Hello,
i´ve a problem getting a remote command, which has to start a program when it´s not running, to work properly, so i hope someone here can help me out.
The idea:
A self written program on the host crashes from time to time, it needs to be restarted when this happens.
The Setup:
Server (4.4.0alpha1, active) -> Proxy(4.4.0alpha1, active) -> Agent on Windows (4.4.0 x64, server active and passive in config)
Checks are generally active, some have to be passive (agent.ping for example)
I added an item for monitoring the processlist for a specific name (proc.num[*processname*.exe,*username*]). The check is active at the moment, i also tried with passive checks throughout the following witchhunt.
I added a trigger for this Item, so when value = 0 (name not in processlist) it triggers ({*hostname*
roc.num[*processname*.exe,*username*].last()}=0
Value checks and trigger work fine, no problem here.
I added a remote-command action which fires as soon the trigger is hit.
I tested the action by changing the remote-command to "sc \\127.0.0.1 start "spooler" " which is starting the spooler service on the host.
Closed Program -> Trigger fires -> spooler service is started (works fine).
Since the action is working with my test code, all settings (RemoteCommandEnabled and so on) should be fine.
I tested running the remote code on the host´s cmd:
C:\Zabbix\zabbix_agentd.exe -c C:\Zabbix\zabbix_agentd.win.conf -t system.run["C:\*path*\*to*\*program*.lnk"] (Programm is required to start with some attributes, hence the lnk)
which is working fine.
No troubles up to now.
Now i change the remote-command action code to the code which should execute my program.
system.run["C:\*path*\*to*\*programm*.lnk"]
When i close the program: trigger fires -> Action log Status "Executed" -> programm doesn´t start.
Host log (Level 5):
2100:20200131:113030.506 Requested [system.run["system.run["c:\*path*\*to*\*programm*.lnk"]",wait]]
2100:20200131:113030.506 Executing command 'system.run["c:\*path*\*to*\*programm*.lnk"]'
2100:20200131:113030.528 EXECUTE_STR() command:'system.run["c:\*path*\*to*\*programm*.lnk"]' len:91 cmd_result:'Die Syntax fr den D'
2100:20200131:113030.528 Sending back [Die Syntax fr den Dateinamen, Verzeichnisnamen oder die Datentr„gerbezeichnung ist falsch.]
(Bare with me parts are in german, basically it says syntax for filename, foldername oder filesystem (?)(C: is meant) are wrong. (which its definitely not, works on host)
Now the Witchhunt began....
I tried:
- Escaping all special caracters.
- chaging positioning of " characters
- writing a batch which starts the programm
- starting cmd with /c parameter
- starting any other programm (e.g. Notepad)
Same error in log all the time.
- writing code without system.run e.g " cmd.exe /C start c:\tmp\1.bat " (without ", tried different paths)
Action log Status: failed -> info: Timeout while executing a shell script. (Timeout is on max)
But still entries in hostlog:
3932:20200131:115155.465 Requested [system.run[cmd.exe /C start c:\tmp\test.bat,wait]]
3932:20200131:115155.466 Executing command 'cmd.exe /C start c:\tmp\test.bat'
- changing user who starts zabbix service (and restarting the service)
- updating agent version
- delete host from server and let it be re-discovered
- changing item from passive to active
- re-wrote item / trigger / action
Now i got back to trying other Code (service start works just fine)
When i change the remote command to simply say " cmd.exe /C dir " (without ")
Log shows:
4548:20200131:114535.611 Requested [system.run[cmd.exe /C dir,wait]]
4548:20200131:114535.611 Executing command 'cmd.exe /C dir'
4548:20200131:114536.324 EXECUTE_STR() command:'cmd.exe /C dir' len:137990 cmd_result:' Volume in Laufwerk '
4548:20200131:114536.325 Sending back [ Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: ****-****
Verzeichnis von C:\Windows\system32
30.01.2020 15:39 <DIR> .
30.01.2020 15:39 <DIR> ..
18.03.2014 10:26 <DIR> 0407
... and the whole dir output ...
Why does it write the output in the log and doesn´t open up a cmd with the output, is this expected?
When i pipe the whole output in a Textfile (cmd.exe /C dir > c:\tmp\test.txt) the txt file is created and filled as expected.
I found a post on someone executing a powershell script sucessfully, on this forum, so i tried starting the programm with powershell:
1st try (as suggested in the post):
592:20200131:121310.576 Requested [system.run["system.run[powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1",nowait]",wait]]
592:20200131:121310.576 Executing command 'system.run[powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1",nowait]'
592:20200131:121310.597 EXECUTE_STR() command:'system.run[powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1",nowait]' len:106 cmd_result:'Der Befehl "system.r'
592:20200131:121310.598 Sending back [Der Befehl "system.run[powershell.exe" ist entweder falsch geschrieben oder
konnte nicht gefunden werden.]
Translation: Sending back [The Commaned "system.run[powershell.exe" is written wrong or could´nt be found]
2nd try (shortened patch to powershell, since the post suggested zabbix scripts are ran from System32):
[system.run["system.run[WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*",nowait]",wait]]
4736:20200131:121855.667 Executing command 'system.run[WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1",nowait]'
4736:20200131:121855.688 EXECUTE_STR() command:'system.run[WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1",nowait]' len:50 cmd_result:'Das System kann den '
4736:20200131:121855.689 Sending back [Das System kann den angegebenen Pfad nicht finden.]
Translation: The System can´t find the Path.
3rd try (no system.run):
2820:20200131:122505.671 Requested [system.run[C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1",wait]]
2820:20200131:122505.671 Executing command 'C:\Windows\System32\WindowsPowerShell\v1.0\powers hell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1"'
4380:20200131:122505.738 Sending back [0]
2820:20200131:122506.008 EXECUTE_STR() command:'C:\Windows\System32\WindowsPowerShell\v1. 0\powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1"' len:0 cmd_result:''
2820:20200131:122506.008 Sending back [] <----- No Output??
Action log showed Status - Executed in every instance.
I have no idea what to do anymore and would be very thankful for any input.
Thanks in advance !
Greetings from Germany
i´ve a problem getting a remote command, which has to start a program when it´s not running, to work properly, so i hope someone here can help me out.
The idea:
A self written program on the host crashes from time to time, it needs to be restarted when this happens.
The Setup:
Server (4.4.0alpha1, active) -> Proxy(4.4.0alpha1, active) -> Agent on Windows (4.4.0 x64, server active and passive in config)
Checks are generally active, some have to be passive (agent.ping for example)
I added an item for monitoring the processlist for a specific name (proc.num[*processname*.exe,*username*]). The check is active at the moment, i also tried with passive checks throughout the following witchhunt.
I added a trigger for this Item, so when value = 0 (name not in processlist) it triggers ({*hostname*
roc.num[*processname*.exe,*username*].last()}=0Value checks and trigger work fine, no problem here.
I added a remote-command action which fires as soon the trigger is hit.
I tested the action by changing the remote-command to "sc \\127.0.0.1 start "spooler" " which is starting the spooler service on the host.
Closed Program -> Trigger fires -> spooler service is started (works fine).
Since the action is working with my test code, all settings (RemoteCommandEnabled and so on) should be fine.
I tested running the remote code on the host´s cmd:
C:\Zabbix\zabbix_agentd.exe -c C:\Zabbix\zabbix_agentd.win.conf -t system.run["C:\*path*\*to*\*program*.lnk"] (Programm is required to start with some attributes, hence the lnk)
which is working fine.
No troubles up to now.
Now i change the remote-command action code to the code which should execute my program.
system.run["C:\*path*\*to*\*programm*.lnk"]
When i close the program: trigger fires -> Action log Status "Executed" -> programm doesn´t start.
Host log (Level 5):
2100:20200131:113030.506 Requested [system.run["system.run["c:\*path*\*to*\*programm*.lnk"]",wait]]
2100:20200131:113030.506 Executing command 'system.run["c:\*path*\*to*\*programm*.lnk"]'
2100:20200131:113030.528 EXECUTE_STR() command:'system.run["c:\*path*\*to*\*programm*.lnk"]' len:91 cmd_result:'Die Syntax fr den D'
2100:20200131:113030.528 Sending back [Die Syntax fr den Dateinamen, Verzeichnisnamen oder die Datentr„gerbezeichnung ist falsch.]
(Bare with me parts are in german, basically it says syntax for filename, foldername oder filesystem (?)(C: is meant) are wrong. (which its definitely not, works on host)
Now the Witchhunt began....
I tried:
- Escaping all special caracters.
- chaging positioning of " characters
- writing a batch which starts the programm
- starting cmd with /c parameter
- starting any other programm (e.g. Notepad)
Same error in log all the time.
- writing code without system.run e.g " cmd.exe /C start c:\tmp\1.bat " (without ", tried different paths)
Action log Status: failed -> info: Timeout while executing a shell script. (Timeout is on max)
But still entries in hostlog:
3932:20200131:115155.465 Requested [system.run[cmd.exe /C start c:\tmp\test.bat,wait]]
3932:20200131:115155.466 Executing command 'cmd.exe /C start c:\tmp\test.bat'
- changing user who starts zabbix service (and restarting the service)
- updating agent version
- delete host from server and let it be re-discovered
- changing item from passive to active
- re-wrote item / trigger / action
Now i got back to trying other Code (service start works just fine)
When i change the remote command to simply say " cmd.exe /C dir " (without ")
Log shows:
4548:20200131:114535.611 Requested [system.run[cmd.exe /C dir,wait]]
4548:20200131:114535.611 Executing command 'cmd.exe /C dir'
4548:20200131:114536.324 EXECUTE_STR() command:'cmd.exe /C dir' len:137990 cmd_result:' Volume in Laufwerk '
4548:20200131:114536.325 Sending back [ Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: ****-****
Verzeichnis von C:\Windows\system32
30.01.2020 15:39 <DIR> .
30.01.2020 15:39 <DIR> ..
18.03.2014 10:26 <DIR> 0407
... and the whole dir output ...
Why does it write the output in the log and doesn´t open up a cmd with the output, is this expected?
When i pipe the whole output in a Textfile (cmd.exe /C dir > c:\tmp\test.txt) the txt file is created and filled as expected.
I found a post on someone executing a powershell script sucessfully, on this forum, so i tried starting the programm with powershell:
1st try (as suggested in the post):
592:20200131:121310.576 Requested [system.run["system.run[powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1",nowait]",wait]]
592:20200131:121310.576 Executing command 'system.run[powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1",nowait]'
592:20200131:121310.597 EXECUTE_STR() command:'system.run[powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1",nowait]' len:106 cmd_result:'Der Befehl "system.r'
592:20200131:121310.598 Sending back [Der Befehl "system.run[powershell.exe" ist entweder falsch geschrieben oder
konnte nicht gefunden werden.]
Translation: Sending back [The Commaned "system.run[powershell.exe" is written wrong or could´nt be found]
2nd try (shortened patch to powershell, since the post suggested zabbix scripts are ran from System32):
[system.run["system.run[WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*",nowait]",wait]]
4736:20200131:121855.667 Executing command 'system.run[WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1",nowait]'
4736:20200131:121855.688 EXECUTE_STR() command:'system.run[WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1",nowait]' len:50 cmd_result:'Das System kann den '
4736:20200131:121855.689 Sending back [Das System kann den angegebenen Pfad nicht finden.]
Translation: The System can´t find the Path.
3rd try (no system.run):
2820:20200131:122505.671 Requested [system.run[C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1",wait]]
2820:20200131:122505.671 Executing command 'C:\Windows\System32\WindowsPowerShell\v1.0\powers hell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1"'
4380:20200131:122505.738 Sending back [0]
2820:20200131:122506.008 EXECUTE_STR() command:'C:\Windows\System32\WindowsPowerShell\v1. 0\powershell.exe -NoLogo -NonInteractive -File "C:\Zabbix\Scripte\*scriptname*.ps1"' len:0 cmd_result:''
2820:20200131:122506.008 Sending back [] <----- No Output??
Action log showed Status - Executed in every instance.
I have no idea what to do anymore and would be very thankful for any input.
Thanks in advance !
Greetings from Germany