运行Powershell脚本以响应警报 [英] Run a Powershell script in response to an alert
问题描述
大家好
如何运行为响应服务器上的警报而运行的Powershell脚本?
How can I run a Powershell script that runs in response to an alert on servers?
用例:
触发低可用空间警报后,我需要运行脚本来清理磁盘。而且我需要在任何抛出警报的机器上发生这种情况。
I need to run a script to clean the disk once low free space alert is triggered. And I need this to happen on any machine that throws the alert.
请注意?
干杯
Sam(如果适用,请花点时间"投票为有用"和/或"标记为答案"。谢谢!)博客: AnalyticOps Insights Twitter: Sameer
Mhaisekar
Sam (Please take a moment to "Vote as Helpful" and/or "Mark as Answer" wherever applicable. Thanks!) Blog:AnalyticOps Insights Twitter:Sameer Mhaisekar
推荐答案
嗨Sameer,
我没有测试过以下所有步骤但AFAIK您可以按照以下步骤来实现您的使用案例。
Hi Sameer,
I haven't tested all of the below steps but AFAIK you can follow these below steps to achieve your use case.
- 如果您没有,则创建一个Log Analytics工作区已经。
- 在要监控的服务器上安装它的代理。
- 如果您还没有Azure自动帐户,请创建一个Azure自动帐户。
- 创建Automation Runbook用于清理驱动器。
- 创建操作组。
- 将操作组的操作类型配置为Automati在Runbook上并以用户身份提供Runbook源,并提供您希望在触发警报时触发的Runbook(在上面#4中创建)。
- 开发Perf类型Kusto查询以获得免费
- 在Log Analytics工作区的Logs磁贴中测试它。
- 安装Hybrid Runbook Worker以利用该功能在服务器上本地运行Runbook。
- 服务器上的板载DSC,用于管理支持Hybrid Runbook Worker的服务器配置。
- 使用Kusto查询(在上面的#7中开发)配置警报以检查磁盘可用空间。配置警报时设置阈值,频率,周期详细信息。提供预期的操作组(在上面的#5中创建)以在警报
被触发时收到通知。
- Create a Log Analytics workspace if you don't have one already.
- Install it's agent on the server which you want to monitor.
- Create a Azure Automation account if you don't have one already.
- Create Automation Runbook to clean the drive.
- Create action group.
- Configure action type of action group as Automation Runbook and provide runbook source as user and provide the runbook (that is created in #4 above) that you want to get triggered when an alert is triggered.
- Develop a Perf type Kusto query to get the free space.
- Test it in the Logs tile of your Log Analytics workspace.
- Install Hybrid Runbook Worker to leverage the feature to run runbooks locally on the server.
- Onboard DSC on your server to manage the configuration of your server that support Hybrid Runbook Worker.
- Configure alert using Kusto query (that is developed in #7 above) to check the disk free space. Set threshold value, frequency, period details while configuring an alert. Provide intended action group (that is created in #5 above) to get notified on alert getting triggered.
您可能需要按照规定开发的查询在#7看起来如下所示。
The query which you may have to develop as stated in #7 would look something like shown below.
Perf| where (Computer == "xxxxxxx" or Computer == "yyyyyyy")| where ( ObjectName == "LogicalDisk" )| where ( CounterName == "% Free Space" )| where ( InstanceName == "C:" )| summarize AggregatedValue= avg(CounterValue) by Computer, bin(TimeGenerated, 30s)
您可以参考以下Microsoft文档链接中的一些说明。
https://docs.microsoft.com / en-us / azure / azure-monitor / log-query / log-query-overview
https://docs.microsoft.com/en-us/azure/azure-monitor/learn/quick-collect-windows-computer
https://docs.microsoft.com / en-us / azure / automation / automation-quickstart-create-Runbook
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/action-groups
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-metric
https://docs.microsoft.com/en-us/azure/自动化/自动化 - 创建 - 警报 - 触发 - Runbook
https://docs.microsoft.com/en-us/azure/automation/automation-windows-hrw-install
https://docs.microsoft.com/en-us/azure/automation/automation-hrw-run-runbooks
https:/ /docs.microsoft.com/en-us/azure/virtual-machines/windows/run-scripts-in-vm
You may refer to few below Microsoft documentation links for instructions.
https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/log-query-overview
https://docs.microsoft.com/en-us/azure/azure-monitor/learn/quick-collect-windows-computer
https://docs.microsoft.com/en-us/azure/automation/automation-quickstart-create-runbook
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/action-groups
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-metric
https://docs.microsoft.com/en-us/azure/automation/automation-create-alert-triggered-runbook
https://docs.microsoft.com/en-us/azure/automation/automation-windows-hrw-install
https://docs.microsoft.com/en-us/azure/automation/automation-hrw-run-runbooks
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/run-scripts-in-vm
希望这个帮助!!
这篇关于运行Powershell脚本以响应警报的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!