• Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by pperreault

  1. Cloud services (e.g. Azure, Slack, Teams, Bandwidth.com) generally provide a status page indicate the respective service's current health as well as updates. Has anyone tried to monitor and dashboard these with LM? As a point of reference, there are services like StatusGator that do this. I'm not sure if LM Websites is robust enough, but maybe I'm missing something. Webhook/push functionality would be helpful here. Any ideas?
  2. We have SSO with DUO working however I've been unable to map the user's email address to their LM account. I *think* i'm just missing the correct attributes to map from AD/DUO to LM. Does anyone have this working, and would you share your config?
  3. Powershell script to pull Call Manager appliance's backup status. Would love some feedback and recommendations on improvements. Would also love it in Groovy (so its not dependent on windows collectors) but haven't had the time to figure out, if anyone is feeling generous, I can offer nerd points. The web request output is pasted below for reference. Something else I want to figure out is how to represent the date of last successful backup (once, not for every file), found in the $xmlResult, in a widget. If anyone has thoughts on that, again, I'd appreciate hearing it. # Requests backup status from Cisco Call Manager Cluster devices # $serverURL = 'https://##system.hostname##/platform-services/services/MaintenanceService?wsdl' $ciscoUser = '##cucm.user##' $ciscoPwd = '##cucm.pass##' $match = 'Success' $soapRequest = [xml]@" <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:ser="http://services.api.platform.vos.cisco.com"> <soap:Header xmlns:wsa="http://www.w3.org/2005/08/addressing"> <wsa:Action>urn:getBackupProgress</wsa:Action> <wsa:ReplyTo> <wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address> </wsa:ReplyTo> <wsa:MessageID>uuid:dc75e529-34fb-4009-b594-d801ec86f39e</wsa:MessageID> </soap:Header> <soap:Body> <ser:getBackupProgress/> </soap:Body> </soap:Envelope> "@ $header = @{"Authorization" = "Basic "+[System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($ciscoUser+":"+$ciscoPwd))} # Making the web request try { $result = Invoke-WebRequest -Uri $serverURL -Headers $header -Method:Post -Body $soapRequest -ContentType "application/soap+xml" -usebasicparsing } catch { # exit code of non 0 will means the web request returned an error # throw $Error[0].Exception exit 1 } if ($result.StatusCode -eq "200") { [xml]$SOAP = $result.Content # returns detailed config backup status for individual services including date and file path $xmlResult = $SOAP.Envelope.Body.getBackupProgressResponse.return.backupProgressResult.componentList # returns summary result indicating success or failure $backupOverallStatus = $SOAP.Envelope.Body.getBackupProgressResponse.return.backupProgressResult.status # True if matches string "Success" # if ($backupOverallStatus -match $match) { $Status = 1 } else { $Status = 2 } Write-Host "Status = $Status" exit 0 } else { exit 1 } # want to do something with detailed output later # # Write-Host "$xmlResult" # # web request results # $xmlResult PLM host ELM-AGENT SUCCESS Sun Jul 04 21:45:02 EDT 2021 activelog/platform/drf/log/2021-07-04-21-45-02_b_host_plm_elm-agent.log PLM host ELM-SERVER SUCCESS Sun Jul 04 21:45:03 EDT 2021 activelog/platform/drf/log/2021-07-04-21-45-02_b_host_plm_elm-server.log PLM host ELM-AGENT SUCCESS Sun Jul 04 21:45:04 EDT 2021 activelog/platform/drf/log/2021-07-04-21-45-02_b_host_plm_elm-agent.log PLM host ELM-SERVER SUCCESS Sun Jul 04 21:45:05 EDT 2021 activelog/platform/drf/log/2021-07-04-21-45-02_b_host_plm_elm-server.log ... # $backupOverallStatus Status: SUCCESS :Backup Completed...
  4. I put this together. https://github.com/peteperreault/lm Script is getGroupConfigs. It's working for Cisco and Palo Alto devices, potentially only a subset of each. I'm sure there are additional devices that can be added as well as additional functionality. @Stuart Weenig You'll recognize some bits from connectwise_manage. You know what they say, imitation (and outright thievery) is the sincerest form of flattery. 😉
  5. @Stuart Weenig Correct, download a collection of configs from LM to a local device. @mnagel Thank for the link. However, I am going to be a choosy beggar since I am useless with perl. I decided to go ahead and write something in python and will link it here if it turns out to be any good.
  6. Anyone know of or have a scipt to download multiple device configurations at once? I'm thinking of writing a script that will identify resources within a group and then download their configurations for a specific configsource instance. I can't be the first one to want this though so thought I'd check here.
  7. Thanks for the suggestions and pointers @Michael Rodrigues.
  8. Just created a ds to count SonicWall SSL VPN sessions. Locator FMN27M. Would love some feedback and code improvements as this is my first groovy script. Not a fan of just dropping the exit code as I have. There must be a better way to implement validations/error checking and output appropriate exit codes Would like to see other methods for counting the users. Maybe matching on the string "User Name" and counting the lines that follow? Could see this growing to include user session length Would be nice to only apply the ds to a resource if ssl vpn server was running For ease here is sample output from the firewall and the script. ======================= Active SSLVPN Sessions: ======================= User Name Client Virtual IP Client WAN IP Login Time Inactivity Time Logged In user1 1799 Minutes 0 Minutes 01/23/2020 09:29:52 user2 460 Minutes 0 Minutes 01/24/2020 07:49:31 user3 368 Minutes 0 Minutes 01/24/2020 09:22:08 user4 224 Minutes 0 Minutes 01/24/2020 11:45:54 user5 170 Minutes 0 Minutes 01/24/2020 12:39:37 user6 13 Minutes 0 Minutes 01/24/2020 15:15:49 import com.santaba.agent.groovyapi.expect.Expect; hostname = hostProps.get("system.hostname"); userid = hostProps.get("ssh.user"); passwd = hostProps.get("ssh.pass"); // initialize a variable to contain the actual host prompt def actualPrompt = ""; def sslvpn_user_count = 0; // open an ssh connection and wait for the prompt ssh_connection = Expect.open(hostname, userid, passwd); ssh_connection.expect(">"); // capture full prompt e.g. user@host ssh_connection.before().eachLine { line -> actualPrompt = line; } // display the ssl vpn sessions ssh_connection.send("show ssl-vpn sessions \n"); ssh_connection.expect(actualPrompt + ">"); cmd_output = ssh_connection.before(); // read thru multiline output // rows with 9 columns are user sessions // increment to total user sessions cmd_output.eachLine { line -> row_length = line.split(/\s+/); if ( row_length.size() == 9 ) { sslvpn_user_count++ } } ssh_connection.send("exit"); println(sslvpn_user_count); return 0;
  9. @Antony Hawkins Thanks for the follow up. I've played with this configsource over the last few days and have some thoughts. The property names for the API key and id have changed but that is easy enough to update in the configsource script. What is limiting the value of this configsource is that IOS provides different output from show run and show start. Show starting-config includes certificate chains while show running-config does not. This of course results in a diff trigger. IOS does have a show runing-config brief option that excludes certificate data. However that would obviously require a change to the IOS configsource pulling the configurations. If possible there would be value in excluding the certificate data from the diff in this configsource.
  10. I'm working through the approvals now to get access. They also have an API for pulling PSIRT (security advisories) that I want to play with. Might also have a lot of value.
  11. @Michael Fisher HTTPS sooner rather than later would be good. For other ports you'll never have a complete list but how about a tunnel functionality to enable remote access to protocols you don't support and non-standard ports?
  12. Would be helpful to have Cisco device warranty and contract status potentially shown as a property.
  13. I don't believe this is a feature of Logicmonitor. Did you find a solution? We are looking at Auvik now because of the integration with Connectwise. How do you find Logicmonitor compared to Auvik?
  14. Thanks for this, this is great. I am only interested in the ip and org info so in the interest of de-cluttering the property source info I reduced the script output to just that. Stack Exchange (since I'm not a groovy guy) pointed me to this solution. //comment out orig map iteration //arrayInfo_map.each{ key, value -> println "$key=$value"}; def ip_addr = arrayInfo_map.find{ it.key == "ip" }?.value; if(ip_addr) println "ip = ${ip_addr}"; def carrier = arrayInfo_map.find{ it.key == "org" }?.value; if(carrier) println "org = ${carrier}"; I wouldn't be surprised if improvement on this is possible. Thanks again.
  15. One of our collectors is experiencing what seems to be connectivity issues. Common symptoms are it loses communication with the LM cloud, remote sessions to it or monitored devices fail to complete. I also notice that the collector heartbeat fail datapoint is increasing with time. I've seen it's value over 6000. Support hasn't been able to tell me what this value actual is other than providing developer notes, which are unfortunately unhelpful. Can anyone provide some insight to what this failure count is actually counting? Has anyone seen and resolved this symptom? We are planning on rebuilding the host server and recreating the collector.
  16. It would be beneficial to have direct access to logs indicating when alerts are suppressed due to escalation chain rate limits. Currently these logs are only available through support.
  17. I tried pulling this configsource but it looks like it is under security review. Any idea when it will be available?
  18. It seems YH9ZXM is unavailable due to security review. Is there a stats on this?
  19. So far so good, no issues with this hack for monitoring Meraki networks as of yet.
  20. We manage multiple Meraki organizations and have been limited by the one collector per organization rule. Monitoring a Meraki organization via the Meraki cloud requires snmp.meraki.com be used as the IP Address/DNS name with the organizations unique snmp settings. A collector requires unique IPaddress/DNS name for each Logicmonitor device which prevents multiple organizations from being monitored by the same collector. To circumvent the one controller per organization limitation we've created internal DNS c-name records which point to snmp.meraki.com and use those as the IP Address/DNS name entry for different client organizations. We are currently running this as a test and haven't experienced any issues to date. I'd like to know if anyone else has experience with this (or any other) workaround, if so if any issues were experienced or if anyone can identify potential problems. Thanks
  21. Has using an empty value for the depends_on property been tested to have negative results? My testing shows no ill effect. Adding this property at the group level obviously speeds deployment. However if the primary device is within the group I don't want to make it dependent on itself. Adding the depends_on property to the primary device with an empty value seems to resolve this.
  22. Cisco_IOS excludes the ASR platform. Is there a plan to create a unique configsource for the ASRs or update Cisco_IOS?
  23. We are an MSP migrating an existing client base to LM for network and voice infrastructure health monitoring. For ease of deployment, when we do not manage their server infrastructure, we are thinking of providing clients with an ova to deploy within their network. Once the VM is deployed the collector will be installed. Any words of wisdom or lessons learned from your experiences doing something similar would be appreciated.
  24. This is fairly standard functionality in a monitoring tool. Many WAN circuits will be delivered at a rate limited speed. As an example, a carrier circuit may be clocked at 100Mbps or 1Gbps while the service speed is limited to 10Mbps, 20Mbps or 50Mbps. Utilization reporting, alerting and forecasting should be tied to this service speed, not the interface clock rate.