The Overnight Admin

Tuesday, October 22, 2013

Kaseya Alert – Pages/Sec

Have you ever received an alert from Kaseya? If you answered yes, you’ve came to the right place, I too have seen what feels like thousands of tickets like the one pictured below.

Luckily for us With PowerShell we can easily reverse engineer a ticket like above. Notice the ‘Log Object Name’ which in this case is ‘Pages/Sec’ with refers to memory consumption. From what I’ve noticed Kaseya monitors the specific performance counters which we can also monitor with PowerShell.

While logged onto the effected server run the following cmdlet in an Elevated PowerShell window.

(Get-Counter -ListSet Memory).Paths

PS C:\> (Get-Counter -ListSet Memory).paths
\Memory\Page Faults/sec
\Memory\Available Bytes
\Memory\Committed Bytes
\Memory\Commit Limit
\Memory\Write Copies/sec
\Memory\Transition Faults/sec
\Memory\Cache Faults/sec
\Memory\Demand Zero Faults/sec
\Memory\Pages/sec
\Memory\Pages Input/sec
\Memory\Page Reads/sec
\Memory\Pages Output/sec
\Memory\Pool Paged Bytes
\Memory\Pool Nonpaged Bytes
\Memory\Page Writes/sec
\Memory\Pool Paged Allocs
\Memory\Pool Nonpaged Allocs
\Memory\Free System Page Table Entries
\Memory\Cache Bytes
\Memory\Cache Bytes Peak
\Memory\Pool Paged Resident Bytes
\Memory\System Code Total Bytes
\Memory\System Code Resident Bytes
\Memory\System Driver Total Bytes
\Memory\System Driver Resident Bytes
\Memory\System Cache Resident Bytes
\Memory\% Committed Bytes In Use
\Memory\Available KBytes
\Memory\Available MBytes
\Memory\Transition Pages RePurposed/sec
\Memory\Free & Zero Page List Bytes
\Memory\Modified Page List Bytes
\Memory\Standby Cache Reserve Bytes
\Memory\Standby Cache Normal Priority Bytes
\Memory\Standby Cache Core Bytes
\Memory\Long-Term Average Standby Cache Lifetime (s)
PS C:\>

Notice \Memory\Pages/Sec

now run the below cmdlet to output the current \Memory\Pages/Sec.

Get-Counter \Memory\Pages/Sec

PS C:\> Get-Counter \Memory\Pages/sec

Timestamp                 CounterSamples
---------                 --------------
10/24/2013 1:40:02        \\vt-mkerfoot-w8\memory\pages/sec :
MATTHEW                   0

PS C:\>

I like to gather a little more information typically…

Hostname ; Get-Counter -Counter \Memory\Pages/sec -SampleInterval 1 -MaxSamples 3

PS C:\> hostname ; Get-Counter -Counter "\Memory\Pages/sec" -SampleInterval 1 -MaxSamples 3
VT-MKERFOOT-W8

Timestamp                 CounterSamples
---------                 --------------
10/24/2013 2:08:04        \\vt-mkerfoot-w8\memory\pages/sec :
MATTHEW                   1749.75083141259

10/24/2013 2:08:05        \\vt-mkerfoot-w8\memory\pages/sec :
MATTHEW                   1421.4409519757

10/24/2013 2:08:06        \\vt-mkerfoot-w8\memory\pages/sec :
MATTHEW                   4602.18149317241

PS C:\>

Find available disk space PERCENTAGE with PowerShell

As an overnight admin I find myself constantly cleaning up full disk drives. Here's a little function I wrote to help myself and hopefully you speed up the process of finding out what percentage of disk space is free. I would recommend adding to your $PROFILE as I use this every night at work.

      001

002

003

004

005

006

007

008

009

010

011

012

013

014

015

016

017

018

019

020

021

022

023

024

025

026

027

028

029

030

031

032

033
      <#

.CREATED BY:

    Matthew A. Kerfoot

.CREATED ON:

    10\21\2013

.Synopsis

   Gathers Disk Drive Available FreeSpace Percentage

.DESCRIPTION

    This function gathers information about HDDs and then reformats the output `

    to an easy to read output with the available FreeSpace percentage.

.EXAMPLE

   Get-FreeSpace localhost | ConvertTo-Html | Out-File C:\

#>

function Get-FreeSpace {

                        [CmdletBinding()]

                 Param ([Parameter(Mandatory=$false,

                        ValueFromPipelineByPropertyName=$true,

                        Position=0)]

                        $Computername )

        Begin { $Begin = Get-WmiObject Win32_LogicalDisk }

    Process { $Process = $Begin | Where-Object { $_.DriveType -eq "3" } | Select-Object SystemName, 

            @{ Name = "Drive" ; Expression = { ( $_.DeviceID ) } },

            @{ Name = "Size (GB)" ; Expression = {"{0:N1}" -f( $_.Size / 1gb)}},

            @{ Name = "FreeSpace (GB)" ; Expression = {"{0:N1}" -f( $_.Freespace / 1gb ) } },

            @{ Name = "PercentFree" ; Expression = {"{0:P1}" -f( $_.FreeSpace / $_.Size ) } } }

End { $Process | Format-Table -AutoSize }

}

Get-FreeSpace

Download Here

Now to explain what exactly is happening in the above function:

The above code allows us to only have to type “Get-FreeSpace” to get an output of the local machines available free space. The next important thing to point out is the Begin, Process and End Blocks which should be used just like you would think, put everything needed for the script(ex..Parameters,Variables). Next is the Process block, this is where you should be running a majority of the code especially with a lengthier script and finally the End block which I tend to use to clean everything up, maybe email it and add the final formatting adjustments.

This code will gather all information related to “Win32_LogicalDisk” and place it into "$Begin"

Begin { $Begin = Get-WmiObject Win32_LogicalDisk }

This code takes the $Begin variable and and pipes it into Where-Object { $_.DriveType -eq "3" }which will gather all information related to “Win32_LogicalDisk” and sort\filter everything gathered and only keep anything with a “drivetype” of 3 which means its a HDD and not a DVD drive or Flash drive for example.

Process { $Process = $Begin | Where-Object { $_.DriveType -eq "3" } | Select-Object SystemName,

The below code looks a little frightening to a PowerShell newcomer however after just a little playing around with PS you will find expressions to be one of the more enjoyable tasks as an IT admin. I think the easiest way to understand expressions is to see one used in real life, let me show you.

Process { $Process = $Begin | Where-Object { $_.DriveType -eq "3" } | Select-Object SystemName, 
            @{ Name = "Drive" ; Expression = { ( $_.DeviceID ) } },
            @{ Name = "Size (GB)" ; Expression = {"{0:N1}" -f( $_.Size / 1gb)}},
            @{ Name = "FreeSpace (GB)" ; Expression = {"{0:N1}" -f( $_.Freespace / 1gb ) } },
            @{ Name = "PercentFree" ; Expression = {"{0:P1}" -f( $_.FreeSpace / $_.Size ) } } }

Take a look at the expressions above and then the output in the below image...specifically follow Drive, Size, FreeSpace, and PercentFree, these are all case sensitive sensitive as in however you type it in the "@{ Name = "Drive"" area.

PS C:\Users\mkerfoot> Get-FreeSpace

SystemName     Drive Size (GB) FreeSpace (GB) PercentFree
----------     ----- --------- -------------- -----------
VT-MKERFOOT-W8 C:    223.2     37.5           16.8 %     

PS C:\Users\mkerfoot>

Then I ended it off with some nice formatting for a presentable output.

End { $Process | Format-Table -AutoSize }
}

Example run

PS C:\Users\mkerfoot\Desktop\powershell\Functions> Get-FreeSpace

SystemName     Drive Size (GB) FreeSpace (GB) PercentFree
----------     ----- --------- -------------- -----------
VT-MKERFOOT-W8 C:    223.2     37.5           16.8 %

Copy and paste this function into PowerShell and Type "Get-FreeSpace"