Solved

Need a vbscript that will monitor task manager processes for dumprep.exe

Posted on 2010-11-19
12
1,315 Views
Last Modified: 2013-11-08
i'm managing a terminal server that several users work on.  I'm looking for a vbscript (?) that I can use to  monitor processes and notify me when it detects dumprep.exe.  (I have billers that are killing their Great Plains client when they think it's taking too long to generate an invoice batch - which causes all manner of chaos).

I know how to loop through the processes using vbscript, but the only thing I can think to do with it now is to make is a scheduled task and repeat it every minute - I don't think that will do the trick for me.  
0
Comment
Question by:jaypappas
12 Comments
 
LVL 66

Expert Comment

by:johnb6767
ID: 34182040
In batch, all you need to do is a tasklist | find /i "dumprep.exe" && ACTION

Replace action with maybe a simple command line SMTP engine?

Perhaps you can use the same theory in VBS?
0
 

Author Comment

by:jaypappas
ID: 34183887
manythanks - but I would use wmi most likely to list tasks - is there any way to actually monitor the task manager and trigger an event when a specific process starts?  Even using WMI I'm stuck basically running a program to loop through processes and triggering an email when dumprep.exe is found.  even repeating this every minute would seem to leave open the possibility of missing a brief dumprep.exe appearance.
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 34184363
Thats outside of my scripting abilities im afraid.......
0
MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

 
LVL 66

Expert Comment

by:johnb6767
ID: 34184368
Maybe even instead of loopiong, just let the script sleep for 15-20 seoncds, requerying etc.....

What exactly are you trying to achieve.... Are you trying to find reactively who has done this? Seems like it might need to be approached as more of a training issue...... To make sure they use patience in dealing with it.....
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 34184447
Hi there, try this script.

The __InstanceCreationEvent class of the ExecNotificationQuery method will allow you to recurse through any instance of the raised event in the last n seconds, where n is given by the integer after the Within keyword.

The Do While loop will endlessly loop through the notifications received.

Regards,

Rob.
strComputer = "."
Set objNetwork = CreateObject("WScript.Network")
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colMonitoredProcesses = objWMIService.ExecNotificationQuery("SELECT * FROM __InstanceCreationEvent Within 5 WHERE TargetInstance Isa Win32_Process And TargetInstance.Name = 'dumprep.exe'")
Do While True
	Set objProcess = colMonitoredProcesses.NextEvent
	' Email variables:
	strServer = "mailhost.abc.com"
	strTo = "john.doe@abc.com"
	strFrom = "john.doe@abc.com"
	strSubject = "Dumprep.exe Detected on " & objNetwork.ComputerName & " by user " & objNetwork.UserName
	strBody = "This is the body:" & VbCrLf
	SendEmail strServer, strTo, strFrom, strSubject, strBody, ""
Loop

Sub SendEmail(strServer, strTo, strFrom, strSubject, strBody, strAttachment)
        Dim objMessage
        
        Set objMessage = CreateObject("CDO.Message")
        objMessage.To = strTo
        objMessage.From = strFrom
        objMessage.Subject = strSubject
        objMessage.TextBody = strBody
  		If strAttachment <> "" Then objMessage.AddAttachment strAttachment
  		
        '==This section provides the configuration information for the remote SMTP server.
        objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
        'Name or IP of Remote SMTP Server
        objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = strServer
        'Server port (typically 25)
        objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25      
        objMessage.Configuration.Fields.Update
        '==End remote SMTP server configuration section==
 
        objMessage.Send
        Set objMessage = Nothing
End Sub

Open in new window

0
 
LVL 65

Expert Comment

by:RobSampson
ID: 34438287
Dhaest, my code in comment ID:34184447 should do the job.  It will monitor for the process, and send an email, which is the author's intent.

Rob.
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 34439958
I second it.....
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 34467669
My code in comment ID:34184447 should do the job.  It will monitor for the process, and send an email, which is the author's intent.

Rob.
0
 
LVL 1

Expert Comment

by:Vee_Mod
ID: 34509891
All,
 
Following an 'Objection' by RobSampson (at http://www.experts-exchange.com/Q_26713111.html) to the intended closure of this question, it has been reviewed by at least one Moderator and is being closed as recommended by the Expert.
 
At this point I am going to re-start the auto-close procedure.
 
Thank you,
 
Vee_Mod
Experts-Exchange Moderator
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is an explanation of a simple data model to help parse a JSON feed
This is about my first experience with programming Arduino.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question