<DataSourceModuleType ID="Microsoft.Windows.Server.2012.R2.AD.PerformanceEssentialServices.LSASS.Monitor.DataSource" Accessibility="Internal" Batching="false">
<Configuration>
<xsd:element xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="Frequency" type="xsd:int"/>
<xsd:element xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="TimeoutSeconds" type="xsd:int"/>
<xsd:element xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="Threshold" type="xsd:int"/>
<xsd:element xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="NumSamples" type="xsd:int"/>
</Configuration>
<OverrideableParameters>
<OverrideableParameter ID="Frequency" Selector="$Config/Frequency$" ParameterType="int"/>
<OverrideableParameter ID="TimeoutSeconds" Selector="$Config/TimeoutSeconds$" ParameterType="int"/>
<OverrideableParameter ID="Threshold" Selector="$Config/Threshold$" ParameterType="int"/>
<OverrideableParameter ID="NumSamples" Selector="$Config/NumSamples$" ParameterType="int"/>
</OverrideableParameters>
<ModuleImplementation Isolation="Any">
<Composite>
<MemberModules>
<DataSource ID="DS" TypeID="System!System.CommandExecuterPropertyBagSource">
<IntervalSeconds>$Config/Frequency$</IntervalSeconds>
<ApplicationName>%windir%\system32\cscript.exe</ApplicationName>
<WorkingDirectory/>
<CommandLine>//nologo $file/AD_LSASS_CPU.vbs$ $Config/Threshold$ $Config/NumSamples$</CommandLine>
<TimeoutSeconds>$Config/TimeoutSeconds$</TimeoutSeconds>
<RequireOutput>true</RequireOutput>
<Files>
<File>
<Name>AD_LSASS_CPU.vbs</Name>
<Contents><Script>'*************************************************************************
' Script Name - AD LSASS CPU Utilization Monitor
'
' Purpose - Monitors the CPU utilization for the lsass process.
' - Script is needed to normalize the perf data.
'
' (c) Copyright 2014, Microsoft Corporation, All Rights Reserved
' Proprietary and confidential to Microsoft Corporation
'*************************************************************************
Option Explicit
SetLocale("en-us")
Sub Main()
Dim intTotalLogicalProcessors, nTotalProcTime, nPercentTotalProcessorTime, nCount, sError
Dim oParams, oBag, oWMI, oProcessor, oProcessorsArray, sObjectPath, oPerfInstance1, oPerfInstance2
Dim errorString, oAPI
Dim nUtilizationThreshold, nIntervals
Set oParams = WScript.Arguments
Set oAPI = CreateObject("MOM.ScriptAPI")
Set oBag = oAPI.CreatePropertyBag()
if oParams.Count < 2 then
sError = "The number of command line arguments is incorrect: " & vbCrLf & _
"Expected: 2" & vbCrLf & _
"Actual: " & oParams.Count
' Connect to WMI
Set oWMI = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
If Err <> 0 Then
oBag.AddValue "State", "BAD"
oBag.AddValue "ErrorString", "Failure attempting to connect to WMI: " & GetErrorString(Err)
Call oAPI.Return(oBag)
Exit Sub
End If
' Get the Processor's information through WMI
Set oProcessorsArray = oWMI.ExecQuery("Select * from Win32_Processor")
If Err <> 0 Then
oBag.AddValue "State", "BAD"
oBag.AddValue "ErrorString", "Failure to retrieve processor information through WMI: " & GetErrorString(Err)
Call oAPI.Return(oBag)
Exit Sub
End If
' In order to get the total number of Processors,
' we need to add up the "NumberOfLogicalProcessors" of each Processor installed on the machine
intTotalLogicalProcessors = 0
For each oProcessor in oProcessorsArray
intTotalLogicalProcessors = intTotalLogicalProcessors + oProcessor.NumberOfLogicalProcessors
Next
sObjectPath = "Win32_PerfRawData_PerfProc_Process.Name=" & chr(34) & "lsass" & chr(34)
' Gather the performance data over the number of intervals specified
For nCount = 0 to nIntervals - 1
Dim nProcTime1, nProcTime2, nTimeStamp1, nTimeStamp2
Dim nAdjustedProcTime, nPercentProcessorTime
' Re-connect to WMI on each iteration
Set oWMI = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
' Get the current snapshot for lsass - percent processor time and timestamp
set oPerfInstance1 = oWMI.get( sObjectPath )
If Err <> 0 Then
oBag.AddValue "State", "BAD"
oBag.AddValue "ErrorString", "Failure to retrieve the raw performance data for the lsass process via WMI: " & GetErrorString(Err)
' Wait one second before grabbing the second snapshot
Wscript.Sleep(1000)
' Get the second snapshot for lsass - percent processor time and timestamp
set oPerfInstance2 = oWMI.get( sObjectPath )
If Err <> 0 Then
oBag.AddValue "State", "BAD"
oBag.AddValue "ErrorString", "Failure to retrieve the raw performance data for the lsass process via WMI: " & GetErrorString(Err)
' Make sure we don't get into an error here trying to divide by zero
If ( 0 = (nTimeStamp2 - nTimeStamp1) ) then
oBag.AddValue "State", "BAD"
oBag.AddValue "ErrorString", "Failure encountered during lsass CPU utilization calculations: divide by zero."
Call oAPI.Return(oBag)
Exit Sub
End If
' Find the utilization based on the two snapshots
nPercentProcessorTime = ((nProcTime2 - nProcTime1) / (nTimeStamp2 - nTimeStamp1)) * 100
nAdjustedProcTime = CDbl(nPercentProcessorTime) / CDbl(intTotalLogicalProcessors)
' Add the utilization to the total
nTotalProcTime = CDbl(nTotalProcTime + nAdjustedProcTime)
next
' Calculate the average utilization over the number of intervals
nPercentTotalProcessorTime = CDbl(nTotalProcTime / nIntervals)
' Update the monitor based on the utilization vs. threshold.
' If we're over the threshold, add the relevant data to be bubbled up into the alert body.
If nPercentTotalProcessorTime > nUtilizationThreshold Then
errorString = "The LSASS CPU utilization is currently at: " & FormatNumber(nPercentTotalProcessorTime,2) & "%" & vbCrLf & _
"Intervals: " & nIntervals & vbCrLf & _
"Threshold: " & nUtilizationThreshold
oBag.AddValue "State", "BAD"
oBag.AddValue "Value", nPercentTotalProcessorTime
oBag.AddValue "ErrorString", errorString
Else
oBag.AddValue "State", "GOOD"
oBag.AddValue "Value", nPercentTotalProcessorTime
End If
Call oAPI.Return(oBag)
End Sub
'******************************************************************************
Function GetErrorString(oErr)
'
' Purpose: Attempts to find the description for an error if an error with
' no description is passed in.
'
' Parameters: oErr, the error object
'
' Return: String, the description for the error. (Includes the error code.)
'
Dim lErr, strErr
lErr = oErr
strErr = oErr.Description
On Error Resume Next
If 0 >= Len(strErr) Then
' If we don't have an error description, then check to see if the error
' is a 0x8007xxxx error. If it is, then look it up.
Const ErrorMask = &HFFFF0000
Const HiWord8007 = &H80070000
Const LoWordMask = 65535 ' This is equivalent to 0x0000FFFF
If (lErr And ErrorMask) = HiWord8007 Then
' Attempt to use 'net helpmsg' to get a description for the error.
Dim oShell
Set oShell = CreateObject("WScript.Shell")
If Err = 0 Then
Dim oExec
Set oExec = oShell.Exec("net helpmsg " & (lErr And LoWordMask))
Dim strMessage, i
Do
strMessage = oExec.stdout.ReadLine()
i = i + 1
Loop While (Len(strMessage) = 0) And (i < 5)
strErr = strMessage
End If
End If
End If
GetErrorString = vbCrLf & "The error returned was: '" & strErr & "' (0x" & Hex(lErr) & ")"
End Function
Home
ENU 
Show References: