Back in February 2017 I reviewed NETIKUS.NET EventSentry, a Windows Server-based security information and event management (SIEM) solution. Today I would like to introduce you to their freeware SysAdmin Tools, which I think you may like quite a bit (I sure do).

Overview ^

The SysAdmin tools come down as a tiny installer; while most of the tools are strictly command-line ones, there are a few with GUI shells. The installer actually creates Start menu entries for everything; opening a command-line tool from here spawns a cmd.exe session, changes to the SysAdmin Tools installation directory, and runs the tool.

As a convenience, the SysAdmin Tools installer adds the path C:\Program Files (x86)\essysadmintools to your system search path; this way you can launch the executables from any location.

These are old-school executables, so you can get command help by appending the /? switch parameter as shown in the following screenshot.

Getting syntax help

Getting syntax help

The NETIKUS.NET SysAdmin Tools are organized into the following categories:

  • Network tools
  • File system tools
  • Monitoring tools
  • Windows tools
  • Security tools

Next, I'll introduce you to four representative SysAdmin Tool commands.

NOTE: Remember that freeware doesn't generate income for the software developer in most cases. Thus, the documentation for the SysAdmin Tools is quite sparse. I did find this help manual PDF you may find useful.

Event Message Browser ^

Yes, I went there—started a review of a command-line utility suite with a graphical standalone application. Oh well. The Event Message Browser makes it easier to research all available entries from the event logs hosted by the local system.

Take a look at the next screenshot—this tool is not a replacement for Event Viewer. Instead, it contains a basic definition of every Event ID supported by the Windows version running on the host computer.

Event Message Browser

Event Message Browser

Event Message Browser won't provide you with troubleshooting tips, but it at least can get you started in associating known Event IDs with problems you face on your Windows networks.

Notice the percent sign next to event message details. These are insertion string placeholders that Windows substitutes at event generation. You can generate test Event log entries with this tool and substitute insertion strings with text supplied in the Test String field.

Fping ^

I like fping because this command is much more flexible than Windows' default ping command. First of all, fping is FAST. Second, you can add parameters to do stuff like get a quick check of a host:

fping /b
Host [] is up.

Or you can run fping /a /c 6 to resolve IP addresses to host names and send six echo request messages instead of the usual four in Windows.

IPMon+ ^

IPMon+ is impressive in that it is a packet capture utility in an extremely compact package. As you can see in the following screen capture, IPMon+ is a lightweight graphical application with which you can capture traffic from any of the localhost's Ethernet interfaces.



You can select network traffic data within the IPMon+ window, press CTRL+C to copy to the clipboard, and then CTRL+V to paste into Notepad, Excel, or another analysis tool. Very cool!

CheckDB ^

The CheckDB command provides a nifty sanity check to confirm connectivity to a local or remote database. Of course, this tool and most others in the suite assume you allow the relevant ports through your host and network firewalls.

Specifically, CheckDB uses the Open Database Connectivity (ODBC) interface. Thus, if you have a data source name (DSN) defined, you're good to go. The following screenshot shows me testing connectivity to my local SQL Server 2012 database engine instance.

CheckDB in action

CheckDB in action

Uptime ^

This command is a no-brainer among most Windows systems administrators I know. Who doesn't periodically check server uptime? As you can see in the following screenshot,  the command works exactly as advertised: it tells you system uptime in days, hours, minutes, and seconds. Running uptime.exe with no switches updates the value until you press CTRL+C; running uptime /o gets the uptime once and quits the program.

Tracking system uptime

Tracking system uptime

Checkurl ^

The Checkurl command is nice for checksumming webpages and entire websites and alerting you if there are changes. For example, I ran Checkurl to compute a checksum on one of my site pages, modified the file, and ran Checkurl again. You can see the results in the next screenshot:

Checkurl detects webpage changes

Checkurl detects webpage changes

ShutdownTimer ^

Although Azure now supports scheduled shutdown for your VMs, this ShutdownTimer GUI utility is pretty darned handy. Check out the user interface:

Configuring auto shutdown

Configuring auto shutdown

Note the tool gives you lots of flexibility in terms of whether you want to log off, hibernate, reboot, or shut down the system at a specified time. If you don't want to use the GUI front end, you can employ the shutdowntimer.exe command-line variant.

The other tools ^

We can describe only so many of the SysAdmin Tools in this brief blog post. Let me give you an unordered list and a tiny description of each remaining tool in the toolkit:

  • gethttp: download files
  • MXQuery: resolve mail server addresses
  • ntpclient: communicate with time server
  • pagesnpp: send paging messages
  • snmptool: retrieve SNMP details
  • wakeonlan: send Wake-on-LAN "magic" packets
  • isadmin: determine whether current process is elevated
  • logofftimer: log off the current user at a specified time
  • sleep: pause the current process
  • servicescheduler: control Windows services
  • Password Assistant: reset user passwords
  • servicesecure: group services by service account
  • tasksecure: group scheduled tasks by service account
  • adslist: display file alternate data streams
  • checksum: generate checksum hash digests
  • datahog: show the largest directories in a file system
  • dirmon: present real-time directory activity
  • directorysize: calculate directory and subdirectory size
  • filereplace: replace directory contents with a single file
  • purgetemp: conditionally delete files
  • superdel: delete files recursively in a directory tree
  • checktcp: detect open ports
  • listsuspended: list suspended processes
  • perfquery: query the local SNMP database

Wrap-up ^

What I plan to do with these command-line tools is pop them on my trusty emergency repair USB stick. This way I can have them with me wherever I may be. Thanks to NETIKUS.NET for giving us busy Windows systems administrators some handy command-line management tools.

Subscribe to 4sysops newsletter!

The other important point to consider with these tools is that they are eminently scriptable. For example, you can use PowerShell, the gethttp command, and a for loop to iterate through an online file collection and save the files to your local system.

  1. Paolo Maffezzoli 5 years ago

    Thanks for sharing info about SysAdmin tools. Really helpful tools for day-by-day activities.Interesting also the new datahog command (Shows the largest directories and files on a logical drive or directory path within a few seconds). Nice to see in a single command where is located the biggest folder in a pc.

  2. Ingmar Koecher 5 years ago

    Glad you like the tools and the new “datahog” command – the next version of EventSentry will actually include the output of datahog with every disk space alert that is generated on a monitored system.

Leave a reply

Your email address will not be published.


© 4sysops 2006 - 2022


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account