squaredup / community.dataondemand.mp Goto Github PK

Kernel owned processes do not list pid information when running Netstat with process information (column is - or empty). This means the results cannot be parsed by VADA downstream.

See an example here:

https://community.squaredup.com/answers/question/linux-vada-not-running-on-rh67/

Since other tools may or may not be able to correctly detect the owning component, and those tools are not standard on all supported distributions, it may make sense to simply use an intentionally invalid PID and report the proc name as "Unknown" (as done on Windows).

This would also mitigate some of the issues with permissions some folks are seeing - although the netstat input would be incomplete and/or missing proc information, you would not be forced to run as root when using the task in many cases if all you want is inbound/outbound connections.

Create a task that allows you specify a comma-seperated list of IPAddress/names that should be resolved from the server (agent) perspective.

The task should ideally support .net 2.0 and above, return the hostname and IP address, and support the following return formats:

• csv
• json
• PowerShell list
• PowerShell table

The GetNetstatCsv Task provides valuable information on application dependencies (in particular, to VADA) but currently is only supported on windows platforms.

It would be great if this task were to be implemented supporting the same unix/linux platforms as SCOM itself (for reference, that list can be found here.

Ideally, the output format would be the same so that downstream tools can consume this data as they would with the existing windows version today.

Although the process description field is initialized to a string, if the FileProcessDescription property is null, later attempts to test the length or call methods on the process description will fail.

The netstat task is naively converting all ':' characters to ',' in an effort to split the Endpoint address and port number. This means:

1. IPv6 or IPv4 mapped addresses are no longer valid
2. The file is no longer a valid CSV, as it includes additional columns

Instead of using gsub() to cheat, the substrings should be extracted correctly using match() and substr().

Currently the json format is not supported on any windows hosts that do not have PowerShell version 3.0 or later, as Convertto-json is not available.

Since most modern operating systems are now PS v3 or later, the task description will be updated to state the json format is only available in those cases, as several other formats are supported and work fine on those platforms.

If the connection state column has been localized, Get-Netstat.ps1 returns no results as the filtering is based on the string "established" rather than any enumeration.

Windows PowerShell based tasks currently support a formatted table (via format-table) but do not support a formatted key:value output other than json.

Emitting data in a formatted list (ala Format-List) should be a viable configuration option.

I've created the needed files to allow a new on-demand task which, with it's default config, will list the 10 most recent Windows Updates that have been applied to the targeted Server. I'm not familiar with using GIT and I have no idea if I would even have rights to commit to the repo; so, i'm providing the files here so someone can include them into the MP.

Pete
GetWindowsUpdates.zip

The Get DNS Cache task depends on the Get-DNSClientCache PowerShell cmdlet, which itself depends upon WMI classes not available on Windows 2008 R2 and below.

This task could easily be replaced with an implementation that makes use of native windows commands (ipconfig /displaydns) which would allow for support across 2003/2008 systems.

When outputting CSV formatted data, all task scripts (other than Get-Netstat) emit the serialized type header prior to outputting the CSV data itself.

This is causing downstream tools issues when trying to parse the returned data.

As a simple fix, the -NoTypeInformation switch can be added to ConvertTo-CSV to prevent this information from being emitted.

Hi, is it possible simple way to receive specific KB number, for example:
if ($KB -ne "")
{
show KB number
}
else
{...}
Please :)

Create a task that allows you specify a comma-seperated list of IPAddress/names that should be resolved from the server (agent) perspective.

The task should ideally support all common SCOM supported distributions, return the hostname and IP address, and support the following return formats:

• csv
• json

The problem lies with the Microsoft.SystemCenter.WSManagement.Library!Microsoft.SystemCenter.WSManagement.Invoker ProbeAction type used in the workflow.
It doesn’t work in SCOM 2019!!

MicrosoftUnixShellCommandLibrary!Microsoft.Unix.Invoke.Script.ProbeAction must be used instead, with the GetNetstatCSV.sh script encoded Base64.

Also, there are problems with the script itself as netstat might return LOTS of ESTABLISHED TCP connections.
Some kind of limit or process filtering must be put in place at script level (via arguments), otherwise script will time out without returning anything.

A number of issues have been reported with Linux Netstat discovery:

1. Timeout of 60 seconds is slightly too short in some cases
2. CSV output does not correctly escape double quote characters at the start/end of the string
3. Encoding issues in management pack XML in some SCOM versions

Currently the netstat task on unix/linux includes the path to the binary if that was specified when the process was created.

This can often lead to a long string with superfluous information, which could probably be removed. If this information was specific in certain cases, it would probably be more appropriate to move this to the Name column, as the path is clearly forming part of the identifier.

The CPU Percent value returned by the task is based on a WMI perf counter that is capped at the value of 100. On multi-core systems where threads are being run across multiple cores, the time value will likely exceed 100. This can cause wildly inaccurate figures on systems that have a large number of cores.

To resolve this, we instead need to collect the CPU % for each thread in the process (via Win32_PerfFormattedData_PerfProc_Thread, ignoring any instances matching _Total) and sum them, dividing by the total number of logical cores.

In addition, many of the other properties are actually available on the System.Diagnostics.Process class - the only one that is not is the Creating process - this value could instead be queried from the WMI_Process class.

This might just be a personal preference, though I will leave this up to others.

For the PS scripts put the property being sorted at the front.

Current:
| Sort-Object -Property Name `
| Select-Object DisplayName, Status, Name

Proposed:
| Sort-Object -Property Name `
| Select-Object Name, Status, DisplayName

In my opinion this looks better when running an on demand task.
But I will let others decide.

Netstat data returned by both the Windows and Unix tasks can currently return strings of unlimited length for the Process Description field.

This should be limited to some sensible number, like 256 characters.