" obj. Selection. Type. Paragraph() ◦ obj. Selection. Font. Size = "14" ◦ obj. Selection. Type. Text "" & Date() ◦ obj. Selection. Type. Paragraph()

Demo: Words…

Demo: Words…

Are we running windows? str. File=”c: windows” Dim o. FSO Set o. FSO=Create. Object("Scripting.

Are we running windows? str. File=”c: windows” Dim o. FSO Set o. FSO=Create. Object("Scripting. File. System. Object") If o. FSO. File. Exists(str. File) Then wscript. echo ”Yaay!" wscript. quit(0) else wscript. echo “Whhh… what the f***!" wscript. quit(2) end if

Demo: Are we running Windows?

Demo: Are we running Windows?

Using the library Dissecting a VBScript

Using the library Dissecting a VBScript

Internal Scripts � Can be used to extend NSClient++ � Are very powerful �

Internal Scripts � Can be used to extend NSClient++ � Are very powerful � A good way to: ◦ Alter things you do not like ◦ Create advanced things � Are written in Lua or Python � Possibly unsafe ◦ Runs inside NSClient++

Anatomy of an internal script � Internal scripts are fundamentally different � One script

Anatomy of an internal script � Internal scripts are fundamentally different � One script is NOT equals to one function ◦ A script (at startup) can: �Register query (commands) handlers �Register submission (passive checks) handlers �Register exec handlers �Register configuration �Access configuration ◦ Handlers can: �Execute queries (commands) �Submit submissions (passive checks) �Etc etc…

A basic script def init(plugin_id, plugin_alias, script_alias): conf = Settings. get() reg = Registry.

A basic script def init(plugin_id, plugin_alias, script_alias): conf = Settings. get() reg = Registry. get(plugin_id) reg. simple_cmdline('help', get_help) reg. simple_function(‘command', cmd, ‘A command…') conf. set_int('hello', 'python', 42) log(Answer: %d'%conf. get_int('hello', 'python', -1)) def shutdown(): log(“Shutting down…”)

A basic script def get_help(arguments): return (status. OK, ‘Im not helpful ') def test(arguments):

A basic script def get_help(arguments): return (status. OK, ‘Im not helpful ') def test(arguments): core = Core. get() count = len(arguments) (retcode, retmessage, retperf) = core. simple_query(‘CHECK_NSCP’, []) return (status. OK, ‘Life is good… %d'%count)

Questions? Q&A

Questions? Q&A

Thank You! Michael Medin michael@medin. name http: //www. linkedin. com/in/mickem Information about NSClient++ http:

Thank You! Michael Medin michael@medin. name http: //www. linkedin. com/in/mickem Information about NSClient++ http: //nsclient. org Facebook: facebook. com/nsclient Slides, and examples http: //nsclient. org/nscp/conferances/2011/nwcna/