HOWTO - Use logmon to run Exchange Powershell commands and parse output

Discussion created by pmatt on Oct 12, 2012
Latest reply on Oct 12, 2016 by kanandaguberan

Hi all


I have been banging my head on the desk for the last few days trying to get alarms fired based on Exchange powershell command output. This morning, I finally got it to work! :smileyhappy:


So I thought I would share it with all of you. We are running windows 2008 R2, Exchange 2010 and logmon v3.13


First thing to do is allow the system account of your Exchange server to run read-only powershell commands. We will use the 'command' feature of logmon and this can only run as the system account for the server on which the probe is installed.


Launch powershell and run


Set-ADServerSettings -viewentireforest $true (shouldn't need this for a single domain/forest setup)

get-rolegroup | fl name


You should get a name something like 'View-Only Organization Management' Make a note of this for the next command


Then run


Add-RoleGroupMember "View-Only Organization Management" -member EXCHSERVER


The system can now run most, but not all Exchange powershell cmdlets. Luckily, all the useful ones regarding databases are allowed.


Now create a batch file that logmon will launch. Update the paths according to your Exchange installation and drive letters. The batch file will contain one single line as below.


C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -nologo -noprofile -noninteractive -command ". 'E:\Program Files\Microsoft\Exchange Server\V14\bin\RemoteExchange.ps1'; Connect-ExchangeServer -server EXCHSERVER; &'e:\alerts\scripts\exch_powershell.ps1'"

And now can you can create your exch_powershell.ps1 file with all the commands that you want. My example below just pulls out the last database backup and works out how long ago it was.


get-mailboxdatabase -status | foreach-object {
    $noOfDays = (get-date) - $_.lastfullbackup
    $noOfDays = $noOfDays.Days
    "$_ last backup success > 9 days, it was $noOfDays days ago"

Test the batch file before you stick it into logmon.


Then for your logmon probe, under the General tab, Mode, choose command. Then under file, stick the path to your batch file in.


You can now go ahead and configure your watcher rules.


Turn up the logging to level 3 and watch it if you get stuck. It helped me a lot, as you can capture any Powershell errors there.


Good luck!