We have a number of users in our office. Each of them uses their AD credential to log on to PRTG. each months as their AD password expires, the infrequent users often do not remember to update their EC credential which triggers overload protection. we have spent a bit too much time to check the log and chase people to get them to update their password or even request the user to uninstall / stop EC start up on boot. I am wondering if we can limit EC console for a number of attempt login by default. this will increase our script performance and eliminate the need of chase users to update their password. Thanks.
Number of failed login retry for Enterprise Console.
Votes:
0
Best Answer
Votes:
6
Hello, we had the same problem so here is my solution:
First you have to create a BATCH-File under "PRTG-Network-Monitor/Custom Sensors/EXE"
with the following code:
for /f "delims=" %%i in ('dir /b /a-d /od "Q:\Logs (Web Server)\*.log"') do set "LatestModifiedFile=%%~i"
copy "Q:\Logs (Web Server)\%LatestModifiedFile%" "C:\weblog\log.log"
echo "1:Successfully"
You have to edit the Paths.(Q:\Logs (Web Server)\*.log, Q:\Logs (Web Server)\%LatestModifiedFile% and C:\weblog\log.log)
This script searches in the first line for the recent modfied Webserver Log-File and saves the value in the LatestModifiedFile variable. The second line copys the most recent Webserverlog and saves it in a temporary folder. The third line just echoes "Successfully" for PRTG.
The next Step is to create a "Program/Script"-Sensor in PRTG under youre PRTG-Core-Server. In the Sensor Settings you choose under "Program/Script" the created BATCH File. Then you can choose how often do you want to check for failed logins. I recommend every 30 minutes.
So to crawl the copied most recent Weblog we create a "File Content"-Sensor under the PRTG-Core-Server. With the following Settings:
- Filename: path to the copied weblog (line 2, the second path)
- Term: login_failed Then save the sensor and set the polling intervall to the same as in the "Program/Script"-Sensor.
I hope this solution fits youre problem.
4 Replies
Votes:
0
Sorry, there's no way to do that. The only thing you can do is to increase the update interval under File > Options > System (the highest value is 3600 seconds).
Since the overload protection can't be disabled, you might want to consider switching to the webinterface :/
Votes:
0
What if EC console is programmed to default to attempt connection at # of retry. It seems pointless for the application to retry till the end of days when the password is incorrect and affect production system in such way.
Votes:
0
I'll bring that up in the next meeting. You're right, the behavior is kinda stubborn and the EC should stop trying after some attempts. I'll let you know!
Votes:
6
Hello, we had the same problem so here is my solution:
First you have to create a BATCH-File under "PRTG-Network-Monitor/Custom Sensors/EXE"
with the following code:
for /f "delims=" %%i in ('dir /b /a-d /od "Q:\Logs (Web Server)\*.log"') do set "LatestModifiedFile=%%~i"
copy "Q:\Logs (Web Server)\%LatestModifiedFile%" "C:\weblog\log.log"
echo "1:Successfully"
You have to edit the Paths.(Q:\Logs (Web Server)\*.log, Q:\Logs (Web Server)\%LatestModifiedFile% and C:\weblog\log.log)
This script searches in the first line for the recent modfied Webserver Log-File and saves the value in the LatestModifiedFile variable. The second line copys the most recent Webserverlog and saves it in a temporary folder. The third line just echoes "Successfully" for PRTG.
The next Step is to create a "Program/Script"-Sensor in PRTG under youre PRTG-Core-Server. In the Sensor Settings you choose under "Program/Script" the created BATCH File. Then you can choose how often do you want to check for failed logins. I recommend every 30 minutes.
So to crawl the copied most recent Weblog we create a "File Content"-Sensor under the PRTG-Core-Server. With the following Settings:
- Filename: path to the copied weblog (line 2, the second path)
- Term: login_failed Then save the sensor and set the polling intervall to the same as in the "Program/Script"-Sensor.
I hope this solution fits youre problem.
Add comment