Guy’s Best Practice & Litmus Tests Ezine #25 – EventTriggers
Contents for Ezine #25
EventTriggers is a program that you can execute from the Windows 2003 command line. The story with this executable is that it featured in an XP exam question, and I doubted it’s existence. I was convinced that the examiner was trying to pull the wool over my eyes, but no, there it was, to prove it just type eventtriggers in your ‘dos box’. I became curious and this is what my research unearthed.
Think of this scenario, let us assume that your server is playing up, a fact confirmed by lots of red dots in the Event Viewer. As a top techie, you want to track down what could be happening. However, being a busy person, you cannot just hang around the server, so you cunningly create a trigger. With EventTriggers, you can automatically fire off a batch file or vbs script which captures useful information. Another idea is ‘self heal’, where your script cures the problem and stops it reoccurring. As with many of these command line programs, EventTrigger’s syntax can be viscous so tune into the rhythm of its many switches.
Below is an example which creates a trigger that fires when a Win32 Time error occurs (EID 26).
The next paragraph has the full EventTriggers command. Assumptions e:\ log\time.vbs exists, also that you have a user called guyt with a password of s$ll1w0rd. Action: adjust script to a path and user on your system.
EventTriggers /create /TR "Guy Trigger" /l system /eid 26 /RU guyt /RP s$ll1w0rd /tk e:\ log\time.bat
EventTriggers /create – This is going to create a Trigger (not query or delete a trigger)
/TR "Guy Trigger" – What do you want to call your Trigger?
/l – (Lower case L) the name of your Event Log to look for the trigger e.g. Application, Security or System
/EID – Means event number which acts as the trigger. Check with Event Viewer, Event column
/RU – Assumes a user called guyt and /RP s$ll1w0rd sets the password. Note a potential security threat by exposing the password, make sure its a low key account who can perform the operation. (Note change user and password in your Eventtriggers)
/TK – This is the business end, what do you want to happen when the event occurs? Which .bat or .vbs file should you execute?
In my example I use time.bat to run the command: net time /setsntp:servername. Do try .vbs files if you prefer.
Other ideas for triggers.
Collect information. For Example, in your batch, pipe information from a program called tasklist to a file in the e drive. Tasklist >> e:\ log\guy.txt
Browse through the Event viewer searching for suitable EID (Event Ids)
It seems to me that in Windows Server 2003 (and XP) there are more and more executables just lying around waiting for you to double click or ‘Run’. Here are three such programs. Cluadmin is a utility that you will need – one day. EventTriggers is my challenge for you to test and master. Diskpart is there but I never use it because I prefer the GUI equivalent.
Guy Recommends: The Free IP Address Tracker (IPAT)
Calculating IP Address ranges is a black art, which many network managers solve by creating custom Excel spreadsheets. IPAT cracks this problem of allocating IP addresses in networks in two ways:
For Mr Organized there is a nifty subnet calculator, you enter the network address and the subnet mask, then IPAT works out the usable addresses and their ranges.
For Mr Lazy IPAT discovers and then displays the IP addresses of existing computers. Download the Free IP Address Tracker
Clustering is near the top of my list of technologies to watch out for and invest in. Last week I was caught out and Cluadmin came to my rescue. What I was trying to do was install the cluster service in Windows Server 2003. Foolishly, I tried Add or Remove Programs, what a waste of time! Unlike Windows 2000, clustering is installed automatically in Sever 2003, all you have to do is remember to run Cluadmin (from the Start menu, Run Box). Naturally for a fully functional cluster you need all the associated networking cards and other machines to act as nodes. My point is that Cluadmin is there waiting for you, but perhaps you have not yet discovered this new program in Server 2003.
Here is a program I am not keen on, I far prefer to use the Disk Management GUI. Every time I am rude about a program someone writes in with a ‘killer use’ for that utility. Perhaps there are script writers out there who like to hook onto this executable? Do write to me if you have a favourite executable, or even one you loathe and can see no point in using.
Lots of useful computer services