Ready to move out of the UI ?
Thanks to Saurav Babu, and Tim Helton’s help, I was able to push my MP authoring limits further.
The good thing with the Shell command template in SCOM is that your script is encoded.
Bad news
- If functionality doesn’t exist in the UI, you can’t easily pull the monitor and just add variables to get that functionality.
- Scripts and Shell commands are encoded (great news for security!)
Now to the use case – need Sample Count and Match Count to prevent false positive alerts
The UNIX Shell Command library allows us to use the following variables out of the box:
Interval, SyncTime, TargetSystem, UserName, Password, Script, ScriptArgs, TimeOut, TimeOutInMS, HealthyExpression, ErrorExpression
AND we can override Interval, Script, TimeOut, TimeOutInMS
If that’s not enough options, then read on!
When the built-in functionality doesn’t exist
For this UNIX shell command/script monitor, we required SampleCount and MatchCount
Variables explained
SampleCount is the number of times (samples for an alert).
If SampleCount = 4, this means 4 samples will generate an alert
MatchCount is the number of intervals before monitor state changes
If Interval = 60 (s), and MatchCount = 10, then it will take 10 minutes (600s before we alert)
Combining the 2 means 4 samples over 10 minutes will generate an alert.
Sometimes this is called alert suppression or counting failures before alerting
Built a custom DataSource, ProbeAction, and WriteAction, as the UNIX Shell Library MP did not include these additional variables.
Please review my updated MP Fragments TechNet Gallery for the custom MP and fragments!
https://gallery.technet.microsoft.com/Uncommon-Custom-MP-c5a12a86
Encoding the script or command to run
The other issue with UNIX scripts and commands, is the UI encodes the scripts.
How do we get around it you ask?
Since we are building an MP Fragment and MP, we must figure out how to encode.
To encode the script to put into your SCOM monitor (and MP Fragment)
Example
$script = ‘if [ `ps -ef | grep sleep | grep -v grep | wc -l` -eq “1” ]; then echo false; else echo true; fi’
# Verify script variable
$script
# Get $script bytes
$s = [System.Text.Encoding]::UTF8.GetBytes($script)
# Verify script bytes output (optional as bytes broken out by line)
$s
# Encode script to Base64
$encoded = [System.Convert]::ToBase64String($s)
# Verify $encoded
$encoded
# Optional
# Verify string converts back properly
[System.Text.Encoding]::UTF8.GetString($s)
$encoded output is what needs to be entered into the <script></script> variable in your monitor
Example Output
PS C:\Users\scomadmin\desktop> $script = ‘if [ `ps -ef | grep sleep | grep -v grep | wc -l` -eq “1” ]; then echo false;
else echo true; fi’
PS C:\Users\scomadmin\desktop> $script
if [ `ps -ef | grep sleep | grep -v grep | wc -l` -eq “1” ]; then echo false; else echo true; fi
PS C:\Users\scomadmin\desktop> $s = [System.Text.Encoding]::UTF8.GetBytes($script)
PS C:\Users\scomadmin\desktop> $s
PS C:\Users\scomadmin\desktop> $s = [System.Text.Encoding]::UTF8.GetBytes($script)
PS C:\Users\scomadmin\desktop> $encoded = [System.Convert]::ToBase64String($s)
PS C:\Users\scomadmin\desktop> $encoded
aWYgWyBgcHMgLWVmIHwgZ3JlcCBzbGVlcCB8IGdyZXAgLXYgZ3JlcCB8IHdjIC1sYCAtZXEgIjEiIF07IHRoZW4gZWNobyBmYWxzZTsgZWxzZSBlY2hvIHRydWU7IGZp
PS C:\Users\scomadmin\desktop> [System.Text.Encoding]::UTF8.GetString($s)
if [ `ps -ef | grep sleep | grep -v grep | wc -l` -eq “1” ]; then echo false; else echo true; fi
PS C:\Users\scomadmin\desktop>
References
Jonathan Almquist’s blog post
Kevin Holman’s blog on service with Samples