-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Updated the readmes for all existing use cases and updated some use c…
…ase templates for clarity Updated the readmes for all existing use cases and updated some use case templates for clarity.
- Loading branch information
1 parent
67f11f4
commit 7a6ca5e
Showing
12 changed files
with
185 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,48 @@ | ||
| <strong>JSON Output Extraction</strong> | ||
| ==================================================== | ||
| This template shows how to monitor the output of a JSON file, then capturing specific objects for monitoring. We first capture the output of the JSON file, then we pass it through JSON Pre-Processing, which will convert it to a csv format. From here, we can create multiple instances, and extract specific objects using Value Map monitors, Numeric Extractions, etc. | ||
|
|
||
| <strong>Command Line Monitor - Sample JSON</strong> | ||
|
|
||
| Command run on host: | ||
| cat %{FILE:sample.json} | ||
|
|
||
| This monitor is the method with which we retrieve the JSON file. In our case, we simply embedded a JSON file to the template (at the template level). In your setup, you will be using a different monitor to do so. This template was made to demonstrate what is done after we've collected the JSON file, so we will not be going over all the different methods of obtaining said JSON file. | ||
|
|
||
| Sample Output: | ||
| { | ||
| "accounts": [ | ||
| { | ||
| "userId": 1, | ||
| "firstName": "Krish", | ||
| "lastName": "Lee", | ||
| "accountLocked": "True", | ||
| "passwordExpiresIn": "32", | ||
| "daysSinceLastLogin": "1" | ||
| }, | ||
| { | ||
| "userId": 2, | ||
| "firstName": "Racks", | ||
| "lastName": "Jacson", | ||
| "accountLocked": "False", | ||
| "passwordExpiresIn": "63", | ||
| "daysSinceLastLogin": "1" | ||
| }, | ||
| ] | ||
| } | ||
|
|
||
| <strong>Text Pre-Processing - JSON Pre-Processing</strong> | ||
|
|
||
| This monitor will be used to convert the JSON in a different format, in this case CSV. This will enable us to convert each line into Dynamic Instances further down the line. We set our Entry Key to /accounts/ and our properties to /userID;/firstName;/lastName;/accountLocked;/passwordExpiresIn;/daysSinceLastLogin, to match the key of the JSON file as well as specifying which properties we want included in our CSV. Finally, we set our result separator as ";", which will be the separator used in our CSV output. | ||
|
|
||
| <strong>Dynamic Instances - User Account Instances</strong> | ||
|
|
||
| In this monitor, we use dynamic instances to create one MSX instance per CSV line. This way, we will be able to separate all of the instances, so that each can be monitored independently. By specifying the separators earlier, we can now set our Column Separators as ";". Since several set of names could theoretically contain duplicates, we opted to use multiple columns to name each instance. | ||
|
|
||
| <strong>Value Map - Account Locked</strong> | ||
|
|
||
| This monitor is used to create various status based on the content of a specific column. Similarly as the above monitor, we need to set the Column Separator to ";". We used column 5 which matches with "accountLocked". We set True as an alert, False as "OK" and anything else as "suspicious". | ||
|
|
||
| <strong>Numeric Extraction - Password Expires in (Days)</strong> | ||
|
|
||
| This monitor is where we will extract the PasswordExpiresIn value and set whichever alerts we may want. Similarly as the above monitor, we need to set the Column Separator to ";" and then specify the value as being in column number 6. In this example, we set the warning threshold at 7 days or above and the alarm threshold at 100%. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,19 @@ | ||
| <strong>Multiple Column Separators</strong> | ||
| ==================================================== | ||
| This template shows how to set multiple column separators. This is a very basic scenario where for some reason, each line has a different separator, perhaps due to the merging of several files, or any other reason that may come to mind. In the Dynamic Instance monitor, we have configured all of these separators so that our data output could be separated properly. | ||
|
|
||
| <strong>Command Line Monitor - Sample File</strong> | ||
|
|
||
| Command run on host: | ||
| cat %{FILE:sampleoutput.txt} | ||
|
|
||
| This monitor is the method with which we retrieve our output to be parsed. In our case, we simply embedded a test file to the template (at the template level). In your setup, you will be using a different monitor to do so. This template was made to demonstrate what is done after we've collected the output, so we will not be going over all the different methods of obtaining said output. | ||
|
|
||
| Sample Output: | ||
| Name1:Test1 | ||
| Name2>Test2 | ||
| Name3=Test3 | ||
|
|
||
| <strong>Dynamic Instances - Dynamic Examples</strong> | ||
|
|
||
| In this monitor, we use dynamic instances to create one MSX instance per line from out output. This way, we will be able to separate all of the instances, so that each can be monitored independently. We used 3 separate column separators (":","=" and ">" ). This can be useful when data is obtained and concatenated from several sources, or simply if we have several different separators in any given line. Any sub-monitors beyond this one will also require to have the same separators set to function properly. |
14 changes: 14 additions & 0 deletions
14
examples/Numeric Extraction Using Scientific Notations/readme.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,17 @@ | ||
| <strong>Numeric Extraction Using Scientific Notations</strong> | ||
| ==================================================== | ||
| This template shows how to use the numeric extraction function to read a scientific notation format number and convert it to a decimal value in order to monitor and alert as applicable. | ||
|
|
||
| <strong>Command Line Monitor - Scientific Notation Output</strong> | ||
|
|
||
| Command run on host: | ||
| echo Value:9.99e+30 | ||
|
|
||
| This monitor is the method with which we retrieve our output to be parsed. In our case, we simply used echo to receive an output to parse in the next monitor. In your setup, you will be using a different monitor to do so. This template was made to demonstrate what is done after we've collected the output, so we will not be going over all the different methods of obtaining said output. | ||
|
|
||
| Sample Output: | ||
| Value:9.99e+30 | ||
|
|
||
| <strong>Numeric Extraction - Numeric Extraction</strong> | ||
|
|
||
| This monitor is where we will extract the scientific notation and set whichever alerts we may want. The important thing to note is that we enabled the option "Accept Scientific Notation". To be able to use alerting against this value, we divided it by 1e+28, leaving us with a value without scientific notations. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,17 @@ | ||
| <strong>Numeric Extraction Using Timestamps</strong> | ||
| ==================================================== | ||
| This template shows how to use the numeric extraction function to read a scientific notation format number and convert it to a decimal value in order to monitor and alert as applicable. | ||
|
|
||
| <strong>Command Line Monitor - Timestamp Output</strong> | ||
|
|
||
| Command run on host: | ||
| echo Value:9.99e+30 | ||
|
|
||
| This monitor is the method with which we retrieve our output to be parsed. In our case, we simply used echo to receive an output to parse in the next monitor. In your setup, you will be using a different monitor to do so. This template was made to demonstrate what is done after we've collected the output, so we will not be going over all the different methods of obtaining said output. | ||
|
|
||
| Sample Output: | ||
| Timestamp: 01/01/2021 00:09:00 | ||
|
|
||
| <strong>Numeric Extraction - Timestamp Extraction</strong> | ||
|
|
||
| This monitor is where we will extract the timestamp and calculate the time difference with the current time. To do so, we changed the Value Type to Timestamp and set the Value Parameter as "Time Elapsed From Now". Addtionally, we inputted our timestamp format "%d/%m/%Y %H:%M:%S". As this will output a result in seconds, we opted to convert it into days by dividing it by 86400 (24x60x60). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,27 @@ | ||
| <strong>Powershell</strong> | ||
| ==================================================== | ||
| This template shows how to use a powershell script within Monitoring Studio X, leveraging the Command Line monitor. The first example uses an embedded file, specified in the template configuration. The second option, features the same script, but on the host where this template is active. | ||
|
|
||
| For powershell scripts to run successfully, the execution policy needs to be set accordingly on the host where they will be run. See microsoft documentation for more information: https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_execution_policies?view=powershell-7.1 | ||
|
|
||
| <strong>Command Line Monitor - Powershell Command Embedded File</strong> | ||
|
|
||
| Command run on host: | ||
| @powershell.exe -inputformat none %{FILE:samplepowershell.ps1} test example result | ||
|
|
||
| In this monitor, we use the "@powershell.exe -inputformat none" to specify that we are launching the following script through Powershell. In this scenario, we embedded a Powershell script in our template, viewable at the template root level. We also added arguments (test example result) which will be added to the output of the script ($args[0] $args[1] $args[2]). This functions exactly like it typically would for powershell scripts. | ||
|
|
||
| Sample output: | ||
| This is the output of my powershell script. My arguments specified | ||
| in the command line are test, example and result. | ||
|
|
||
| <strong>Command Line Monitor - Powershell Command Host File</strong> | ||
|
|
||
| Command run on host: | ||
| @powershell.exe -inputformat none %{FILE:samplepowershell.ps1} test example result | ||
|
|
||
| In this monitor, we use the "@powershell.exe -inputformat none" to specify that we are launching the following script through Powershell. In this scenario, we are using a Powershell script located on the host system. We also added arguments (test example result) which will be added to the output of the script ($args[0] $args[1] $args[2]). This functions exactly like it typically would for powershell scripts. | ||
|
|
||
| Sample output: | ||
| This is the output of my powershell script. My arguments specified | ||
| in the command line are test, example and result. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,21 @@ | ||
| <strong>Service Restart on Failure</strong> | ||
| ==================================================== | ||
| This template shows how to setup monitoring and an alert action in order to restart a service should it stop. In this scenario, we have a service monitor set to alert us should it go down, and we have a command monitor, which is set to only run manually. In our service monitor configuration, we configured an alarm action for when the service is "stopped", which will launch the command line monitor, prompting the service to start. | ||
|
|
||
| <strong>Windows Service Monitor - Service: SNMP Trap</strong> | ||
|
|
||
| In this monitor, we are simply selecting a service to monitor. We can set different status based on what should be the expected status of the service. We have then set an Alarm that will automatically launch our other monitor, attempting to restart the service. | ||
|
|
||
| Sample output: | ||
| Service Name: SNMPTRAP | ||
| Description: SNMP Trap; | ||
| State: Running (OK) | ||
| Account: NT AUTHORITY\LocalService | ||
| Exit Code: 0 | ||
|
|
||
| <strong>Command Line Monitor - Service Restart Command</strong> | ||
|
|
||
| Command run on host: | ||
| net start SNMPTRAP | ||
|
|
||
| In this monitor, we are simply launching the command that will start our problematic service. Important note here is that we set this command to only run manually (or in our case, when called as an alert action). This is to avoid the host to attempt to truncate the logs every two minutes (default collection interval). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.