Recent Discussions
PowerShell module auto-load
Hi all I'm struggling with something so thought I'd see if anyone else has experienced this... We have a customer running Azure Local which is essentially a Windows Server cluster running Hyper-V and Storage Spaces Direct. We've configured a least priv user for monitoring, this is working fine for WMI queries but none of the PowerShell based modules are working. I've done a load of troubleshooting and found that WinRM will allow connections, but we can't even run basic cmdlets like Write-Host because it doesn't find the commands. It works fine though if we explicitly load the required modules (e.g. Import-Module Microsoft.PowerShell.Utility). We can test and this works fine This proves that the modules we need are there and that there is nothing preventing us from using them (there is no "Just Enough Admin" setup to block it for example). I suppose I could work through all the modules in the platform, identify all the module dependencies and write in code to check and load them, but that would be quite an undertaking and I really can't justify running custom versions of all the LM modules to workaround an issue on a single customer environment. Has anyone run into this before and have a solution? A few things I've ruled out: The modules exist on the system (we're just trying to use built-in/standard modules at the moment) The environment vars have the right Modules path set (and we can import modules manually, so that is working) Ruled out execution policy (if we manually import a module, it works fine) Ruled out a Constrained Session.... at least, I believe so because $execution.context.sessionstate states LanguageMode=FullLanguage Rules out Just Enough Administration being in place... again, I believe so because $PSSenderInfo states ConfigurationName=Microsoft.PowerShell (I believe this would be different if we were operating under a different JEA enforced profile configuration). Also, there's nothing stopping us from manually importing and using modules. It looks to me like it's just module auto-load that is disabled but, as I understand it, this has to be explicitly disable and the customer hasn't done so. I understand from the customer that it works fine with an admin account, perhaps there is some hardening that Microsoft applies automatically as it's a customised Azure Local specific version of Windows Server. I did try and explicitly enable auto-load by creating a profile file for my non-admin user and setting the value $PSModuleAutoloadingPreference='All' but that seemed to have no effect. I'm not convinced it's even looking for a profile file to be honest. When I use WinRM to run "$PROFILE | Select-Object *" then nothing is returned. The customer has opened a ticket with Microsoft about this, although is getting fairly vague suggestions around JEA (which I don't believe is in place) and that Azure Local may have some hardening. So I thought I'd put it to the community :) I'll also raise it with LM support. DaveCisco FMC Modules - Virtual
Hello All, Bit new to the forum but here I go! Currently have a client running the below FMC: Cisco Firepower Extensible Operating System (FX-OS) 2.14.1 (build 167) Secure Firewall Management Center for VMware I have come across the module for Cisco FMC Module but it seems to be all wrong. The API endpoint it is referencing is always api/chassis or api/login or api/logout, you get it, it's api/<endpoint>. Looking at the api/api-explorer ont the FMC box it looks like all the api endpoints are more like the below. Instead of (current module): /sys/chassis/chassis-env It should be: /api/fmc_config/v1/domain/{domainUUID}/chassis/fmcmanagedchassis I can see from the documentation here (https://www.logicmonitor.com/support/monitoring/networking-firewalls/cisco-firepower-chassis-manager-monitoring) that the Module was only tested on physical Chassis FMCs not virtual ones. Has anyone come across this? Do you know of any modules that work with virtual ones? Just before I start writing my own :) PS: I have looked at the "CiscoFirepowerSNMP" based modules, and they also only support Hardware Based FMCs / FTDs. Thanks in advance, David
New-LMWebsite for internal check not working properly
Hello, I'm trying to use the module to create about 300 website checks: lm-powershell-module/Documentation/New-LMWebsite.md at main · logicmonitor/lm-powershell-module · GitHub Unfortunately that fails with an issue where checkpoints are not added and the page check doesnt work. The line creating the website is: New-LMWebSite -WebCheck -name $web.name -WebsiteDomain $web.name -HttpType "https" -GroupId "4" -OverallAlertLevel "warn" -IndividualAlertLevel "warn" -IsInternal $true -TestLocationCollectorIds @(1, 15, 18) With this result: id name description type isInternal status -- ---- ----------- ---- ---------- ------ 281 mtc92.mom.domain.com webcheck True dead-collector To make it work I need to get to the site check and manually select collector group and collector id. Any suggestions to sort this out?
Automate AWS device group creation
Hello, I'm trying to automate AWS account device group creation. The thing is I will not always have immediate access to the onboarded environment, so I wanted to reuse the external ID as it is possible in the UI (see the attached screenshot). I'm having difficulty finding the proper parameter in Python library, and the creation fails with error {"errorMessage":"No external ID assigned. Please request your external ID first","errorCode":1400,"errorDetail":null}. Is there any way to automate this? Thanks.
Ad integrated Zone transfer monitoring
Hi We are Monitoring Domain controllers in LogicMonitor and the environment has AD integrated zones transfers for LDAP is there any way we can monitor these as the existing DNS- datasource doesnot meet our requirements as it has only non-AD integrated zone transfers
