A user created a PowerShell script to check if a machine is running MS Defender Endpoint in EDR Block Mode and asked about setting up a trigger for alerts. Another user suggested using event log entries to trigger actions, citing a thread discussing it on the ControlUp Community Slack. The original script is provided in the discussion for reference and the user updates it to address false positive reports. The final version of the script is tested and confirmed to work.
Read the entire article here...
Automation & Alerting Related Training & Support Archives
Automation & Alerting training and support-related archives from inside the ControlUp Community on Slack.
ControlUp Releases ControlUp for VDI 9.1
Exciting New Feature for ControlUp Users: Bulk Selection of Alerts with Ability to Set Severity in Bulk
Two members complimented a new feature bulk selection of alerts. One member requested the ability to set severity for multiple alerts at once. This would save time for those with over 90 alerts set up.
Read the entire article here...
Read the entire article here...
Troubleshooting a Stopped Trigger in ControlUp
A user is experiencing trouble with a trigger that suddenly stopped working. They shared a screenshot of the trigger and asked for suggestions on how to improve it. Other members chimed in and offered potential solutions, such as checking the trigger's configuration in PowerShell and verifying the versions. A script to test triggers was also suggested. The user has resorted to using a PS script via scheduled task for alerts. They also checked the Web Interface, which reported a server as Not Active even though it was running in SGP. They requested a script to test triggers. They were also asked what the Get-BrokerController showed for those brokers.
Read the entire article here...
Read the entire article here...
Dealing with a Compliance Alert in ControlUp
A user received a compliance alert about the "built-in" local Windows administrator account being in the local administrators group, which is a default and mandatory setting. There was discussion about how to deal with this issue and suggestions were made to check and exclude items in the scanning template. One user suggested that the setting could be more useful if it could identify other accounts and ignore the built-in "administrator" account. The issue was passed on to the secure DX PM.
Read the entire article here...
Read the entire article here...
Automating Firmware Updates in ControlUp
A user inquired about automating firmware updates for hardware issues via ControlUp. Other users suggested writing a script for automation and mentioned the possibility of retrieving the current firmware version programmatically, although it may be vendor specific. No specific examples were mentioned.
Read the entire article here...
Read the entire article here...
Automation for Updating Dock Firmware to Avoid Replacement
The group discusses implementing automation for updating dock firmware in response to hardware issues, avoiding the need for device replacement. A step-by-step process is suggested, along with alternative methods such as hosting the necessary software in a cloud bucket for easy installation. This topic was initiated by a user in the group.
Read the entire article here...
Read the entire article here...
Setting Up Alerts for SQL Always On Availability Group Failovers
A user asked for help with setting up an alert for a customer's SQL Always On Availability Group. Suggestions were made to use a PowerShell script or a scheduled trigger using the Edge DX agent. It was eventually resolved with the use of a PowerShell script that runs every 5 minutes and checks event logs for specific event IDs. No incidents are generated due to the potential scale of scheduled triggers.
Read the entire article here...
Read the entire article here...
Implementation of ControlUp monitoring for specific failed events
A user is looking to use CU to monitor their CA server for specific failed events, and wants to know if the trigger will work for each event. The trigger will only work for Warning or Error events, and one way to test it is by using a PowerShell script to generate a similar event on a machine with the CU agent installed. The script to create a test event is also provided. The event source must be created first if it does not already exist.
Read the entire article here...
Read the entire article here...
Using ListOfColumns Template Variables in ControlUp Triggers: A Helpful Tip and Exciting New Feature in the Works
Users discussed using ListOfColumns template variables for triggers and the impact of using them. One user shared an example of encapsulating the template with ListOfColumns to use multiple metrics in a trigger. Another mentioned that ListOfColumns can be replaced multiple times and added a warning about this. Another expressed excitement about the potential uses of this feature. The discussion also touched on the possibility of seeing the top 50 biggest files that were written and a suggestion for running a follow-up script to enrich the data. One user mentioned that the developer responsible was not available at the moment, but that more information would be shared soon and a real-time disk monitor was already available. It was suggested that the user hang on until Monday for a cool invite.
Read the entire article here...
Read the entire article here...