CaseyW
Joined 5 years ago
User Profile
User Widgets
Contributions
Re: How to create datasources from powershell script
Here is an example of the output: Common Name Effective Date Expiration Date Days Remaining ----------- -------------- --------------- -------------- cert.domain.com 9/20/2021 9/20/2023 112 True cert.domain.com 9/29/2021 9/29/2023 121 True cert.domain.com 4/1/2022 3/31/2024 305 True cert.domain.com 4/6/2022 4/5/2024 310 True62Views0likes0CommentsHow to create datasources from powershell script
Hello, I wrote a PS script that takes a look at all issued certs on my microsoft CA and outputs 4 columns, The name of the cert, the effective date, the expiration date and the days remaining until cert expiration. Here is the script for reference: $templates = @('x.x.x.x.x.x.x.x.x.x.x.x') $certs = $null ForEach($template in $templates){ $certs += certutil -view -restrict "certificate template=$template,Disposition=20" -out "CommonName,NotBefore,NotAfter,CertificateTemplate" } $i = 0 $output = @( ForEach($line in $certs){ If($line -like "*Issued Common Name: *"){ $asdf = New-Object -TypeName psobject $asdf | Add-Member -membertype noteproperty -name 'Common Name' -value (($certs[$i] -replace "Issued Common Name: ","") -replace '"','').trim() $asdf | Add-Member -membertype NoteProperty -name 'Effective Date' -value (($certs[$i+1] -replace "Certificate Effective Date: ","") -replace '\d+\:\d+\s+\w+','').trim() $asdf | Add-Member -membertype NoteProperty -name 'Expiration Date' -value (($certs[$i+2] -replace "Certificate Expiration Date: ","") -replace '\d+\:\d+\s+\w+','').trim() $expirationDate = [datetime]::MinValue [datetime]::TryParse($asdf.'Expiration Date', [ref]$expirationDate) $daysRemaining = ($expirationDate - (Get-Date)).Days $asdf | Add-Member -MemberType NoteProperty -Name 'Days Remaining' -Value $daysRemaining $asdf } $i++ } ) $output How can I create a datasource within LM that will parse out each common name, tie it to its corresponding “days remaining” value and alert based on that? Is this possible?Solved437Views13likes6CommentsHelp with Groovy Script for DNSSEC monitoring
There is currently no LogicModule for monitoring DNSSEC. I am trying to create a custom datasource using groovy in order to test DNS utilizing a dnssec key. Problem is, I don't have java/groovy experience. I have set 3 properties on my collector device as follows: dns.resolvers: 8.8.8.8, dns.seckey: <super secret key>, dns.testname: <fqdn.com> The only thing I really know how to do at this point is to define each of these properties at the beginning of the script as follows: import org.xbill.DNS.*; def dnsServers = hostProps.get('dns.resolvers'); def dnsNameToResolve = hostProps.get('dns.testname'); def dnsSecurityKey = hostProps.get('dns.seckey'); Has anyone written anything for this purpose? Any ideas on what I need to do here?79Views0likes2CommentsThose with ServiceNow integrations: How do you configure your HTTP Delivery to UPDATE incidents rather than creating new ones for acknowledged and cleared alerts?
New incidents (Duplicates) are opened every time an incident is acknowledged or cleared. Looking at the HTTP Delivery section of my integration and it looks like all requests for active alerts, acknowledged alerts, cleared alerts and escalated/de-escalated alerts are just set to POST to the same table within SNOW: <myinstancename>/api/now/table/x_lomo_lmint_logicmonitor_inbound_webser It seems to me like a sysid should be created and used for each incident and that the HTTP Delivery section should be using HTTP PUT method, along with the unique sysid for each incident that is being updated with an acknowledgement, clear or escalation/de-escalation.. Any ideas on how to accomplish updating these incidents? I have attached a screenshot of my HTTP Delivery section for acknowledged alerts117Views0likes2CommentsHas anyone had issues with ServiceNow Integration using HTTP PUT method?
I am having an issue where my SNOW integration is not allowing for HTTP PUTs. When an alert threshold is triggered, a HTTP Post is sent via the API that successfully, an incident is created. If an alert is acknowledged/cleared or escalated/de-escalated, if configured with the POST method, these events trigger an additional ticket to be created telling me that the alert was cleared/acknowledged/escalated..etc. This is expected behavior. However, when I decide that instead of a separate ticket to be created, I want the original incident updated, I configure the integration with the PUT method for Acknowledged/Cleared/Escalated events. When this configuration is saved, the HTTP PUT request is never completed and the integration log gives me an error stating that the API does not support PUT requests. All LM documentation says that PUT is supported for SNOW integrations. I have been working with LM support on this but havent been able to figure it out yet.. Has anyone come across this issue before?58Views0likes0CommentsRouting error/critical alerts to a ticketing system
I tuned all of my alerts just how I want them, and now that I am ready to fully implement LM into our enviornment, I am working on creating alert rules. I ran into a problem. Using the Ping Loss Percent as an example: I have thresholds set at 20 for warn, 70 for error and 90 for critical. These happen to be out of the box. I still want these warning alerts to happen at 20%. Mostly for trend analysis and reporting reasons, but I do not want to send these off to ServiceNow for incident creation... However, I do want tickets created for ping loss at the error and critical thresholds. The problem is when creating alert rules, I can only choose All alerts routed (I dont want warnings) or I can select only one of the following Warn, Error OR Critical. If I create 2 alert rules, one for error and one for critical alerts, I will get double tickets and I dont want that either. The only thing I can think of to fix this is create a new complex datapoint called Ping Percent (Warn), set that at 20% with no thresholds set for error and critical, and then get rid of the warning alert for the original datapoint. This seems messy. Is there a better way?Solved67Views0likes3CommentsHow can I get LogicMonitor INC MGR in Service Now to open certain tickets under different groups?
I got my SNOW integration up and running and noticed that every ticket that gets opened is opened under our service now group "Helpdesk" which is perfect for most incidents. Is there a way to change which SNOW group a ticket is assigned to based on resource group or some type of tag I can add? I find it interesting that I never set a group that I wanted the tickets to be opened under, it just selected Helpdesk as default I guess. Not quite sure how this portion works.49Views0likes1Comment