Dynamic Group Custom Query Examples
Hello, so I was wondering if it was possible to create a Dynamic Device Group based on if box(es) wererunning a particular windows service ("ServiceNow"). I was looking at the Dynamic Device Group help and it only had a few examples for the custom query. Is there a full, comprehensive list of what options are available?Example the "hascategory()" function/test is listed where exactly in the help? And back to my original request can a Dynamic Device Group, group the machines that are running a particular Windows Service? I couldn't figure this out so I just went with a new Property Source definition and cloned and existing one that looked at all Windows Services on a box and tested if each one contained "ServiceNow" and then added the Category "ServiceNow" to the host. Then my DDG groups all these boxes based on "hasCategory("ServiceNowMID")" The Property Source script cloned/used: import com.santaba.agent.groovyapi.win32.WMI; //================================== def host = hostProps.get("system.hostname"); // get a list of running services def service_list = WMI.queryAll(host, "select * from win32_service"); def datacoreServices = service_list.findAll { service -> service["DISPLAYNAME"].contains("ServiceNow MID") } // Did we find any ServiceNow MID Services? if (datacoreServices.size() > 0) { println "system.categories=ServiceNowMID"; } return(0); //=== END ==== But if there is a more efficient way to do this please let me know. I think querying all the services an all isWindows() boxes is pretty expensive in terms of processing. What is a better wmi query to check for specifically a particular Windows Service that contains "xxxx" Thank you,498Views0likes2CommentsDynamic groups formatting question
Hi all, I’m new to the product and trying to figure out the basics of how it wants things formatted. I’m trying to setupa simple Dynamic group with 2 variables and can’t figure out how it wants it formatted to combine them. I just want the custom query to contain the following. system.displayname=~"test" device_type=~"server"Solved200Views8likes2CommentsLetting non-admin users make and manage their own dynamic groups
We’ve got an environment that is maturing into a space where our SMEs are now wanting to take some ownership of their device organization and alert tuning. Part of that has butted up against dynamic group membership, but unfortunately (understandably), that can only be done by people who can manageallgroups, since obviously you could just make a dynamic group under a group to which you have access whose AppliesTo is just “true()” and thus gain access to every device in the org. We have been considering ways to facilitate access to these SMEs so that they can manage their own device groups, without giving them too much power with which they could accidentally delete or silence a bunch of devices they don’t own by a mistake in their AppliesTo logic. We’d really prefer not to just give these SMEs blanket Manage access, but we’d also like to avoid having a paradigm where they have to come to us to have every single dynamic group created for them. We’ve been considering Terraform, granting each team access to their own static group and letting them make subgroups inside of it,and adding what is effectively an AppliesTo prepend that is “belongsToThisTeam() &&” + “whatever their AppliesTo is.” This, unfortunately, would require them to know about and remember to use whatever custom module we’d build to add that prepend. Furthermore the way parent groups are set up, we’d have little to no way to restrict them to putting their new groups under the ones to which they rightfully have access. Has anyone else come up on these hurdles and figured out a way, or done some thinking on how to facilitate dynamic group management for specific teams without giving them the keys to the kingdom?Solved102Views13likes8CommentsCustom query for dynamic group
Hi I want create dynamic groups based on server role like print servers, AD servers, file servers etc. Could you please help me to to find out how can i create a custom query for the groupings or custom query if a service is running. Thank you Tanvir28Views0likes1CommentCreate Dynamic group by Script
Hi Members I am trying to create 'Device Dynamic Groups' with Python script. but I am failing. Could you pleas me what I am missing: Conditions of the groups name: If Device display name starts with prod, all device should group. data = '{"name":"test111","parentId":111,"appliesTo":"startsWith("system.displayname","Prod")"}' I have attached the full script too. I am running Python 3.6.5 #!/bin/env python import requests import json import hashlib import base64 import time import hmac #Account Info AccessId ='XXXXXX' AccessKey ='XXXXXX' Company = 'contoso' #Request Info httpVerb ='POST' resourcePath = '/device/groups' data = '{"name":"test111","parentId":111,"appliesTo":"startsWith("system.displayname","Prod")"}' #Construct URL url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath #Get current time in milliseconds epoch = str(int(time.time() * 1000)) #Concatenate Request details requestVars = httpVerb + epoch + data + resourcePath #Construct signature #signature = base64.b64encode(hmac.new(AccessKey,msg=requestVars,digestmod=hashlib.sha256).hexdigest()) hmac = hmac.new(AccessKey.encode(),msg=requestVars.encode(),digestmod=hashlib.sha256).hexdigest() signature = base64.b64encode(hmac.encode()) #Construct headers #auth = 'LMv1 ' + AccessId + ':' + signature + ':' + epoch #headers = {'Content-Type':'application/json','Authorization':auth} auth = 'LMv1 ' + AccessId + ':' + signature.decode() + ':' + epoch headers = {'Content-Type':'application/json','Authorization':auth} #Make request response = requests.post(url, data=data, headers=headers) Please assist Thank you.16Views0likes3CommentsCreating dynamic group
Hi All I am trying to create groups with a pythonscript which read a CSV file. my txt file has following information {"name":1","parentId":462,"appliesTo": "Type==\\"Test Server\\\"\"} {"name":2","parentId":462,"appliesTo": "Type==\\"Test Server\\\"\"} {"name":3","parentId":462,"appliesTo": "Type==\\"Test Server\\\"\"} {"name":4","parentId":462,"appliesTo": "Type==\\"Test Server\\\"\"} when I run the script bellow I receiveInvalid JSON body message Response Status: 200 Response Body: b'{"data":null,"errmsg":"Invalid json body","status":1007}' I can create the group if I assign value directly like data ='{"name":1","parentId":462,"appliesTo": "Type==\\"Test Server\\\"\"}' Script is Quote Quote import requests import json import hashlib import base64 import time import hmac #Account Info AccessId ='tba' AccessKey ='XXX' Company = 'YYY' #Request Info httpVerb ='POST' resourcePath = '/device/groups' with open('test.txt', 'r') as file: #csv_reader = csv.reader(csv_file) for line in file: data =line print (data) url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath #Get current time in milliseconds epoch = str(int(time.time() * 1000)) #Concatenate Request details requestVars = httpVerb + epoch + data + resourcePath #Construct signature hmac1 = hmac.new(AccessKey.encode(),msg=requestVars.encode(),digestmod=hashlib.sha256).hexdigest() signature = base64.b64encode(hmac1.encode()) #Construct headers auth = 'LMv1 ' + AccessId + ':' + signature.decode() + ':' + epoch headers = {'Content-Type':'application/json','Authorization':auth} #Make request response = requests.post(url, data=data, headers=headers) #Print status and body of response print ('Response Status:',response.status_code) print ('Response Body:',response.content)3Views0likes0Comments