Derdack

Targeted Alert Notifications – Anywhere Actions

Derdack
  • Use Cases
    • Overview
    • Enterprise IT Alerting
    • IT Managed Services
    • Mobile Alerting in Manufacuring
    • Critical Operations Alerting in Banking & Financial
    • Field Service Dispatching in Energy & Utilities
    • Use Cases in other Industries
  • Products
    • Overview
    • Enterprise Alert®
      • Overview
      • Alert Notifications
      • On-call Duty Scheduling
      • Collaboration
      • Anywhere Remediation
      • Incident Mgmt. App
      • Integrations
      • Technical Support
      • Online Knowledge Base
      • Derdack FAQ
    • SIGNL4® Cloud
    • References & More
  • How to Buy
    • Overview
    • Pricing and Quotes
    • Azure Marketplace
  • About Derdack
    • About
    • Careers
    • Strategic Partners
    • Derdack Podcast
    • Contact Derdack
  • News & Blog
  • Request Demo
    • de de
  • News & Blog

    • Home
    • News & Blog
    • Technical
    • CheckMK and Enterprise Alert – a scripted heartbeat check

    CheckMK and Enterprise Alert – a scripted heartbeat check

    • September 8, 2021
    • Technical
    CheckMK and Enterprise Alert – a scripted heartbeat check

    A few days ago I received an inquiry about a scripting problem from one of our longtime partners, to be exact our DCP Marc Handel from IT unlimited AG. In the exchange with Marc I realized that his idea to use the Enterprise Alert Scripting Host, the Windows Task Scheduler and CheckMK to realize a roundtrip monitoring could be interesting for the whole community. Especially for all our CheckMK customers.

    The idea for the roundtrip check was that all CheckMK servers send an API call to EA and an alerting policy triggers a script on these events. The task of the script should be to write locally on the EA server to a logfile – this log should then be monitored and an alarm generated should the logfile no longer be updated.

    Marc has implemented this for his customer as described below:

    1. In Check MK, a regular triggering event was set up that regularly sends API calls to Enterprise Alert.
    2. In Enterprise Alert a policy was created that triggers the eventcheck.js script.
      /*
      This script handles all incoming messages for all message types from the message master kernel. 
      This script then replies with a confirmation message, notifying the user that message master has received the message.
      */
      
      function OnNewEvent(objMsg)
      {
      EAScriptHost.LogInfo("OnNewEvent - write log entry for checkMK API calls");
      var strServer = objMsg.GetEventParameter("Hostname");
      EAScriptHost.LogDebug("get Hostname: strServer :" + strServer);
      
      var object = new ActiveXObject("Scripting.FileSystemObject");
      var file = object.OpenTextFile("E:\\EventCheck\\Eventcheck_hostname_"+strServer+".txt", 8, true);
      //var file = object.OpenTextFile("E:\\EventCheck\\Eventcheck_checkMK.txt", 8, true);
      EAScriptHost.LogDebug("+ + + write to log: " + displayTime() + " - E:\\EventCheck\\Eventcheck_hostname_" + strServer + ".txt")
      
      file.WriteLine(displayTime() + ' checkMK API call received from ' + strServer);
      file.Close(); 
      
      //EAScriptHost.Display(objMsg.GetXml());
      //HandleMessageReply(objMsg);
      //HandleTimeStampUpdate();
      }
      
      // Sends a confirmation message back to the originator of the message
      function HandleMessageReply(objMsg)
      {
      var objAnswer = objMsg.CreateAnswer();
      if (objAnswer != null)
      {
      objAnswer.SetProperty("mm_body", "Confirmed message receipt: " + objMsg.GetProperty("mm_body"))
      objAnswer.Send();
      }
      }
      
      // Updates Timestamp of external Tracking file - now done in OnNewEvent
      function HandleTimeStampUpdate()
      {
      EAScriptHost.LogInfo("HandleTimeStamp");
      var object = new ActiveXObject("Scripting.FileSystemObject");
      //var strServer = eventObject.GetEventParameter("Hostname");
      //var file = object.OpenTextFile("E:\\EventCheck\\Eventcheck_"+strServer+".txt", 8, true);
      var file = object.OpenTextFile("E:\\EventCheck\\Eventcheck_checkMK.txt", 8, true);
      EAScriptHost.LogDebug("write to log:" + file)
      file.WriteLine(displayTime() + ' checkMK API call received');
      file.Close(); 
      }
      
      function displayTime() {
      EAScriptHost.LogInfo("displayTime");
      var str = "";
      
      var now= new Date(),
      
      h= now.getHours(),
      m= now.getMinutes(),
      s= now.getSeconds();
      
      date = now.getDate();
      month = now.getMonth() + 1; //Months are zero based
      year= now.getFullYear();
      
      if(h<10) h= '0'+h;
      if(m<10) m= '0'+m;
      if(s<10) s= '0'+s;
      
      if(date<10) date= '0'+date;
      if(month<10) month= '0'+month;
      
      str = date+'-'+month+'-'+year+' '+h+':'+m+':'+s;
      EAScriptHost.LogInfo("Time:" + str);
      return str;
      }

      batch file

      echo + + + %DATE% %TIME% checking fileage of all files in E:\Eventcheck_hostname*.txt >> E:\Eventcheck_checkMK.log
      
      for %%f in (E:\Eventcheck_hostname*.txt) do (
      echo DEBUG: checking fileage for file: %%f
      
      for /f "tokens=3 delims=_" %%b in ("%%f") do (
      for /f "tokens=1 delims=." %%c in ("%%b") do (
      
      cscript //nologo E:\Eventcheck.vbs %%f %%c >> E:\Eventcheck_checkMK.log
      )))
    3. A task has now been created in the Windows Task Scheduler which regularly executes the VBS script below and thus checks whether the log has been updated by the JS.
      ''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
      ' FileAge.vbs
      ' This script calculates the age of a file in days.
      ' If you want the results in hours, change d in the line strdateDiff to h.
      '
      ' USAGE: fileage.vbs file_to_check.txt
      
      ' execute this .bat file using the task-scheduler:
      ' cscript //nologo E:\Eventcheck\EventCheck_checkMK.vbs E:\Eventcheck\Eventcheck_checkMK.txt checkMK >> E:\Eventcheck\Eventcheck_checkMK.log
      
      ' export LANG=en_US.UTF-8
      
      Option Explicit
      Dim FSO, File, strDateDiff, strOld, strFile, objArguments, strServer
      
      ' Time until an alarm is triggered if log was not updated (eg. 30 Min)
      dim intAgeInMinutes
      intAgeInMinutes = 120
      
      Set objArguments = WScript.Arguments
      If(objArguments.Count < 2) Then
      Call Usage()
      End If
      
      strFile = objArguments(0)
      strServer = objArguments(1)
      
      Set FSO = CreateObject("Scripting.FileSystemObject")
      Set File = FSO.GetFile(strFile)
      
      strOld = File.DateLastModified
      strDateDiff = DateDiff("n", strOld, Now)
      Wscript.Echo strDateDiff & " minutes - file: " & strFile & " (max. " & intAgeInMinutes & " min.)"
      
      if (strDateDiff > intAgeInMinutes) then
      
      SendEAAlert("DerDack is missing Events from " & strServer & " since " & strDateDiff & " Minutes")
      
      end if
      
      Wscript.Quit(1)
      
      
      sub SendEAAlert(strText)
      
      dim strCommand
      strCommand = """C:\Program Files\Enterprise Alert\CommandLine\CommandLineClient.exe"" -event_text """ & strText & """"
      
      Dim objShell
      Set objShell = WScript.CreateObject( "WScript.Shell" )
      objShell.Run(strCommand)
      Set objShell = Nothing
      
      end sub
      
      
      Sub Usage()
      
      WScript.Echo "Usage:" & vbNewLine & vbNewLine &_
      "Fileage Name_of_File" & _
      vbNewLine & vbNewline & "E.g. Fileage c:\temp\log.txt"
      WScript.Quit(0)
      
      End Sub
    1. If this does NOT happen, an event with the message “no new Event from Server xyz received” is triggered in Enterprise Alert, which in turn triggers an alert to administrators.

    Of course, this monitoring can be easily applied to other source systems. In this case it was CheckMK because a corresponding project was being implemented there. Crucial for the setup is the possibility to send API calls or at least messages to Enterprise Alert on a regular basis and the presence of the Enterprise Alert scripting host.

    Summary

    Nothing is worse than not knowing if your IT monitoring is still working or not. With the setup described above, you can avoid these worries and be more relaxed about being on standby. You know that Enterprise Alert would reliably report to you if there is a problem in your infrastructure. At the same time, the complex setup allows you to monitor several other components at the same time. If you want to have such a monitoring for your systems or if you have any questions about the described scenario please contact us at support@derdack.com.

     

    Tagged

    Check MKEnterprise Alerthealth checkIntegrationScipting

    Share

    Related Posts

    Enterprise Alert 9.4.1 comes with fixes and the revised version of the sentinel connector app

    February 1, 2023

    Critical System Alerts via SIGNL4

    December 29, 2022

    Enterprise Alert 9.4 Update introduces Remote Actions for hybrid scenarios and proxy support for MS Teams

    October 25, 2022

    Upgrade your shopfloor alerting with Derdack

    September 8, 2022

    About

    DERDACK products combine automated alert notification workflows, 24/7 duty scheduling, ad-hoc collaboration and anywhere IT troubleshooting – reducing unexpected IT downtimes at large enterprises and organizations by 60%.

    Most popular

    • Derdack Company Take your ITIL incident management to the next level with Enterprise Alert
    • Mobile alert notifications for HP Service Manager (HPSM)
    • How to forward alerts to Microsoft Teams
    • Oncall Scheduling On-Call Schedule Management with Auto-Rotation
    • Even, Alert, Incident, Notification Definition of Event, Alert, Incident and Notification
    • checking-mobile Enhancing SCOM alert notifications
    • Announcing Enterprise Alert 2019
    • who-is-on-call-sharepoint Add a live “Who is On-Call” Dashboard into Sharepoint and other Tools

    Categories

    • Business (37)
    • Cloud Services (5)
    • Consultancy (1)
    • Customers (18)
    • Energy & Utilities (7)
    • Events (23)
    • Financial & Banking (4)
    • IT Ops (19)
    • Manufacturing (8)
    • News (48)
    • Schools (1)
    • Software (9)
    • Staffing (1)
    • Support (4)
    • Technical (141)
    • Transport & Logistics (5)

    Tags

    alert alert notifications Anywhere Resolution Anywhere Response Azure azure BMC customer reference Database derdack enterprise alert Enterprise Alert Enterprise Alert 2016 Enterprise Alert 2019 Gartner HPE HPE ITSM incident Incident Management Incident resolution incident response Industrie 4.0 Integration IT Alerting IT Operations Maintenance microsoft mobile Mobile App monitoring OMS on-call on-call schedule Operational Alerting rapid response release Remote Action REST API SCOM security SolarWinds NPM System Center update User Group voice

    Follow us

    • Twitter
    • Facebook
    • LinkedIn
    • XING
    • YouTube
    • Vimeo
    • Home
    • News & Blog
    • Technical
    • CheckMK and Enterprise Alert – a scripted heartbeat check

    CONTACT US:
    Intl: +49 331 29878-0

    US: +1 (804) 570-2005
    CH: +41 (31) 5391990

    CONTACT VIA EMAIL:
    info@derdack.com

    OFFICES:
    US & Europe

    NEWSLETTER:
    Sign up here

    CAREER:
    Latest job offers

    EVENTS

    • No Upcoming Events
    • Who we help
    • Products
    • How to Buy
    • About Derdack
    • News & Blog
    • Free Trial
    • Twitter
    • LinkedIn
    • YouTube
    • Vimeo

     © 2025 Derdack – Imprint, Privacy policy

    • Use Cases
      • Overview
      • Enterprise IT Alerting
      • IT Managed Services
      • Mobile Alerting in Manufacuring
      • Critical Operations Alerting in Banking & Financial
      • Field Service Dispatching in Energy & Utilities
      • Use Cases in other Industries
    • Products
      • Overview
      • Enterprise Alert®
        • Overview
        • Alert Notifications
        • On-call Duty Scheduling
        • Collaboration
        • Anywhere Remediation
        • Incident Mgmt. App
        • Integrations
        • Technical Support
        • Online Knowledge Base
        • Derdack FAQ
      • SIGNL4® Cloud
      • References & More
    • How to Buy
      • Overview
      • Pricing and Quotes
      • Azure Marketplace
    • About Derdack
      • About
      • Careers
      • Strategic Partners
      • Derdack Podcast
      • Contact Derdack
    • News & Blog
    • Request Demo
    Manage Cookie Consent
    We use cookies to optimize our website and our service.
    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    Manage options Manage services Manage vendors Read more about these purposes
    View preferences
    {title} {title} {title}