Mutiny Community ShellStore - Powershell & Remote agents
This collection of Powershell agents can be scheduled by the Mutiny Powershell Scheduler (MPS) and used to enhance application and system monitoring within mutiny.
Users can either copy and paste the code and modify as appropriate and then add them to the MPS or they can download the Mutiny Powershell bundle (.mpk files)and drop it straight on the MPS and run.
If you have coded your own powershell agent why not to share it with us and we will check it over and make it available here.
If you are writing your own agents these reference papers will help with the output that mutiny works with.
Data_Extensions_to_Remote_Agents.pdf
Agents
Windows Firewall Monitor
This agent checks if any or the windows firewall profiles are turned off and generates an event if one or more are turned off.
Status: Released
Author: Lawrence Freeman & ChatGPT
Version: 1
PScript: MutPSA_FirewallStatus.ps1
Notes:
Add custom agent named "MutPSA_FirewallStatus" to the node in mutiny
Windows Certificate Monitor
This agent checks for expiring Certificates
Status: Released
Author: Lawrence Freeman & ChatGPT
Version: 1.7
PScript: MutPsA_CertificateCounter.ps1
Notes:
Add custom agent named "MutPsA_CertificateCounter" to the node in mutiny
Hyper-V replication health monitor
This agent checks for successful replication
Status: Released
Author: mythofechelon.co.uk and modified for Mutiny
Version: 1.0 updated by Shieraz Bashir
PScript: HyperVReplicationHealthCheck.ps1
Notes:
Add custom agent named "ReplicationHealth" to the node in mutiny
Windows Updates Monitor
This agent checks for available windows(WSUS) updates
Status: Released
Author: Aaron Street and Brandon Pearson
Version: 1.12 updated by Lawrence Freeman
PScript: MutinyWSUSreport.ps1
Notes:
If you run defender on the server, uncomment the the line #Update-MpSignature then schedule the agent to run hourly.
It will then update the defender signature rile before checking for windows updates.
Windows Storage Monitor
Allows the monitoring of mounted and larger HDDs greater than 1TB
Status: Released
Author: AD Murray
Version: 2.2
PScript: WindowsStorageMonitor.ps1 (use <right-click> "save as" to download)
MS Exchange Health Monitor
Measures and graphs the internal transaction time and Queue length in Exchange.
Status: Released
Author: AD Murray
Version: 2.1
PScript: ExchangeHealthMonitor Exchange 2013/16 (use <right-click> "save as" to download)
PScript: Exchange2010HealthMonitor Exchange 2010 (use <right-click> "save as" to download)
Solution Page: https://mutiny.freshdesk.com/support/solutions/articles/5000524545-installing-the-powershell-scheduler
MS SQL Health Monitor
Monitors a number of SQL parameters, can be edited to your own requirements.
Status: Released
Author: AD Murray
Version: 2.1
PScript: MSSQLMonitor (use <right-click> "save as" to download)
Disk I/O performance
Graphs system i/o per disk
Status: Released
Author: AD Murray
Version: 1.0PScript: DiskIOmonitor (use <right-click> "save as" to download)
MS IIS App Pool Monitor
Checks that the defined App Pools are running.
Edit the .json file to list the App Pools to be monitored and place it in your agents results folder
Status: Released
Author: G Miller
Version: 1.1
PScript: MutPsA_IISAppPools (use <right-click> "save as" to download)
Additional files: MutPsA_IISAppPools.json (lives in the agents results folder) (use <right-click> "save as" to download)
Services running
Test the status of services and attempt a restart of the service, also alerts if not restarted.
edit line 11 $servicesMonitored = @('MSExchangeSA') change the highlighted text for the service you wish to monitor.
Status: Released
Author: G Miller
Version: 1.0
PScript: MutPsA_ServiceMonitor.ps1
Event ID Checker
Searches target event logs for a list of interesting event IDs and alerts when a set number have been found.
Status: Released
Author: George Miller
Version: 2.0
PScript: MutPsA_EventLog.ps1
PScript: MutPsA_EventLog2.ps1 (this version also returns some details)
Additional files: MutPsA_EventLog.json (lives in the agents results folder)
Help page: installing-the-event-log-powershell-agent
Citrix terminal server login enabled Monitor
This agent monitors registry entries set by the Citrix server to alert if the Citrix Servers have been set to not allow logins
Status: Released
Author: George Miller
Version: 1.0
PScript: MutPsA_CitrixLogins.ps1
File count agent
This agent counts the number of files in a specified folder and alerts if a threshold is passed. The script can be edited to specify a folder location and set the thresholds for warning and critical events.
Status: Released
Author: George Miller
Version: 1.0
PScript: MutPsA_FileCounter.ps1
File string search agent
This agent searches for a text string in a file in a specified location and alerts if the string is not found. The script can be edited to specify a folder location and string to be found.
Status: Released
Author: Mark Smith
Version: 1.0
PScript: MutinyPSA_StrFileSearch.ps1
Ransomeware Check agent
This agent searches for a text string in a file in a specified location and alerts if the string is not found or cannot be read. The script can be edited to specify a folder location and string to be found. This simple check can give you an early wrning that files are being encrypted on file shares etc.
Status: Released
Author: Lawrence
Version: 1.0
PScript: MutPSA_Ransomcheck.zip