Automation ,Powershell ,Series: PowerShell Monitoring

Monitoring with PowerShell Chapter 2: Monitoring Compellent SANs

Kelvin Tegelaar | 24 Jan, 2018 | 3 Mins Read

Hi All,
Today we will be focusing on monitoring the Compellent SAN status from a single server, Most Compellents are delivered with Dell’s Co-Pilot functionality and do not require you to monitor it yourself, but I also enjoy having an extra set of eyes on my shared storage – Also in some security restricted environments we cannot use the Co-pilot functionality and have to rely on our own monitoring sets.

Requirements:

  • Compellent PowerShell components(Link)
  • PowerShell v3 or higher

Creating the monitoring sets:
Creating the monitoring sets are very simple and straight-forward, after we install the Dell Compellent PowerShell Components we get the ability to connect to the SAN by importing the modules and using the Get-SCConnection cmdlet.


Add-PSSnapin Compellent.StorageCenter.PSSnapin
$pass = ConvertTo-SecureString "ThisIsYourAdminPassword" -AsPlainText -force
$connection = Get-SCConnection -HostName YOURSAN.DOMAIN.COM -User Admin -Password $pass
$SanAlerts = Get-SCAlert -Connection $connection

As you can see, this is not very secure – The password is stored plain-text in the script and could be read by anyone, so before moving on to the monitoring part we’re going to make sure we’re connecting more securely than just using plain-text credentials.

To start encrypting our credentials we’ll be generating a secure key to store as a file, this file will need to be placed in a secure location that no-one except you(or better: the script) can access it. I always advice that you create a new keypair for each script, so if for whatever reason one key is leaked to the public not all your scripts are affected.


$Key = New-Object Byte[] 32
[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($Key)
$Key | out-file "C:\SecureKeyStorage\CompellentScript.key"

After creating this key, we can start encrypting and decrypting passwords with it. To do this we’ll create a new password file.


$Key = Get-Content $KeyFile"C:\SecureKeyStorage\CompellentScript.key"
$Password = " ThisIsYourAdminPassword" | ConvertTo-SecureString -AsPlainText -Force
$Password | ConvertFrom-SecureString -key $Key | Out-File "C:\SecureKeyStorage\CompellentScript.Password"

Now, we change our script to use the encrypted password+keyfile combination instead of the credentials object we’ve created before.


$KeyFile = get-content "C:\SecureKeyStorage\CompellentScript.key"
$PasswordFile = get-content "C:\SecureKeyStorage\CompellentScript.Password"
$Pass =  $PasswordFile | ConvertTo-SecureString -Key $key
Add-PSSnapin Compellent.StorageCenter.PSSnapin
$connection = Get-SCConnection -HostName YOURSAN.DOMAIN.COM -User Admin -Password $pass
$SanAlerts = Get-SCAlert -Connection $connection

Now that we have connected to the SAN we can start retrieving the warning and errors using the following script:


$KeyFile = get-content "C:\SecureKeyStorage\CompellentScript.key"
$PasswordFile = get-content "C:\SecureKeyStorage\CompellentScript.Password"
$Pass =  $PasswordFile | ConvertTo-SecureString -Key $key
Add-PSSnapin Compellent.StorageCenter.PSSnapin
$connection = Get-SCConnection -HostName YOURSAN.DOMAIN.COM -User Admin -Password $pass
$SanAlerts = Get-SCAlert -Connection $connection

foreach($Alert in $SanAlerts | where-object { $_.Status -ne "Inform" }){
$SanStatus += "Alert: $($Alert.message) `n "
}
if (!$SanStatus) { $SanStatus = "Healthy” }

And that’s it! You now have all Alerts from your SAN in one handy location, excluding the “INFORM” reports.

Recent Articles

Series: PowerShell Automation
The return of CyberDrain CTF
09 Jan, 2023|2 Mins Read

CyberDrain CTF returns! (and so do I!)

It’s been since september that I actually picked up a digital pen equivalent and wrote anything down. This was due to me being busy with life but also my side projects like CIPP. I’m trying to get back into the game of scripting and blogging about these scripts. There’s still so much to automate and so little time, right? ;)

Series: PowerShell Monitoring
Monitoring with PowerShell: Monitoring Acronis Backups
05 Sep, 2022|3 Mins Read

Intro

This is a monitoring script requested via Reddit, One of the reddit r/msp users wondered how they can monitor Acronis a little bit easier. I jumped on this because it happened pretty much at the same time that I was asked to speak at the Acronis CyberSummit so it kinda made sense to script this so I have something to demonstrate at my session there.

Series: PowerShell Monitoring
Monitoring with PowerShell: Monitoring VSS Snapshots
30 Aug, 2022|2 Mins Read

Intro

Wow! It’s been a while since I’ve blogged. I’ve just been so swamped with CIPP that I’ve just let the blogging go entirely. It’s a shame because I think out of all my hobbies it’s one I enjoy the most. It’s always nice helping others achieve their scripting target. I even got a couple of LinkedIn questions asking if I was done with blogging but I’m not. Writing always gives me some more piece of mind so I’ll try to catch up again. I know I’ve said that before but this time I’ll follow through. I’m sitting down right now and scheduling the release of 5 blogs in one go. No more whining and no more waiting.