DarrenWhite99

Glad it helped @nicecube! I owe the entirety of that script to @Braingears though. I did tweak it a bit, for some possible improvements. You can use the "COMMAND1 && COMMAND2" syntax and COMMAND2 will only execute if COMMAND1 ended successfully. So FIND.exe can be used with && to directly jump instead of testing ERRORLEVEL. Also, findstr.exe can use limited regular expressions, so you can do a more complex match like specifying the Default Gateway you are targeting, not just a matching IP. (Typically to match that without typing the entire line you would see something like: ipconfig | find /i "Gateway" | find /i "192.168.5." > NUL )

The script is for Automate. If you don’t have Automate, you won’t be able to use it. Heres a link to a comment explaining how to install it. https://www.mspgeek.com/files/file/31-remove-continuum-agent-software/?do=findComment&comment=53

The monitor automatically sets the threshold for you. But result is the level of free licenses you want to be warned at. You need to make sure the alert template is valid. If you want a ticket, use a template that generates a ticket. To send email, use a template that sends an email. Etc.

Did you review this comment?

Just import the script, open it, and copy out the powershell. I mean, honestly... “I don’t like the way this is bundled. Bundle it differently so that I don’t have to take 4 minutes of my time to do the same steps I’m asking to be done.” ¯\_(ツ)_/¯

This monitor is not sniffing the network or “detecting” devices. It works by comparing AD information (gathered by the AD plugin) to see which Windows machines on the domain have been recently active and comparing this to Automate agents. It is designed to only notify you regarding Domain joined Windows systems, where you actually could install an agent. There is no point in alerting that a new Access Point or Printer is “missing an agent”. It cannot return anything that isn’t joined to the domain. If you are getting alerts like that they must be coming from somewhere else.

Perhaps it was added previously and renamed. Try running: SELECT * FROM Agents WHERE GUID='81fe7c64-2592-4a08-9461-38cf2ad5ba59'; That will return the row (showing the name) for the Internal Monitor that it should have added or updated.

Change nothing in the monitor. The function is entirely controlled by the Extra Data Field where you put your address in. Per the Script Notes: Multiple email addresses are supported and must be separated by ";". Email addresses will be removed once the recovery notification has been sent as follows: Email addresses ending with "!" will have one "!" character removed each time the agent recovers. This can be used to preserve the notification for multiple offline/online cycles. Email addresses ending with "*" will not be removed, so the agent status will be tracked indefinitely. Email addresses without a trailing "!" or "*" will be removed after a single notification. So, to email yourself three times, you would enter your email address as "email@domain.com!!". The first time it emails, it will update the address to be "email@domain.com!". The second time it emails, it will update the address to be "email@domain.com". The third time it emails, it will remove the address "email@domain.com". This can be done independently with multiple addresses on a single agent, so you could enter: "email1time@domain.com;email2extratimes@domain.com!!;emailcontinously@domain.com*" It will loop over each address to send the recovery email and then will remove the address (if no ! or * found), trim off one "!" (if you used !), or leave the address as is (if you used *).

Great screenshots @BenF, very helpful. The monitor is "trying" to alert against only 1 computer, and it is looking for the computer with Automate installed. (Where LTAgent=Running). If you don't have an agent for it, it falls back to using ID 1. If you don't have THAT agent, then it won't work. So, edit the "IFNULL(MAX(computerid),1)" section in the Additional Condition and replace "1" with whatever computer you want to have the alert to generate against. I think that will resolve your issue.

It is an Internal Monitor. There are no additional Scripts, Searches, EDFs, etc. It stands alone. You should find it in Control Center at "Automation" -> "Monitors" -> "Internal Monitors". Make sure that you restart Control Center after importing to ensure all windows are closed. If you have the monitors window opened it won't refresh the list. If all else fails, try running the entire .SQL file in SQLYog, and see if it is returning some kind of error. Perhaps it is failing to import? (Control Center won't tell you anything about the import)

The above error message is because the AD Plugin is not installed. This monitors uses data gathered by the AD Plugin, and will not work without it.

This is GOOD, if you have plenty of licenses available. The monitor will alert if the number of available licenses is below the "Result" value. To test this, you can edit the monitor (don't save) and change the Result field to a large number. Then hit Build and View, and it should return 1 row for the alert.

The monitor name is "Expire RoleDections Not Detected For 7 Days*". The process is explained in the post. What additional information would you like explained?

I have added an FAQ to the file description. Please review and see if your question has been answered.