Recent Discussions
Least Privilege's script to set permissions on Services for Non Admin account.
With the new security push for us to use non admin accounts. If anyone would like I to have a script that can run on Domain and one for Workgroup Servers. That iterates though all services and applies correct SDDL for least privilege's account. Extract these to c:/temp, add your list of servers (or for the workgroup add the single server to the serverlist.txt) and then run the RunScript.ps1 You'll need a local admin account to run with for Workgroup Server You'll need a DA account to run for list of Domain Servers. PM me if you are interested ;)Barb3 days agoAdvisor88Views1like2CommentsMonitoring EMR Paragon
We have many different EMR systems that our Facilities use in their business. One of them is the EMR Paragon. One of the items that we found to be helpful is to monitor certain Window Directories for the existence of any files that are more than a few minutes old. That would mean that something may be broken that is not picking up those files and passing them to another business process. Is there an existing monitor of this type of action already in existence? Would you be willing to share that code? Thanks for sharing a method to do this test. There are many directories that need to be tested and we need to create this in a general manner so we can do these checks.Henry_Steinhaue12 days agoNeophyte13Views2likes1CommentCisco Info PropertySources
This one goes into some additional detail but hasn't been completely cleaned up for debugging purposes. The ones that have switch stacks pull all the stack serials and model numbers. Work in progress was the versioning. We have about 1500+ network devices across many many different models and versions so this has taken a little bit of work to get to work across all. MWXMXZ - Cisco-IOS FKA79M - Cisco IOS XE 9LF63N - NXOS G366DD - Cisco ASA198Views2likes14CommentsHP Aruba 6000 switch Support?
Good Afternoon, It seems that the newest switch chassis from Aruba/HP Isn't playing too nicely with LM at the moment. The same DataSources that were useful for the previous HP Switches don't appear to work for the newer 6000 series devices (we have a 6000 and a few 6500s) specifically, the Memory snmp query seems to poll no data - luckily the default CPU for SNMP does work. Has anyone run into this themselves?Jordan-Eil20 days agoNeophyte43Views1like1CommentLM Logs ingestion alerting
We recently had an issue where a host was spewing tons of logs to LM. We fixed the problem but would now like to setup some kind of alerting that would alert us if this happens again. I noticed the Module: LogicMonitor_Collector_LMLogs and that its already in use by our Windows Collectors. I see a few promising Normal Data points: lmLogMessagesAddedToQueueRaw (count of syslog messages sent to Ingest API) and lmLogMessagesSentToIngestRaw (count of log source messages sent to ingest) and SyslogMessagesReceivedRaw (Number of syslog messages received by collector). Then there are some Complex Datapoints that look promising. The problem with all of this is while the Module is in use by one or more of our collectors I am not able to see the graphs or raw data from the Module so I can best determine which data point to use and what the threshold should be. Where can I see the collected data?systemgeek24 days agoNeophyte24Views1like1CommentDatapoints configuration Discussion
Hello Team, I am trying to create a custom datasource to check the service status. It retrieves a list of services from the host properties(auto.service.names), connects to the host using SSH, checks the status of each service using the systemctl command, and outputs the results. Active Discovery Script: import com.santaba.agent.groovyapi.expect.Expect; import com.santaba.agent.groovyapi.snmp.Snmp; import com.santaba.agent.groovyapi.http.*; import com.santaba.agent.groovyapi.jmx.*; import org.xbill.DNS.*; // Get the service names from the host property def serviceNames = hostProps.get("auto.service.names") ?: "" def serviceArray = serviceNames.split(",").collect { it.trim() } // SSH details for connecting to the host host = hostProps.get("system.hostname") user = hostProps.get("ssh.user") pass = hostProps.get("ssh.pass") port = hostProps.get("ssh.port")?.toInteger() ?: 22 cert = hostProps.get("ssh.cert") ?: '~/.ssh/id_rsa' timeout = 15000 // Timeout in milliseconds // Initialize JSCH for SSH connection import com.jcraft.jsch.JSch def getServiceStatus(serviceName) { def command = "systemctl is-active ${serviceName}" return getCommandOutput(command).trim() } def getCommandOutput(String input_command) { def output = "" def session = null def channel = null try { def jsch = new JSch() if (user && !pass) { jsch.addIdentity(cert) } session = jsch.getSession(user, host, port) session.setConfig("StrictHostKeyChecking", "no") session.setTimeout(timeout) if (pass) { session.setPassword(pass) } session.connect() channel = session.openChannel("exec") channel.setCommand(input_command) def commandOutput = channel.getInputStream() channel.connect() output = commandOutput.text } finally { if (channel) { channel.disconnect() } if (session) { session.disconnect() } } return output } // Output each service with its status serviceArray.each { serviceName -> def status = getServiceStatus(serviceName) println "${serviceName}##${serviceName}##Status: ${status}" } return 0 Collection Script: Below, I am trying to use the ##WILDVALUE## from the active discovery script to collect the service status value. com.jcraft.jsch.JSch // Initialize JSCH for SSH connection // SSH details for connecting to the host host = hostProps.get("system.hostname") user = hostProps.get("ssh.user") pass = hostProps.get("ssh.pass") port = hostProps.get("ssh.port")?.toInteger() ?: 22 cert = hostProps.get("ssh.cert") ?: '~/.ssh/id_rsa' timeout = 15000 // Timeout in milliseconds // Function to retrieve the service status def getServiceStatus(serviceName) { def command = "systemctl is-active ${serviceName}" def result = getCommandOutput(command) return result?.trim() } // Function to execute command and retrieve output def getCommandOutput(String command) { def output = "" def session = null def channel = null def reader = null try { def jsch = new JSch() if (user && !pass) { jsch.addIdentity(cert) } session = jsch.getSession(user, host, port) session.setConfig("StrictHostKeyChecking", "no") session.setTimeout(timeout) if (pass) { session.setPassword(pass) } session.connect() channel = session.openChannel("exec") channel.setCommand(command) channel.setInputStream(null) channel.setErrStream(System.err) reader = new BufferedReader(new InputStreamReader(channel.getInputStream())) channel.connect() def line while ((line = reader.readLine()) != null) { output += line + "\n" } // Ensuring the channel finishes before disconnecting while (!channel.isClosed()) { Thread.sleep(100) } } catch (Exception e) { println "Error executing command: ${e.message}" } finally { reader?.close() channel?.disconnect() session?.disconnect() } return output } // Retrieve the current service name based on ##WILDVALUE## def serviceName = datasourceinstanceProps.values().collect { it.wildvalue }.find { it != null } if (serviceName) { def status = getServiceStatus(serviceName) def statusValue = (status == "active") ? 1 : 0 println "Service:${serviceName} Status:${statusValue}" return statusValue } else { println "Error: No service name found for ##WILDVALUE##." return null } I need help creating the datapoint to collect service status value. Thanks in advance. The error I am currently getting: param prefix is not invalid in format - (valid_prefixes=[datacollector.], method=namevalue, param=datacollector)Hshukla27 days agoNeophyte56Views3likes2CommentsSQL CERTIFICATE MONITORING
How to monitor SQL certificate using port 1433? Do anyone have any custom groovy script to monitor All certificate using any port or any specific port specifically port 1433. We are using the certificate on our SQL server for their encrypted communication & need to check al servers certificate expiration days. Any help would be appreciated.sachin-tanwar2 months agoNeophyte46Views0likes2CommentsProgrammatic Ping Alert
We currently lack the ability to white list domain names on our firewall, so I have to do everything via IP. Recently I’ve come across an issue where a company won’t give me their external IP’s because they can change, or so they say. For several weeks I’ve pinged the IP’s and it has always been 1 of 4 IPs. Has anyone created some kind of ping alert that does something like “ping easypost.com and api.easypost.com if the IP’s returned are not in 169.62.110.130-169.62.110.133, alert me” I’m not much of a programmer myself so I’d need something pretty “plug and play”. TIA!Solved114Views7likes4Comments