...

Table of contents

Description

The Log Monitor & Dispatcher, known as LOGMOND, is a special program which monitors a guest LOG file produced by Charon and executes a customized script when it detects removal of a license. This utility is available for Charon-AXP and Charon-VAX V4.6 and above.

...

Recommendations

• Create a specific folder to hold the Charon configuration and log files, the nolicense.bat file and any specific action script you would add.
• Use the rotating log files mechanism or use a single log file with "append" mode.
• Install your virtual machines as services, they will then be able to start when the Charon Windows server will boot. This will also allows you to install and start the Charon log monitor service, named "EmulatorLogMonitor": doing so you will not have to start logmond manually in interactive mode and newly added virtual machines services will be automatically taken into account

...

Notes

• The log monitor utility will detect the absence of the dongle only at a specified interval, called the license check interval and defined by the license. Its default is set to 1 hour. In case you need to perform tests, you can send us a fresh C2V file and ask for an update to reduce this interval.
  .

• Once started the logmond utility will lock the virtual machine log file, you will not be able to move it, copy it or delete it. You will however be able to open it using the notepad utility or other log editors like baretail for example which will allow you to have a continuous view of the log with highlights (see: Charon Log files - Using baretail on Windows for syntax highlighting) or vim (see: Charon Log files - Using vim for syntax highlighting on Linux and Windows)
  .

• If you encounter a "Can't open Charon log file" from the "Charon Service Manager" utility, please open the "Service Management" menu then select "Refresh Service List". This error occurs when the Service Manager has not detected a change in the configuration.

Service setup example

Info
Example below is based on a Charon-AXP V4.7 B17101 running on a Windows 2012 R2 server and emulating an AlphaServer DS20. All files (configuration, bin, rom and nolicense.bat) are located in C:\Charon, rotating log files are located in C:\Charon\logs The configuration file is defined as follows:

Setup and start your virtual machine

• Run the Launcher, load the configuration file and click on the "Install / Update service" box:
  It is recommended to run the selected configuration from the Launcher at least once before installing the service to facilitate debugging
  .
  

...

• Define the service name and click on the "Install" button:
  .
  
  .
• Start the Charon Service Manager, right click on the virtual machine, select "Manage Charon service" and start it:
  .
  

Install and start the log monitor service

• First, prepare a nolicense.bat file. See NOLICENSE.BAT considerations chapter further for more information if needed.

...

• Install the log monitoring service and start it:

These command lines must be executed as an administrator in order to manage the services 

...

During the tests the license check interval was set to 5 minutes therefore, when the dongle is disconnected, a message is sent telling there are only 4 minutes remaining before the DS20 stops
.

Alerts customization examples

You will find below some examples of alerts that can be sent from the nolicense.bat file

Reminder: Interactive applications are not allowed

Creating a Windows Event

powershell -command "New-Eventlog -Logname application -Source Charon -Erroraction silentlycontinue;Write-Eventlog -Logname application -Source Charon -Entrytype Error -Eventid 314 -Message 'Charon license dongle disconnected'"

It is recommended to use the powershell command to write events instead of the "eventcreate" command line as some other events are created with powershell scripts. Using the eventcreate command in this case will fail as the source, Charon, will not be accepted.

...

Example:

Image Removed

The "Event Id" can be set at your convenience. A valid ID is any number from 1 to 65535.

Sending an email via powershell

An alert email can be sent using the "Send-MailMessage" powershell command however it is important to know no interactive command can be executed (for asking the sender's credentials for example).

You can either ask the nolicense.bat file to invoke a powershell script or pass the commands from the command line

Examples below are given with Powershell V4.0 installed on a Windows 2012 R2 server, some commands may not be appropriate to your Windows distribution.

To determine which version of Powershell is installed and upgrade if necessary, see Powershell version, upgrade, enabling scripts execution, tips and tricks

...

To run PowerShell scripts (files that end with .ps1), you must first set the execution policy to Unrestricted (This operation has to be done once).

To do so, open a command line window (cmd.exe) as an Administrator and use the following command:

...

The ExecutionPolicy can also be set to "RemoteSigned". In this case the .ps1 script files will have to be unblocked as described below.

If you are still prompted to allow for execution of the script, please run the following command to unblock the .ps1 file you want to execute:

...

Example using an office365 account

Create a powershell script file, named sendmail.ps1 for example and located in "C:\Charon" folder:

# Update the email addresses below:
$From = "<monitoring-account>@<somewhere>"
$To = "<someone>@<somewhere>"

# Send the email
send-mailmessage -to $To -from $From -subject "Charon detected removal of the license" -body "Please check" -smtpserver smtp.office365.com -usessl -port 587 -delivery none

...

If you must specify multiple recipients, you can specify them using an array with comma separated fields.

Example1: 

...

Example2:

...

Update the nolicense.bat file as follows:

powershell -NonInteractive -File C:\Charon\sendmail.ps1

The problem here is the email account mentioned in the $Myemail variable must be able to send anonymous emails otherwise the following error can occur:

"Client was not authenticated to send anonymous mail during MAIL FROM"

If the account cannot send anonymous emails, you can perform an interactive test by asking for the credentials:

The "<monitoring-account>@<somewhere>" and "<recipient>@<somewhere>" values must be adapted to your configuration

# Update the email addresses below:
$From = "<monitoring-account>@<somewhere>"
$To = "<someone>@<somewhere>"

# The command below will open a window for you to store the password
$Creds=(get-credential -credential "$From")

# Send the email (credentials are then required each time)
send-mailmessage -to $To -from $From -subject "Charon detected removal of the license" -body "Please check" -smtpserver smtp.office365.com -usessl -port 587 -delivery none -credential $Creds

This method cannot be used when executed within a service due to the popup window that will be opened to ask for the email account password.

To be able to send an email, we can then store the credentials in an encrypted and protected file. This is done using the Export-CliXML powershell command. As this file will be bound to the server where the command is issued and to the user account who created the file, we need to perform the operations as "system" user account because this user is the one running the logmond processes that will invoke the nolicense.bat file.

It is necessary then to use psexec from the Windows Sysinternals kit. It can be downloaded here: https://technet.microsoft.com/en-us/sysinternals/psexec.aspx

Once extracted from the zip file, to the "C:\Charon" folder for example, run the following command from the command line running as Administrator:

...

and generate the CliXML file as described below:

...

PS C:\Windows\system32> $From="<monitoring-account>@<somewhere>"
PS C:\Windows\system32> $Creds=(get-credential -credential $From)
PS C:\Windows\system32> $Creds | Export-CliXML C:\Charon\creds.clixml
PS C:\Windows\system32> exit

If it is no more needed, remove the "psexec.exe" file.

If the sender's email address or its password has to be changed, the .clixml file will have to be recreated.

Now update the powershell script as follows:

The "<monitoring-account>@<somewhere>" and "<recipient>@<somewhere>" values must be adapted to your configuration

# Update the email addresses below:
$From = "<monitoring-account>@<somewhere>"
$To = "<someone>@<somewhere>"

$Creds = Import-CliXml C:\Charon\creds.clixml

send-mailmessage -to $To -from $From -subject "Charon detected removal of the license" -body "Please check" -credential $Creds -smtpserver smtp.office365.com -usessl -port 587 -delivery none

Once updated, the script will only work when executed by the "system" account and on the server where the Export-CliXML powershell command was issued.

...

Example using a gmail account

To send an email using a gmail account, perform the same operations as described in the Example using an office365 account chapter above and replace the smtpserver value by smtp.gmail.com as shown below:

The "<monitoring-account>@gmail.com" and "<recipient>@<somewhere>" values must be adapted to your configuration

# Update the email addresses below:
$From = "<monitoring-account>@gmail.com"
$To = "<someone>@<somewhere>"

$Creds = Import-CliXml C:\Charon\creds.clixml

send-mailmessage -to $To -from $From -subject "Charon detected removal of the license" -body "Please check" -credential $Creds -smtpserver smtp.gmail.com -usessl -port 587 -delivery none

Only the smtpserver value must be changed

 Google may block sign-in attempts when using powershell and send-mailmessage. In this case the sender will receive a "Sign in attempt prevented" alert email. To allow emails to be sent:

1. Create a dedicated gmail account

2. Allow less secure apps to access your account. See this article: https://support.google.com/accounts/answer/6010255?hl=en

Running the log monitor from the command line

The "logmond" utility has several parameters available. Use the "logmond -h" command to have a complete list.

...

Running the log monitor from the command line

The "logmond" utility has several parameters available. Use the "logmond -h" command to have a complete list.

Starting in background mode

In order to start the Log Monitor & Dispatcher as a background application:

...

Debugging

To diagnose LOGMOND using trace feature:

...

nolicense.bat considerations

LOGMOND always looks for nolicense.bat in the current working directory. What is current working directory for LOGMOND depends on how it is invoked.

...

Related articles