• 0

PowerShell Script for Alert


MaxJamakovic
 Share

Question

$headers = @{
    Accept = 'application/json'
    'Content-Type' = 'application/json'
}

$username = "appUser"
$password = "base64 encodedPassword"

$body = @{username=$username;password=$password;}

$response = Invoke-RestMethod 'https://localhost/webconsole/api/Login' -Method 'POST' -Headers $headers -Body $($body | ConvertTo-Json)

$token = $response | Select-Object -ExpandProperty token

$headers = @{
    Authtoken = $token
    Accept = 'application/json'
}

$response = Invoke-RestMethod 'https://localhost/webconsole/api/DDBInformation/8' -Method 'GET' -Headers $headers
$response.dedupDBInfo.subStoreList.avgQITime -gt "1400" 

 

 

Hi I'm new to Logic Monitor what do I need to modify in this script so that can be run from collector, the script retrieves the token  and inserts that token in next command, but I need to modify so that this user gets credentials from logic monitor service account. This REST API is using base64 encoded password to obtain token.

I need help with adding the logic monitor service account and write output to logic monitor, the script returns nothing if value is less than 1400 if grater than 1400 to trigger alert.

 

Link to comment
Share on other sites

6 answers to this question

Recommended Posts

  • 0

If you are referring to the service account that the LogicMonitor Collector Windows Service is running, then the collector will not know what the password is because Windows doesn't store the real service password itself but some hash of it. This isn't unique to LogicMonitor but services in general. Does the website support NTLM auth? If that is supported then I think you can write it in a way to have powershell pass the hash. But for something like this I would create special device properties like ddbinfoweb.user and ddbinfoweb.pass (you can make up the first part of the name) then have the script use these properties for creds using something like $username = "##ddbinfoweb.user##".

Edited by Mike Moniz
  • Like 2
Link to comment
Share on other sites

  • 0

Hi Mike, the user is not service account, it's local user account to log in to application website. that same use is also added to logic monitor under device properties. I'm not sure if supports NTLM but to get the token user password must be Base64 Encoded Password

 
Link to comment
Share on other sites

  • 0

Ok, if you already have the username and password in a device property/token you can use code like this to convert the password to hex (I didn't test this):

$Username = '##ddbinfoweb.user##'
$PasswordRaw = '##ddbinfoweb.pass##'
$Bytes = [System.Text.Encoding]::Unicode.GetBytes($PasswordRaw)
$Password = [Convert]::ToBase64String($Bytes)
$Body = @{username=$Username;password=$Password}
...
  • Like 1
Link to comment
Share on other sites

  • 0
$Username = '##ddbinfoweb.user##'
$PasswordRaw = '##ddbinfoweb.pass##'
$Bytes = [System.Text.Encoding]::Unicode.GetBytes($PasswordRaw)
$Password = [Convert]::ToBase64String($Bytes)
$Body = @{username=$Username;password=$Password}

$headers = @{
    Accept = 'application/json'
    'Content-Type' = 'application/json'
}

$username = "appUser"
$password = "base64 encodedPassword"

$body = @{username=$username;password=$password;}

$response = Invoke-RestMethod 'https://localhost/webconsole/api/Login' -Method 'POST' -Headers $headers -Body $($body | ConvertTo-Json)

$token = $response | Select-Object -ExpandProperty token

$headers = @{
    Authtoken = $token
    Accept = 'application/json'
}

$response = Invoke-RestMethod 'https://localhost/webconsole/api/DDBInformation/8' -Method 'GET' -Headers $headers
$response.dedupDBInfo.subStoreList.avgQITime -gt "1400" 

 to position on very top? 

Link to comment
Share on other sites

  • 0

Something like that, but you would need to remove your old $username, $password and $body lines.

Also I noticed that you are attempting to do the comparison to > 1400 directly in the script. I suggest instead you output the value directly like avgQITime=XXXXX then let LogicMonitor check if it's >1400. That would also let you have multiple thresholds for different levels, like for example >1000 is warning, >1400 is critical, etc.

 

  • Like 1
Link to comment
Share on other sites

  • 0
  • Administrators
On 9/27/2021 at 2:31 PM, Mike Moniz said:

I suggest instead you output the value directly like avgQITime=XXXXX then let LogicMonitor check if it's >1400.

I second this. It would also allow you to trend the metric over time and add dynamic thresholds.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share