A while back VMware released the Logon monitor fling. I thought this was a very useful expansion of out toolkit.
So I decided to fling in our golden image to see how it behaves. After playing around with it, it writes the log files away to a share so in case we have some logon issues we might be able to find what is going on. It’s running for a couple of weeks now and we haven’t had any issues yet.
But when do you have logon issues? most of the time you hear about this is when users start calling. Wouldn’t it be great if you could already be searching when they call if they call at all? I decided to write a script that reads the logon time from all text files from the last 15 minutes and makes an average out of it. As usual it ain’t fancy at all but seems to be speedy and does the trick for me.
# This script was created by Wouter Kursten # contact: wouter.kursten@detron.nl or w.kursten@gmail.com or https://retouw.eu or @Magneet_NL on twitter # # Feel free to grab/copy/alter the script no need to mention me # But if you create a better / more complete version please send me a mail so I can use that script also # # This script is meant to use with the VMware Logon Monitor FLing # https://labs.vmware.com/flings/vmware-logon-monitor # This awesome tools actually shows how long it takes to login to your systems # # And yes the info block is longer then the script itself # # There are only 3 variables you can set # # $filefolder for where the Logon Monitor Output files are stored # $filefilter for when you want to filter what files are being read # $fileage for how far back in time you want to go $filefolder= "\\servername\share\" $filefilter="*.txt" $fileage="15" $filelocation="$filefolder"+"$filefilter" $filelist=get-childitem "$filelocation" | where-object {$_.LastWriteTime -gt (get-date).addminutes(-$fileage)} $durationarray=@() foreach ($file in $filelist) { $duration=(get-content $file | select-string -pattern "LogSummary] Logon Time:" | %{$_ -split " "})[6] $durationarray += $duration } $durationaverage= $durationarray | measure-object -average $durationaverage | select -expandproperty average
Again nothing fancy about this script, it just displays the average value and since we use nagios it can use this directly. You can do anything you want with it, add stuff, use other info. I might even make a bigger script to be able to output anything usable from this nice little fling.