[Xymon] Xymon Powershell Windows client

18 Feb 2015


      Hello Zak,
today I recognized, that the msgs were sent broken:
Full log eventlog_Security

02/18/2015 13:54:50 - Microsoft-Windows-Security-Auditing -
02/18/2015 13:54:50 - Microsoft-Windows-Security-Auditing -

Full log eventlog_Application

02/18/2015 13:54:51 - SceCli -


I managed to track the issue down to my CurrentCulture setting ($Host or Get-Culture),
which was de-DE at my Server. When I changed it to en-US, everything seems to be correct again:
Full log eventlog_Application
Information - 02/18/2015 16:04:57 - nssm - Started C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy RemoteSigned -NoLogo -NonInteractive -NoProfile -WindowStyle Hidden -File "C:\Program Files\xymonps\xymonclient.ps1" for service XymonPSClient in C:\Windows\System32\WindowsPowerShell\v1.0.
Information - 02/18/2015 16:04:56 - nssm - Service XymonPSClient received START control, which will be handled.
Information - 02/18/2015 16:04:55 - nssm - Killing PID 5100 in process tree of PID 5100 because service XymonPSClient is stopping.
Information - 02/18/2015 16:04:55 - nssm - Killing process tree of process 5100 for service XymonPSClient with exit code 0
Information - 02/18/2015 16:04:54 - nssm - Killing process C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe because service XymonPSClient is stopping.
Information - 02/18/2015 16:04:54 - nssm - Service XymonPSClient received STOP control, which will be handled.
Information - 02/18/2015 15:31:58 - Microsoft-Windows-Security-SPP - The Software Protection service has stopped.
The Problem is, that the commands [string]$entry.LevelDisplayName and [string]$entry.Message just return empty lines,
when CurrentCulture is set to anything different than en-US --> http://powershell.com/cs/forums/p/14969/29273.aspx
The behaviour can be fixed, when surrounding the Get-WinEvent with a different Culture (http://poshcode.org/2226):
function Set-Culture([System.Globalization.CultureInfo] $culture)
{
[System.Threading.Thread]::CurrentThread.CurrentUICulture = $culture
[System.Threading.Thread]::CurrentThread.CurrentCulture = $culture
}
$oldCulture = [System.Threading.Thread]::CurrentThread.CurrentUICulture
trap { Set-Culture $oldCulture }
Set-Culture en-US
$logentries = @(Get-WinEvent -ErrorAction:SilentlyContinue -FilterXML $logFilterXML `
-MaxEvents $script:XymonSettings.MaxEvents)
Set-Culture $oldCulture
Aftwerwards, I can set the culture back to stock.
Kind regards,
Lukas

[Xymon] Xymon Powershell Windows client

lukas.kohl＠ergodirekt.de

Hello Zak, today I recognized, that the msgs were sent broken:

I managed to track the issue down to my CurrentCulture setting ($Host or Get-Culture), which was de-DE at my Server. When I changed it to en-US, everything seems to be correct again: