Forum Discussion

Neophyte

3 years ago

Solved

Remove multiple devices from a static group

I want to delete multiple devices from a static group in bulk. i DO NOT want to delete the device itself.

I am new to LogicMonitor but have figured out how to get all members of a group using the API. I just haven't figured out how to then remove all of those devices from that group. Has anyone been successful in doing this?

thedietz
3 years ago
Also to bring this back full circle. This all started because in my folder structure I had a Static Group which contained dynamic Groups under it and there were also resources in that upper level static Group. I only wanted the dynamic folders to remain, and I did not want the 30 resources in the Static Group any longer. Using the UI my options were to either "Manage" each device and choose delete, or click each device then on INFO tab click the "X" on the group I wanted to remove it from (this option however refreshes my screen and takes me away from that group, so then you need to navigate back to the folder you were just at...I hate this feature of the UI). So with this script below you put in the Group ID # that has the resources you want to remove. It gets all the resources and then loops through to PATCH the hostGroupIds property. This is obviously use at your own risk however it does work for me. Running this took about 10-15 seconds to remove all 30 resources from my static group.

## Enter the group you would like to have resources removed from
## This script will take all resources in that group (folders excluded) and remove the resources from that group
$group = "437"

<# Use TLS 1.2 #>
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

<# account info #>
$accessId = ''
$accessKey = ''
$company = ''

<# request details #>
$httpVerb = 'GET'

#use this for a specific Device
$resourcePath = "/device/groups/$group/devices"

<# Construct URL #>
$url = 'https://' + $company + '.logicmonitor.com/santaba/rest' + $resourcePath + $queryparams

<# Get current time in milliseconds #>
$epoch = [Math]::Round((New-TimeSpan -start (Get-Date -Date "1/1/1970") -end (Get-Date).ToUniversalTime()).TotalMilliseconds)

<# Concatenate Request Details #>
$requestVars = $httpVerb + $epoch + $resourcePath

<# Construct Signature #>
$hmac = New-Object System.Security.Cryptography.HMACSHA256
$hmac.Key = [Text.Encoding]::UTF8.GetBytes($accessKey)
$signatureBytes = $hmac.ComputeHash([Text.Encoding]::UTF8.GetBytes($requestVars))
$signatureHex = [System.BitConverter]::ToString($signatureBytes) -replace '-'
$signature = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($signatureHex.ToLower()))

<# Construct Headers #>
$auth = 'LMv1 ' + $accessId + ':' + $signature + ':' + $epoch
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Authorization",$auth)
$headers.Add("Content-Type",'application/json')
$headers.Add("X-Version", "2")

<# Make Request #>
$response = Invoke-RestMethod -Uri $url -Method $httpVerb -Header $headers
<# Print status and body of response #>
$status = $response.status
$body = $response.data| ConvertTo-Json -Depth 5

$devicePayload = $response.items

##loop through each device and remove group from its hostGroupIds property
Foreach ($d in $devicePayload)
{
#find where the group is and remove it from the string along with comma depending on placement
if ($d.hostGroupIds -like "*,$group*")
{
$remove = "," + $group
$groups = $d.hostGroupIds.Replace("$remove","")
}
Else
{
$remove = $group + ","
$groups = $d.hostGroupIds.Replace("$remove","")
}

$httpVerb = 'PATCH'

$id = $d.id
$resourcePath = "/device/devices/$id"
$queryparams = '?patchFields=hostGroupIds'
$data = "{" + '"hostGroupIds":"' + $groups + '"}'

# Construct URL
$url = 'https://' + $company + '.logicmonitor.com/santaba/rest' + $resourcePath + $queryparams

# Get current time in milliseconds #
$epoch = [Math]::Round((New-TimeSpan -start (Get-Date -Date "1/1/1970") -end (Get-Date).ToUniversalTime()).TotalMilliseconds)

# Concatenate Request Details #
$requestVars = $httpVerb + $epoch + $data + $resourcePath

# Construct Signature #
$hmac = New-Object System.Security.Cryptography.HMACSHA256
$hmac.Key = [Text.Encoding]::UTF8.GetBytes($accessKey)
$signatureBytes = $hmac.ComputeHash([Text.Encoding]::UTF8.GetBytes($requestVars))
$signatureHex = [System.BitConverter]::ToString($signatureBytes) -replace '-'
$signature = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($signatureHex.ToLower()))

# Construct Headers #
$auth = 'LMv1 ' + $accessId + ':' + $signature + ':' + $epoch
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Authorization",$auth)
$headers.Add("Content-Type",'application/json')
$headers.Add("X-Version", "2")

# Make Request #
$response = Invoke-RestMethod -Uri $url -Method $httpVerb -Header $headers -Body $data

}

22 Replies

Mike_Moniz
Professor
3 years ago
If you want to ultimately delete the group, you should be able to delete the group with devices in it and LM will prompt if you want to delete just the group (and subgroups) or the group+devices. But test that first. From the API I believe you can send send a PATCH request to /device/devices/{id} and change the hostGroupIds property to exclude the group id you want to remove it from.

https://www.logicmonitor.com/swagger-ui-master/dist/#/Devices/patchDevice

https://www.logicmonitor.com/support/rest-api-developers-guide/v1/devices/update-a-device

https://www.logicmonitor.com/support/devices/device-groups/deleting-device-groups#deleting
Anonymous
3 years ago
Yep, @Mike Monizhas the right answer.

I just did this in Postman through the API. Make sure you do a few things:

1. Set the query parameter "fields" to "hostGroupIds"
2. Set the body to include the new overall value of hostGroupIds. In my case, the existing value was "261,260,258". I changed it to "261,260,258,262".

If you're looking for a way to easily do it through the UI, I don't think there is in the way you're hoping. The closest you can get is by navigating to the info tab for the group. On the right, there's a "Groups/Devices" section. Click the trash can next to each one you want to delete.
thedietz
Neophyte
3 years ago

7 minutes ago, Stuart Weenig said:

Yep, @Mike Monizhas the right answer.

I just did this in Postman through the API. Make sure you do a few things:

1. Set the query parameter "fields" to "hostGroupIds"
2. Set the body to include the new overall value of hostGroupIds. In my case, the existing value was "261,260,258". I changed it to "261,260,258,262".

If you're looking for a way to easily do it through the UI, I don't think there is in the way you're hoping. The closest you can get is by navigating to the info tab for the group. On the right, there's a "Groups/Devices" section. Click the trash can next to each one you want to delete.

Where are you finding "hostGroupIds". When I get a response from one device i found "deviceGroupIds" in system properties. That is the value i was messing with. Am i looking in the wrong spot?
thedietz
Neophyte
3 years ago

10 minutes ago, Stuart Weenig said:

Yep, @Mike Monizhas the right answer.

I just did this in Postman through the API. Make sure you do a few things:

1. Set the query parameter "fields" to "hostGroupIds"
2. Set the body to include the new overall value of hostGroupIds. In my case, the existing value was "261,260,258". I changed it to "261,260,258,262".

If you're looking for a way to easily do it through the UI, I don't think there is in the way you're hoping. The closest you can get is by navigating to the info tab for the group. On the right, there's a "Groups/Devices" section. Click the trash can next to each one you want to delete.

and is there any chance you can post a screenshot and blank out creds and stuff so I can see your syntax? if not i understand

Anonymous

3 years ago

Here are the properties on my device. hostGroupIds is not under system properties. It's a peer to name, displayName, id, etc. 4th from the bottom here.

{
    "id": 196,
    "name": "10.0.0.1",
    "displayName": "10.0.0.1",
    "deviceType": 0,
    "relatedDeviceId": -1,
    "currentCollectorId": 106,
    "preferredCollectorId": 106,
    "autoBalancedCollectorGroupId": 0,
    "preferredCollectorGroupId": 1,
    "preferredCollectorGroupName": "@default",
    "description": "",
    "createdOn": 1628260106,
    "updatedOn": 1648321092,
    "disableAlerting": false,
    "autoPropsAssignedOn": 0,
    "autoPropsUpdatedOn": 0,
    "scanConfigId": 0,
    "link": "",
    "enableNetflow": false,
    "netflowCollectorId": 0,
    "netflowCollectorGroupId": 0,
    "netflowCollectorGroupName": null,
    "lastDataTime": 0,
    "lastRawdataTime": 0,
    "hostGroupIds": "260,258",
    "sdtStatus": "none-none-none",
    "userPermission": "write",
    "hostStatus": "dead-collector",
============TRUNCATED============

Mike_Moniz
Professor
3 years ago
Yeah, there is a few means of "properties" when using the LM API. There is LogicMonitor properties like system.hostname and location, then there is properties in the JSON sense like id, name, displayName, etc. When using the API, start looking at the json-properties before looking into the LM-properties like systemProperties and customProperties. Also I believe you can't modify any of the systemProperties via the API except for system.categories.

It still helps to still reference the LMv1 API documentation. You should still actually use the v2 API but its automated Swagger documentation can be limited imho which the v1 docs can help fill in.
Anonymous
3 years ago

5 minutes ago, Mike Moniz said:

I believe you can't modify any of the systemProperties via the API except for system.categories.

That's correct. You also can't modify auto properties or inherited properties. Only custom properties can be edited via the api. To change auto properties, you have to modify the propertysource that set them. To modify inherited properties, you have to change group membership.
thedietz
Neophyte
3 years ago
thanks for the information.

Trying to use the hostGroupIds that you showed me but now running into a new issue.

When I run my PATCH (using powershell btw) i get an errmsg response "Authentication Failed". using same API token i use in my GET (successfully). and I am an Administrator in our LM instance, so the Authentication Failed is really throwing me off here........
Anonymous
3 years ago
I recommend using Postman to get your API call working properly, then move it into a script. Separates problems with the API from problems with your script.

That said, what does your call look like (no creds)? Are you including the payload body in the calculation of your LMv1 signature (the encrypted part of your LMv1 token)?
thedietz
Neophyte
3 years ago

1 hour ago, Stuart Weenig said:

I recommend using Postman to get your API call working properly, then move it into a script. Separates problems with the API from problems with your script.

That said, what does your call look like (no creds)? Are you including the payload body in the calculation of your LMv1 signature (the encrypted part of your LMv1 token)?

Just installed Postman. Never used it before so will work through figuring that out. script I'm using is below and i was working off what is on this page Update a Device | LogicMonitor

device ID is defined in the $ID variable

Forum Discussion

Remove multiple devices from a static group

22 Replies

Related Content

Best Practices for removing clients from LogicMonitor

Automatic removal of category

REST API Device SLA Widget

LogicMonitor Device Provisioning Workflow Diagram?

Dynamic Device Groups - constrain membership to parent folder

Recent Discussions

Issues with Set-LMWebsiteGroup

ESX Host Services?

What not to do when developing code

REST API 503 errors

Anyone else have issues logging into these new forums with Firefox?