Requirement
I want to list all the Citrix servers for specific event ID that generated within 7 days - for example System Event ID 3621.
If any servers found with that specific Event ID, then the server list will be emailed. Else it will not send any email.
Step-1: Translate EventID to InstanceID
I want to list all the Citrix servers for specific event ID that generated within 7 days - for example System Event ID 3621.
If any servers found with that specific Event ID, then the server list will be emailed. Else it will not send any email.
Step-1: Translate EventID to InstanceID
Sometimes, you may need to have the event ID for a system event, though what you really need is the instance ID. For example, Get-EventLog will only support instance IDs, but no event IDs. Here is a script that can translate event IDs into instance IDs.
Execute the following script to get the Instance ID of that specific Event. Enter the event ID in "EventCode=xxxx" section. The Instance ID will be shown under EventIdentifier field. Here the Instance ID is 2147749413 for Event ID 3621
get-wmiobject Win32_NTLogEvent -filter "EventCode=3621" -ComputerName <put server name here>
Output
Category : 0
CategoryString :
EventCode : 3621
EventIdentifier : 2147749413
TypeEvent :
InsertionStrings : {IMA_RESULT_DBCONNECT_FAILURE}
LogFile : System
Message : The server running Citrix Presentation Server failed to connect to the Data Store. Error - IMA_RESULT_DBCONNECT_FAILURE. The database is down or there is a network failure.
RecordNumber : 1324
SourceName : IMAService
TimeGenerated : 20110518112620.000000+330
TimeWritten : 20110518112620.000000+330
Type : Error
UserName :
Step-2: Script to list servers
Just copy and paste the following section of PowerShell code and change the Instance ID you got by executing the script under Step-1. Edit the section "LIST THE SERVERS FOR SPECIFIC EVENT" with that Instance ID. Save the file with .PS1 extension and then execute it.
Add-PSSnapin citrix.XenApp.Commands
##############################
# LOG FILE TO STORE OUTPUT
##############################
$Log_File="C:\ServerList.txt"
Clear-Content $Log_File
################################
# GET ALL SERVERS IN THE FARM
################################
$Servers=Get-XAServer
####################################################################
# SET THE STARTING DATE. HERE THE DATE STARTS FROM 7 DAYS BACK
####################################################################
$StartTime = (Get-Date).AddDays(-7)
########################################
# LIST THE SERVERS FOR SPECIFIC EVENT
########################################
Get-EventLog -logname System -computername $Servers -After $StartTime | where {$_.InstanceID -eq 2147749413} | Group-Object MachineName | Select-Object Name >> $Log_File
#################
# SENDING MAIL
#################
if ($Log_File -ne $null)
{
echo "Sending email"
$smtpServer = "<SMTP Server Address>"
$msg = new-object Net.Mail.MailMessage
$att = new-object Net.Mail.Attachment($Log_File)
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$msg.From = "<From Email>"
$msg.To.Add("<To Email>")
$msg.Subject = "Servers with Event ID 3621"
$msg.Body = "Please see the attached log to check servers with Event ID 3621"
$msg.Attachments.Add($att)
$smtp.Send($msg)
}
else
{
Write-Host "No servers found with that specific Event ID!"
}
Output
Name
------
XENAPP1
XENAPP2
XENAPP3
No comments:
Post a Comment