Recent Discussions
What is up with Meraki API Modules?
I know the LM Meraki API Modules have been around for a minute now. But I'm just getting around to testing it out on some of our Meraki-heavy customers and man, does anyone else find it incredibly tedious to try to get to work? I have been having so many issues with it. Netscan is one problem, but that's for another discussion. But then once the devices are added, we get No Data alerts ALL THE TIME. Right now, for example, I have 1644 Warning alerts (No Data) for ONE customer. It's insane how many alerts there are. And it's even scarier that when I look at the Raw Data on others that aren't alerting, they are also showing No Data but just don't have an alert threshold. I don't know if I should be pointing the finger at Meraki or LM here, honestly. But the API modules are so inconsistent, at best. I know the API key, OrgID and NetworkIDs are right because I can use them for API pulls in Python. It just seems to be LM not able to figure it out. And what's worse is how inconsistent it is. Some devices work for some organizations. Others don't. I can't be the only having this issue. And I can hear the critics chiming in now saying, "well then don't use the Meraki API modules." Problem is if we don't, we only get SNMP stats and those are nowhere near as helpful as the API modules, plus the potential to be less secure. Just wondering if there are some fellow LM community friends out there struggling to make the API stuff work for Meraki and LM. Thanks for listening to my rant.
exception:groovy.lang.MissingMethodException: No signature of method:
Working on my NetScan script for our Arista AP's still and when trying to execute a http [DELETE] I get the above error when following the Delete documentation here which suggests I can just call the URL and header. Currently this is just using the collector debug !groovy command If I then try with blank payload I get a different error: exception:java.lang.NullPointerException First Error with no payload in call: exception:groovy.lang.MissingMethodException: No signature of method: com.santaba.agent.groovyapi.http.Client.delete() is applicable for argument types: (java.lang.String, java.util.LinkedHashMap) values: [https://awm14001-c4.srv.wifi.arista.com/wifi/api/session, [Content-Type:application/json, ...]] Possible solutions: delete(java.lang.String, java.lang.String, java.util.Map), release(), release(), close(), every(), get(java.lang.String) java.lang.RuntimeException: groovy.lang.MissingMethodException: No signature of method: com.santaba.agent.groovyapi.http.Client.delete() is applicable for argument types: (java.lang.String, java.util.LinkedHashMap) values: [https://awm14001-c4.srv.wifi.arista.com/wifi/api/session, [Content-Type:application/json, ...]] Possible solutions: delete(java.lang.String, java.lang.String, java.util.Map), release(), release(), close(), every(), get(java.lang.String) at com.logicmonitor.groovy.objects.BaseWrapper.invoke(BaseWrapper.java:124) at com.logicmonitor.groovy.objects.lang.ScriptWrapper.run(ScriptWrapper.java:31) at com.santaba.agent.groovy.executor.GroovyScriptShell.execute(GroovyScriptShell.java:71) at com.santaba.agent.util.GroovyScriptExecutor.execute(GroovyScriptExecutor.java:148) at com.santaba.agent.debugger.GroovyTask._executeInAgent(GroovyTask.java:210) at com.santaba.agent.debugger.GroovyTask._handle(GroovyTask.java:189) at com.santaba.agent.debugger.DebugTask.run(DebugTask.java:176) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:829) Caused by: groovy.lang.MissingMethodException: No signature of method: com.santaba.agent.groovyapi.http.Client.delete() is applicable for argument types: (java.lang.String, java.util.LinkedHashMap) values: [https://awm14001-c4.srv.wifi.arista.com/wifi/api/session, [Content-Type:application/json, ...]] Possible solutions: delete(java.lang.String, java.lang.String, java.util.Map), release(), release(), close(), every(), get(java.lang.String) at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.unwrap(ScriptBytecodeAdapter.java:71) at org.codehaus.groovy.runtime.callsite.PojoMetaClassSite.call(PojoMetaClassSite.java:48) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:47) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:136) at Script85.run(Script85.groovy:76) at jdk.internal.reflect.GeneratedMethodAccessor68.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at com.logicmonitor.groovy.objects.BaseWrapper.invoke(BaseWrapper.java:118) ... 9 more Second Error with Blank Payload: exception:java.lang.NullPointerException java.lang.RuntimeException: java.lang.NullPointerException at com.logicmonitor.groovy.objects.BaseWrapper.invoke(BaseWrapper.java:124) at com.logicmonitor.groovy.objects.lang.ScriptWrapper.run(ScriptWrapper.java:31) at com.santaba.agent.groovy.executor.GroovyScriptShell.execute(GroovyScriptShell.java:71) at com.santaba.agent.util.GroovyScriptExecutor.execute(GroovyScriptExecutor.java:148) at com.santaba.agent.debugger.GroovyTask._executeInAgent(GroovyTask.java:210) at com.santaba.agent.debugger.GroovyTask._handle(GroovyTask.java:189) at com.santaba.agent.debugger.DebugTask.run(DebugTask.java:176) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:829) Caused by: java.lang.NullPointerException at com.santaba.agent.groovyapi.http.Client._processResponse(Client.java:580) at com.santaba.agent.groovyapi.http.Client.request(Client.java:429) at com.santaba.agent.groovyapi.http.Client.delete(Client.java:409) at com.santaba.agent.groovyapi.http.Client$delete$4.call(Unknown Source) at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:47) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116) at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:144) at Script91.run(Script91.groovy:76) at jdk.internal.reflect.GeneratedMethodAccessor68.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at com.logicmonitor.groovy.objects.BaseWrapper.invoke(BaseWrapper.java:118) ... 9 more The Code: /******************************************************************************* * Arista WIFI Integration with CUE for discovery of the AP's ******************************************************************************/ import com.santaba.agent.groovyapi.http.* import com.santaba.agent.groovy.utils.GroovyScriptHelper as GSH import com.logicmonitor.mod.Snippets import com.santaba.agent.AgentVersion import java.text.DecimalFormat import groovy.json.JsonOutput import groovy.json.JsonSlurper // To run in debug mode, set to true Boolean debug = false // To enable logging, set to true Boolean log = false // Set props object based on whether or not we are running inside a netscan or debug console def props try { hostProps.get("system.hostname") props = hostProps debug = true // set debug to true so that we can ensure we do not print sensitive properties } catch (MissingPropertyException) { props = netscanProps } //String key = props.get("AristaWIFI.api.key") //String token = props.get("AristaWIFI.api.token") //String clientId = props.get("AristaWIFI.api.clientId") String key = [REMOVED] String token = [REMOVED] String clientId = "logicmonitor" //if (!key) { // throw new Exception("Must provide AristaWIFI.api.key to run this script. Verify necessary credentials have been provided in Netscan properties.") //} //if (!token) { // throw new Exception("Must provide AristaWIFI.api.token credentials to run this script. Verify necessary credentials have been provided in Netscan properties.") //} //if (!clientId) { // throw new Exception("Must provide AristaWIFI.api.clientId credentials to run this script. Verify necessary credentials have been provided in Netscan properties.") //} //def logCacheContext = "${org}::arista-wifi-cloud" //Boolean skipDeviceDedupe = props.get("skip.device.dedupe", "false").toBoolean() //String hostnameSource = props.get("hostname.source", "")?.toLowerCase()?.trim() Integer collectorVersion = AgentVersion.AGENT_VERSION.toInteger() // Bail out early if we don't have the correct minimum collector version to ensure netscan runs properly if (collectorVersion < 32400) { def formattedVer = new DecimalFormat("00.000").format(collectorVersion / 1000) throw new Exception("Upgrade collector running netscan to 32.400 or higher to run full featured enhanced netscan. Currently running version ${formattedVer}.") } externalHost= "awm14001-c4.srv.wifi.arista.com"; httpClient = HTTP.open(externalHost,443); httpClient.setHTTPProxy('proxy.iggroup.local',8080); // Log in to arista loginurl = "https://awm14001-c4.srv.wifi.arista.com/wifi/api/session" payloadstring = '{"type":"apiKeycredentials","keyId":"'+key+'","keyValue":"'+token+'","timeout":3600,"clientIdentifier": "'+clientId+'"}'; def payload = payloadstring; println payload; def loginResponse = httpClient.post(loginurl,payload,["Content-Type":"application/json"]); if ( !(httpClient.getStatusCode() =~ /20/) ) { // Error has occured println "Authentication Failure"; println httpClient.getStatusCode(); println loginResponse; return(1); } String RawCookie = httpClient.getHeader("Set-Cookie") //Have Kept but as yet not needed will remove if not needed.. String httpResponseBody = httpClient.getResponseBody() //Retrieve the Cookie to use from the header. AristaCookie = RawCookie.split(';')[0] println httpClient.getStatusCode() String cookieString = '"'+AristaCookie+'"' def logoutheaders = ["Content-Type":"application/json","Cookie":cookieString] //println logoutheaders def logoutResponse = httpClient.delete(loginurl,logoutheaders) <- With No payload def logoutResponse = httpClient.delete(loginurl,'{}'logoutheaders) <- With blank payload I have just tried "" as the payload as well. logoutResult = httpClient.getStatusCode() if ( !(httpClient.getStatusCode() =~ /20/) ) { //Error has occured println "Logout Failure"; println httpClient.getStatusCode(); println loginResponse; return(1); } println AristaCookie; println httpResponseBody; println logoutResponse; def LMDebugPrint(message) { if (debug) { println(message.toString()) } } The Same URL and the same header with no payload works if I work in python obviously appreciate they are different languages, just confirming that the formatting is correct.
WMI Least Privileges
Our support team is trying to move away from traditionally adding admin group privileges' to least privileage of WMI.But they have issues in giving the permissions to Enable Account–Controls the ability to enable and disable the WMI provider ensuring that only the authorised entities can control its state. Remote Enable–Governs whether remote systems can access and query the WMI provider on the local computer, thus preventing unauthorised remote access.Just for WMI querying why do we need enable account and remote enable Why it Controls the ability to enable and disable the WMI provider ensuring that only the authorised entities can control its state. Why it needs to Governs whether remote systems can access and query the WMI provider on the local computer, thus preventing unauthorised remote accessOccasional Bad Request with API to PATCH users
I have a user suspension script that I prefer to run instead of using the "Suspend user after X days of inactivity on LM portal" option in the UI, because of some custom logic. I set up a script ages ago and havent touched the code, but recently on a subset of users, I get a Bad Request (400) error. But whats weird is that all I'm doing is using /setting/admins/ with ?changePassword=false&validationOnly=false and building a minimalistic patching map of the required fields from the model, plus status is set to "suspended". It used to work 100% of the time, but weirdly when I coded it, there were only 3 required fields in the model: roles, password, email. And of course I'd set status in my map, convert to json, do all the stuff, no problem. But I noticed it was failing recently (I never set up alerts on fails) and assumed it was failing 100% of the time at first, reviewed the model and noticed they added "username" as required also, so I added that, expecting it to work, it didnt, so I took that out. THEN I discovered that on some users the old code works, but unlike before, there is a subset that I get a Bad Request on, using the exact same code. No idea why. I also later discovered, when a user came up for suspension that ended up working, that "roles" is not actually required because I removed that for a bit doing some testing, had a real suspend happen to come up, and the code worked without the "required"(??!!) field of "roles" not being in my patch object. This is SUPER FRUSTRATING that the API can change, and that the required fields may or may not be required. :) I made a full "every field" export api to csv script to output every user, looking for something like a property or a setting or something in the raw data that might distinguish a user that the script runs on versus one it wont. Heck I even have logs of the same user that the script had suspended last year (user asked to be reinstated) and it doesnt work on them now. I almost suspect it has something to do with the password, since I havent seen any SSO users the script fails on, and I cant see those. But when I look at every single property that comes back with a GET on the users, I'll have 2 local accounts with the same external group that have nothing different on fields like enabling 2FA or EULA or even the roles they are in or view permissions, there are 35 or so fields ...and nothing stands out. Everything seems like it should work for one user that works for another in these cases. And yet .... Bad Request. Sometimes. Driving me wild over here. At this point I've literally got the original code in place (never committed any changes during testing) and sometimes it works, sometimes it doesnt, but used to be 100% success last year. Stumped. Oh here is an example of the error: I guess I'm not really expecting any silver bullets for this issue, but just on the off chance this is a known issue, I figured I would double check. I wish there were some change log to the Swagger docs. Maybe there is, I'm UI-challenged. If there were API update history changelogs then it might be worth it to pin down when this issue started. Thanks!Band Factors and Dynamic Thresholds? Documentation?
I've not had to look at Dynamic Thresholds at all, for anything I've been asked to do. But now I've been asked to look into it for someone, and I have no idea what "Band Factors" are and I cant find anything in the first page of hits on searching LogicMonitor Band Factors. Is there documentation on this somewhere, or is a Band Factor something a normal human is expected to know? :) I dont get any good search results just looking for Band Factors without mentioning LM. Can someone point me to the documentation for band factors? I have a user who was interested in an alert if a value was more than 20% out of the usual values for a time of day, but I have no idea how that translates to a band factor. I know the issue is ignorance on my part, I'm hoping someone can point me to something for little self-remediation in that arena. :) Thanks!
