Antigen Process Checker

Antigen_Process_Checker (WriteActionModuleType)

Script to perform "critcial process" checks in Antigen
Element properties:

Show References:
- Rules (3)
Type	WriteActionModuleType
Isolation	Any
Accessibility	Internal
RunAs	Default
InputType	System.BaseData
Comment	{63AA80EB-8931-41B0-B7D6-5E0B0243A9B5}
Member Modules:

ID	Module Type	TypeId	RunAs
RunScriptAction	WriteAction	System.Mom.BackwardCompatibility.ScriptResponse	Default
Overrideable Parameters:

ID	ParameterType	Selector	Display Name	Description
Process	string	$Config/Parameters/Process$	Process	Names the process to check: Possible values are AntigenInternet.exe or AntigenRealtime.exe
TextLog	string	$Config/Parameters/TextLog$	TextLog	Defines whether a Text log file is written to
Source Code:

<WriteActionModuleType ID="Antigen_Process_Checker" Accessibility="Internal" Comment="{63AA80EB-8931-41B0-B7D6-5E0B0243A9B5}">

  <Configuration>

    <IncludeSchemaTypes>

      <SchemaType>MomBackwardCompatibility!System.Mom.BackwardCompatibility.AlertGenerationSchema</SchemaType>

    </IncludeSchemaTypes>

    <xsd:element xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="AlertGeneration" type="AlertGenerationType"/>

    <xsd:element xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="InvokerType" type="xsd:integer"/>

    <xsd:element xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="Parameters" minOccurs="0">

      <xsd:complexType>

        <xsd:sequence>

          <xsd:element name="Process" type="xsd:string" minOccurs="0"/>

          <xsd:element name="TextLog" type="xsd:string" minOccurs="0"/>

        </xsd:sequence>

      </xsd:complexType>

    </xsd:element>

  </Configuration>

  <OverrideableParameters>

    <OverrideableParameter ID="Process" Selector="$Config/Parameters/Process$" ParameterType="string"/>

    <OverrideableParameter ID="TextLog" Selector="$Config/Parameters/TextLog$" ParameterType="string"/>

  </OverrideableParameters>

  <ModuleImplementation>

    <Composite>

      <MemberModules>

        <WriteAction ID="RunScriptAction" TypeID="MomBackwardCompatibility!System.Mom.BackwardCompatibility.ScriptResponse">

          <AlertGeneration>$Config/AlertGeneration$</AlertGeneration>

          <InvokerType>$Config/InvokerType$</InvokerType>

          <Body><Script>



'*******************************************************************************************

'*

'* Function:

'* ---------          

'* AntigenProcessChecker.vbs

'* $Revision: 4 $

'* 

'* Purpose: 

'* --------	       

'* Monitors Scan Job Processes by counting them to make sure the correct number are present

'*

'* Parameters:

'* ----------- 

'* Process

'* TextLog

'*

'* Parameter definitions: 

'* ----------------------

'* 1. Process =&gt; defines the name of the Scan Job process that is being monitored

'* 2. TextLog =&gt; defines whether this scripts logs entries to a text file under the local 

'* Antigen installation folder. Possible Values are true ; false

'*

'*******************************************************************************************



' Constant for controlling text file operations



Const FOR_READING = 1



'Registry Constants



Const HIVE = "HKEY_LOCAL_MACHINE\"

Const REG_KEY = "SOFTWARE\Sybari Software\"

Const NAME_KEY = "SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName\"



' Service Constants



ANTIGEN_STORE = "AntigenStore"

ANTIGEN_IMC = "AntigenIMC"

EXCH_STORE = "MSExchangeIS"

SMTP_SERV = "SMTPSVC"



' Error Constants

INSTALL_PATH_FAIL = 9501

INTERNET_COUNT_FAIL = 9520

REALTIME_COUNT_FAIL = 9521





Public AntigenInstallPath



' Retrieve script parameters



ProcessParameter = ScriptContext.Parameters.Get("Process")

TextLogParameter =  ScriptContext.Parameters.Get("TextLog")





AntigenInstallPath = RetrieveRegValue (REG_KEY &amp; "Antigen For Exchange","InstalledPath", 1)

InstalledProduct = "Antigen For Exchange"



If IsNull(AntigenInstallPath) Then

	AntigenInstallPath = RetrieveRegValue (REG_KEY &amp; "Antigen For SMTP","InstalledPath", 1)

	InstalledProduct = "Antigen For SMTP"

End If



If IsNull(AntigenInstallPath) Then

	WriteMOMEvent "TASK ERROR: Unable To Retrieve Antigen Installation Path", 1, INSTALL_PATH_FAIL

	ScriptContext.Quit

End If



If TextLogParameter = "true" then

	CreateLogFolder(AntigenInstallPath)

End If



WriteLog "NULL"

WriteLog "Beginning Execution of ScanProcessMonitor Script to check status of " &amp; ProcessParameter



Select Case ProcessParameter

	Case "AntigenInternet.exe"

		NumSG = 0

		AntigenService = ANTIGEN_IMC

		ExchService = SMTP_SERV

	Case "AntigenRealtime.exe"

		NumSG = GetNumStorageGroups()

		AntigenService = ANTIGEN_STORE

		ExchService = EXCH_STORE

End Select





If CheckServiceRunning (TextLogParameter, AntigenService, ExchService) Then

	If CheckScanJobHook(TextLogParameter, ProcessParameter) Then

		If ExpectedNumProcesses (ProcessParameter, InstalledProduct, NumSG) &lt;= ActualNumProcesses (ProcessParameter) Then

			WriteLog "Process Count OK"

		Else

			Select Case ProcessParameter

				Case "AntigenInternet.exe"

					WriteMOMEvent "MOM detected an AntigenInternet.exe process may have crashed due to an exception", 1, INTERNET_COUNT_FAIL

				Case "AntigenRealtime.exe"

					WriteMOMEvent "MOM detected an AntigenRealtime.exe process may have crashed due to an exception", 1, REALTIME_COUNT_FAIL

			End Select

			WriteLog "Process Count Incorrect - Possible Process Failure"

		End If

	End If

End If



WriteLog "Finished Execution of ScanProcessMonitor Script"



'***********************************************************************

'*

'* Function:          GetNumStorageGroups()

'* 

'* Purpose: Gets number of Storage Groups on the server

'*

'***********************************************************************



Function GetNumStorageGroups ()



ServerName = RetrieveRegValue (NAME_KEY, "ComputerName", 1)



Set objCDOEXMExchangeServer = CreateObject("CDOEXM.ExchangeServer") 

objCDOEXMExchangeServer.DataSource.Open(ServerName)



Set objStorageGroup = CreateObject("CDOEXM.StorageGroup") 



i=0

For Each urlStorageGroup In objCDOEXMExchangeServer.StorageGroups

 	i = i + 1

Next



Set objStorageGroup = Nothing

Set objCDOEXMExchangeServer = Nothing



GetNumStorageGroups = i



End Function 







'***********************************************************************

'*

'* Function:          ExpectedNumProcesses()

'* 

'* Purpose: Determines expected number of process instances

'*

'***********************************************************************



Function ExpectedNumProcesses (ProcessParameter, InstalledProduct, NumSG)



If ProcessParameter = "AntigenInternet.exe" Then

	ExpectedNumProcesses = RetrieveRegValue (REG_KEY &amp; InstalledProduct,"InternetProcessCount", 2)

Else

	RetrieveValue = RetrieveRegValue (REG_KEY &amp; InstalledProduct,"RealtimeProcessCount", 2)

	ExpectedNumProcesses = RetrieveValue * NumSG + 1

End If



WriteLog "Expected Number of " &amp; ProcessParameter &amp; " Processes = " &amp; ExpectedNumProcesses



End Function	





'***********************************************************************

'*

'* Function:          ActualNumProcesses()

'* 

'* Purpose: Determines actual number of process instances

'*

'***********************************************************************



Function ActualNumProcesses (ProcessParameter)



i = 0



Set refWMI = GetObject("winMgmts:")

strQuery = "SELECT * FROM Win32_Process WHERE Name='" &amp; ProcessParameter &amp; "'"

Set colProcesses = refWMI.ExecQuery(strQuery)



For Each refItem In ColProcesses

	i = i + 1

Next



Set refWMI = Nothing

Set colProcesses = Nothing



ActualNumProcesses = i

WriteLog "Actual Number of " &amp; ProcessParameter &amp; " Processes = " &amp; ActualNumProcesses



End Function	



'***********************************************************************

'*

'* Function:          CheckScanJobHook()

'* 

'* Purpose: Checks corresponding process is running

'*

'***********************************************************************



Function CheckScanJobHook(TextLogParameter, ProcessParameter)



EnableValue = RetrieveRegValue (REG_KEY &amp; InstalledProduct,"AntigenEnabled", 2)



If ProcessParameter = "AntigenInternet.exe" Then

	If EnableValue = 2 or EnableValue = 3 Then

		CheckScanJobHook = True

	Else

		CheckScanJobHook = False

	End If

End If



If ProcessParameter = "AntigenRealtime.exe" Then

	If EnableValue = 1 or EnableValue = 3 Then

		CheckScanJobHook = True

	Else

		CheckScanJobHook = False

	End If

End If



If CheckScanJobHook Then

	WriteLog "Scan Interface Active...Process Check Proceeding"

Else

	WriteLog "Scan Interface Inactive...Process Check Aborting"

End If

	

End Function



'***********************************************************************

'*

'* Function:          CheckServiceRunning()

'* 

'* Purpose: Checks corresponding process is running

'*

'***********************************************************************



Function CheckServiceRunning (TextLogParameter, strService1, strService2)

Dim refWMI

Dim refService



Set refWMI = GetObject("winMgmts:")



Set refService = refWMI.Get("Win32_Service.Name='" &amp; strService1 &amp; "'")

If refService.State = "Running" Then

	Set refService = refWMI.Get("Win32_Service.Name='" &amp; strService2 &amp; "'")

	If refService.State = "Running" Then

		WriteLog strService1 &amp; " and " &amp; strService2 &amp; " Service running...Process Check Proceeding"

		CheckServiceRunning = True

	Else

		WriteLog strService2 &amp; " Service not running...Process Check Aborting"

		CheckServiceRunning = False

	End If

Else

      WriteLog strService1 &amp; " Service not running...Process Check Aborting"

	CheckServiceRunning = False

End If



End Function





'***********************************************************************

'*

'* Function:           CreateLogFolder()

'* 

'* Purpose: Creates Log subfolder under Antigen

'*

'***********************************************************************



Function CreateLogFolder (AntigenInstallPath)



Dim objFSO

set objFSO = CreateObject ("Scripting.FileSystemObject")



If objFSO.FolderExists(AntigenInstallPath &amp; "\MOMLogs") = 0 then

	objFSO.CreateFolder(AntigenInstallPath &amp; "\MOMLogs")

End If



Set objFS) = Nothing



End Function





'***********************************************************************

'*

'* Function:           WriteLog()

'* 

'* Purpose: Writes script activity and errors to a log file

'*

'***********************************************************************





Function WriteLog (strLogText)



Dim objfs

Dim objf

Dim strTimeStamp



If TextLogParameter = "true" Then



	On Error Resume Next

	Err.Clear



	Set objfs = CreateObject("Scripting.FileSystemObject")

		Set objf = objfs.OpentextFile(AntigenInstallPath &amp; "\MOMLogs\" &amp; "Tasks.log", 8, False)





	' If log file doesn't exist - create it

	If Err.Number &lt;&gt; 0 Then

  	Set objf = objfs.CreatetextFile(AntigenInstallPath &amp; "\MOMLogs\" &amp; "Tasks.log", False)

  	Err.Clear

	End If



	If strLogText = "NULL" then

		objf.WriteLine("")

	Else

		strTimeStamp = Date &amp; " " &amp; Time &amp; " "

		objf.WriteLine(strTimeStamp &amp; strLogText)

	End If

End If



Set objfs = Nothing

Set objf = Nothing



End Function







'********************************************************************

'*

'* Function:           RetrieveRegValue

'* 

'* Purpose: Retrieves String Value from Registry

'*

'********************************************************************



Function RetrieveRegValue (Key, strValueName, intValueType)



' intValueType 	-&gt; 1 = String Value

'		-&gt; 2 = DWORD Value

 

const HKEY_LOCAL_MACHINE = &amp;H80000002

Dim strServerName

Dim objReg

Dim strRegValue





On Error Resume Next

Err.Clear

Set objReg=GetObject("winmgmts:\root\default:StdRegProv") 

If Err.Number &lt;&gt; 0 Then

  	Err.Clear

  	strRegValue = NULL

Else



	Select Case intValueType

		Case 1

			strErr = objReg.GetStringValue (HKEY_LOCAL_MACHINE, Key, strValueName, strRegValue)

				

		Case 2

			strErr = objReg.GetDWORDValue (HKEY_LOCAL_MACHINE, Key, strValueName, strRegValue)

		

	End Select



	' if reading the registry fails via wmi return error



	If strErr &lt;&gt; 0 then

		strRegValue = NULL

	End If

End If



Set objReg = Nothing



RetrieveRegValue = strRegValue



End Function





'***********************************************************************

'*

'* Function:           WriteMOMEvent()

'* 

'* Purpose: Writes events to MOM EventLog

'*

'***********************************************************************



Function WriteMOMEvent(EventMessage, EventType, EventNumber)



Dim objEvt

Set objEvt = ScriptContext.CreateEvent



objEvt.Message = EventMessage

objEvt.EventType = EventType

objEvt.EventNumber = EventNumber

ScriptContext.Submit(objEvt)



set objEvt = Nothing



End Function

</Script></Body>

          <Language>VBScript</Language>

          <Name>Antigen Process Checker</Name>

          <Parameters>

            <Parameter>

              <Name>Process</Name>

              <Value>$Config/Parameters/Process$</Value>

            </Parameter>

            <Parameter>

              <Name>TextLog</Name>

              <Value>$Config/Parameters/TextLog$</Value>

            </Parameter>

          </Parameters>

          <ManagementPackId>[Microsoft.Antigen.v9,,1.0.0.1]</ManagementPackId>

        </WriteAction>

      </MemberModules>

      <Composition>

        <Node ID="RunScriptAction"/>

      </Composition>

    </Composite>

  </ModuleImplementation>

  <InputType>SystemLibrary!System.BaseData</InputType>

</WriteActionModuleType>