Kaseya Community

Script to pull system crash logs

  • Ive created an alert that notifies me when a BSOD occurs. I would like to tie in a script to pull the minidumps from the sysroot folder. All that seems simple enough to script but im not sure how to set up the script to pull only the newest created dump files. I've tried several different script options with no results.

    Thanks,

    mac

    Legacy Forum Name: Script to pull system crash logs,
    Legacy Posted By Username: Mac
  • Hi, I do the same thing and I also spent a lot of time trying to figure out which were the most recent dumps. In the end, I wound up just using 7zip to zip them up and then upload to my KServer. I am only collecting minidumps, so even on systems with tons of dumps, the resulting zip is not very large.


    Here's my script for reference:

    Script Name: Collect Crash Dumps
    Script Description: Collect the crash dumps from the %SystemRoot%\Minidump folder, zip them up, and upload the the KServer for analysis.

    IF True
    THEN
    Get Variable
    Parameter 1 : 10
    Parameter 2 :
    Parameter 3 : AgentTempPath
    OS Type : 1
    Delete File
    Parameter 1 : #AgentTempPath#\CrashDumps\CrashDumps.7z
    OS Type : 1
    Write File
    Parameter 1 : #AgentTempPath#\CrashDumps\7z.exe
    Parameter 2 : VSASharedFiles\7z\7z.exe
    OS Type : 1
    Write File
    Parameter 1 : #AgentTempPath#\CrashDumps\7z.dll
    Parameter 2 : VSASharedFiles\7z\7z.dll
    OS Type : 1
    Execute File
    Parameter 1 : #AgentTempPath#\CrashDumps\7z.exe
    Parameter 2 : a #AgentTempPath#\CrashDumps\CrashDumps %systemroot%\minidump\*.dmp
    Parameter 3 : 3
    OS Type : 1
    Get File
    Parameter 1 : #AgentTempPath#\CrashDumps\CrashDumps.7z
    Parameter 2 : CrashDumps\CrashDumps.7z
    Parameter 3 : 0
    OS Type : 1
    Write Script Log Entry
    Parameter 1 : Crash dumps collected into CrashDumps.zip.
    OS Type : 1
    ELSE

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: benny@geeksaknockin.com
  • I tried the 7z idea and like it but it can sometimes be a little tricky automating the upload or emailing files directly through kaseya. I put on my tinfoil VBS hat on and came up with this. I hope this will be useful to some people. I figure it can be tied into a full script using the get file content variable then emailed directly.

    Need sleep, good night



    '***start VBS minidump mover
    SourcePath = "c:\windows\minidump"

    Set fso = CreateObject("Scripting.FileSystemObject")
    Set ChkFolder = fso.GetFolder(SourcePath)

    For Each File In ChkFolder.Files

    strFilename = File.Name
    strFileCreated = File.DateCreated

    If strFileCreated > strFileCreatedNewest Then

    strFileCreatedNewest = strFileCreated
    strFileNewest = strFilename
    strFilePath = File.Path
    strModified = File.DateLastModified

    End If

    Next

    fso.CopyFile SourcePath & "\" & strFileNewest,"c:\temp\minidump\latestminidump.dmp",True

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: Mac
  • Any chance you or someone can share the BSOD alert/monitoring solution?

    Also, on a related note, has anyone done automated BSOD dump analysis tied into the alert/monitoring solution?