Tips-Of-Mine/Powershell
2
0
Fork 0
Code Pull Requests Wiki Activity
Powershell/NRPE/Check-WSUS.ps1
hcornet 09c2faad93 update
2023-07-04 12:59:44 +02:00

138 lines
5.4 KiB
PowerShell
Raw Blame History

###############################################################################
# Windows PowerShell Skript to get WSUS statistics
# output readable by NRPE for Nagios monitoring
#
# FORK FROM: http://www.monitoring-portal.org/wbb/index.php?page=Thread&threadID=16424
###############################################################################
# Variables - set these to fit your needs
###############################################################################
# The server name of your WSUS server
$serverName = 'localhost'
# use SSL connection?
$useSecureConnection = $False
# the port number of your WSUS IIS website
$portNumber = 8530
# warn if a computer has not contacted the server for ... days
$daysBeforeWarn = 14
# Script - don't change anything below this line!
###############################################################################
# load WSUS framework
[void][reflection.assembly]::LoadWithPartialName("Microsoft.UpdateServices.Administration")
# connect to specified WSUS server
# see here for information of the IUpdateServer class
# -> http://msdn.microsoft.com/en-us/library/microsoft.updateservices.administration.iupdateserver(VS.85).aspx
$wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer($serverName, $useSecureConnection, $portNumber)
# get general status information
# see here for more infos about the properties of GetStatus()
# -> http://msdn.microsoft.com/en-us/library/microsoft.updateservices.administration.updateserverstatus_properties(VS.85).aspx
$status = $wsus.GetStatus()
$totalComputers = $status.ComputerTargetCount
# computers with errors
$computerTargetScope = new-object Microsoft.UpdateServices.Administration.ComputerTargetScope
$computerTargetScope.IncludedInstallationStates = [Microsoft.UpdateServices.Administration.UpdateInstallationStates]::Failed
$computersWithErrors = $wsus.GetComputerTargetCount($computerTargetScope)
# computers with needed updates
$computerTargetScope.IncludedInstallationStates = [Microsoft.UpdateServices.Administration.UpdateInstallationStates]::NotInstalled -bor [Microsoft.UpdateServices.Administration.UpdateInstallationStates]::InstalledPendingReboot -bor [Microsoft.UpdateServices.Administration.UpdateInstallationStates]::Downloaded
$computerTargetScope.ExcludedInstallationStates = [Microsoft.UpdateServices.Administration.UpdateInstallationStates]::Failed
$computersNeedingUpdates = $wsus.GetComputerTargetCount($computerTargetScope)
# computers without status
$computerTargetScope = new-object Microsoft.UpdateServices.Administration.ComputerTargetScope
$computerTargetScope.IncludedInstallationStates = [Microsoft.UpdateServices.Administration.UpdateInstallationStates]::Unknown
$computerTargetScope.ExcludedInstallationStates = [Microsoft.UpdateServices.Administration.UpdateInstallationStates]::Failed -bor [Microsoft.UpdateServices.Administration.UpdateInstallationStates]::NotInstalled -bor [Microsoft.UpdateServices.Administration.UpdateInstallationStates]::InstalledPendingReboot -bor [Microsoft.UpdateServices.Administration.UpdateInstallationStates]::Downloaded
$computersWithoutStatus = $wsus.GetComputerTargetCount($computerTargetScope)
# computers that are OK
$computersOK = $totalComputers - $computersWithErrors - $computersNeedingUpdates - $computersWithoutStatus
# needed, but not approved updates
$updateScope = new-object Microsoft.UpdateServices.Administration.UpdateScope
$updateScope.ApprovedStates = [Microsoft.UpdateServices.Administration.ApprovedStates]::NotApproved
$updateServerStatus = $wsus.GetUpdateStatus($updateScope, $False)
$updatesNeededByComputersNotApproved = $updateServerStatus.UpdatesNeededByComputersCount
# computers that did not contact the server in $daysBeforeWarn days
$timeSpan = new-object TimeSpan($daysBeforeWarn, 0, 0, 0)
$computersNotContacted = $wsus.GetComputersNotContactedSinceCount([DateTime]::UtcNow.Subtract($timeSpan))
# computers in the "not assigned" group
$computerTargetScope = new-object Microsoft.UpdateServices.Administration.ComputerTargetScope
$computersNotAssigned = $wsus.GetComputerTargetGroup([Microsoft.UpdateServices.Administration.ComputerTargetGroupId]::UnassignedComputers).GetComputerTargets().Count
# output and return code
# 0: OK
# 1: WARNING
# 2: CRITICAL
# 3: UNKNOWN
$returnCode = 0
$output = ''
if ($computersNeedingUpdates -gt 0) {
$returnCode = 1
$output = "$computersNeedingUpdates PC Desactualizadas"
}
if ($computersWithErrors -gt 0) {
$returnCode = 2
if ($output -ne '') {
$output = $output + ', '
}
$output = $output + "$computersWithErrors PC Con Errores"
}
if ($computersNotContacted -gt 0) {
$returnCode = 2
if ($output -ne '') {
$output = $output + ', '
}
$output = $output + "$computersNotContacted PC Sin Contacto ($daysBeforeWarn d)"
}
if ($computersNotAssigned -gt 0) {
$returnCode = 2
if ($output -ne '') {
$output = $output + ', '
}
$output = $output + "$computersNotAssigned PC Sin Asignar"
}
if ($updatesNeededByComputersNotApproved -gt 0) {
$returnCode = 2
if ($output -ne '') {
$output = $output + ', '
}
$output = $output + "$updatesNeededByComputersNotApproved Upd. S/A"
}
if ($output -eq '') {
$output = 'Todas las Computadoras Asignadas, Activas y Al dia.'
}
$output
# append performance data
'|' + "'PC Desactualizadas'=$computersNeedingUpdates;;;0;$totalComputers"
'|' + "'PC Con Errores'=$computersWithErrors;"
"'PC Sin Estatus'=$computersWithoutStatus;"
"'PC OK'=$computersOK;"
$host.SetShouldExit($returnCode)
exit $returnCode
View Git Blame Copy Permalink