Add SNMP checks to MAXfocus automatically

MAXfocus includes more than 300 predefined SNMP checks you can use with your clients. But knowing which checks are valid in any particular case can be difficult. You also have to add each individual check one by one, something that can be a chore if you have many agents to configure. To help with our own monitoring of server hardware agents in particular I have made a powershell script that automates this task as much as possible.

Updated!

I have added 4 more parameters (-Name, -Debug, -Verbose and -logfile). I also had to add a whole host of debugging features to figure out why the script sometimes failed completely do to anything at all when launched as an Automated Task. It turns out that Powershell parameter validation should not be used with MAXfocus, as a script that fails parameter validation will never output anything to the dashboard.

SNMP Checks in MAXfocus Dashboard

SNMP Checks in MAXfocus Dashboard

The idea behind the script is to loop through all the predefined checks that LogicNow provides with a MAXfocus agent, test it against a target and keep any check that seem to provide a valid value. To be honest I am bit surprised at how well this works. To keep things as simple as possible I made the script scan localhost using public as community string by default. If a server has its hardware agent installed and enabled you will get a nice list of all available SNMP checks on the device where the script was run. You may instruct the script to add any checks found automatically.

If a host does not respond to SNMP or none of the predefined checks returns a valid reading the script does nothing. So there should be no harm in running the script on a host that does not have any SNMP agent installed.

The Challenge

Powershell has no built in support for SNMP so the primary challenge is to make a script able to make a SNMP query. I used this blog post by Simon Strutt to enable Invoke-SNMPget in my script. I have uploaded the necessary .dll to GitHub and download it directly from there. Please note that the script has to download and save this .dll on the device where the script runs to be able to perform any SNMP tests. This means that the script needs access to Internet and you must be comfortable with letting scripts download and access code downloaded from the Internet.

As I cannot make any guarantee as to the authenticity of this .dll I suggest that you download it, run it through VirusTotal.com or some similar services and then host your own version on a server you trust.

Parameters

The script accepts 9 parameters: -Target, -Name, -Community, -UDPport, -Apply , -ReportMode, -Verbose, -Debug and -logfile:

-Target

You can use a hostname, an ip address, a list of names or ip addresses. You may also try to scan an entire network:

  • -Target servername.domain.local
  • -Target server1, server2, server3
  • -Target 192.168.1.0/24

If you only wish to scan the host the script is running on you do not need to use -Target at all.

-Name

A friendly name to use in the check description in the MAXfocus dashboard. Must be a single string. Parameters containing whitespace cannot be passed to a script by MAXfocus.

  • -Name Main_Switch
  • -Name BackupStorageNAS

-Community <community name>[string] (default: “public”)

This is the SNMP community name or password that the script will use to use. Any SNMP capable device has a community name configured, most often it is public by default for read only access. If your devices use public you do not need this option at all.

  • -Community OurLittleSecret
  • -Community ACompletelyRandomString

-UDPport <portnumber>[int] (default: 161)

SNMP uses UDP port 161 by default. In most cases you will not need this option.

  • -UDPport 1610

-Apply

By default the script will return any available checks to the dashboard, but it will not make any changes to the agent configuration files. If you wish you may use -Apply with the script to make it write any valid checks to 247_Config.xml and restart the Advanced Monitoring Agent. The script tries to make sure any OID are only added once pr device scanned.

  • -Apply

-ReportMode <On|Off>[string] (default: “On”)

Use this option if you want the script to add a status of Failed to the dashboard if it finds a missing SNMP check. The script will report status as failed if it finds at least one predefined SNMP check missing on any of the hosts supplied by -Target. If you use -Apply any missing checks will still be added.

  • -ReportMode On
  • -ReportMode Off

-Verbose

This switch turns on verbose output from the script for debugging purposes.

  • -Verbose

-Debug

This switch makes use of the log file MAXfocus provides a script for logging. Detailed information is written to this file. You must access the server locally to look at the log file.

  • -Debug

-logfile (DO NOT USE!)

Any script launched by MAXfocus will be passed a name of a log file a script is allowed to use. This parameter must NOT be used by a user, as that would cause the parameter to be used twice. The launching of a script would then fail. The parameter is included here because you will find it in the code.

  • This parameter is for system use only

MAXfocus_SNMP_Checks.ps1

I have posted this script on GitHub. You can download a copy there.

20 Comments

  1. Hi!

    When I try to run the script for MAXFOCUS RM i get this message :

    Result:
    Nothing to do.

    I have downloaded the powershell folder from Github, put the folder SNMP in D drive with the dll file in a undermap called lib.
    I have run the command $env:Path += “;D:\SNMP” and $env:Path += “;D:\SNMP\lib”.
    Then I added the script for my MAXFocus console and -Target HYPERV01 to the command line.

    Is there something else I have to do to make it work?

    – Mathias

    Like

    Reply

  2. Hi! Sorry for the late reply! I posted a reply days ago, or so I thought, but I must have dreamt it.

    I have answered your comment on Linkedin, at least, so I hope you are making progress. I would just like to add that you do not have to prepare the host in any way for this script do run successfully. All you need to do is add it to MAX and run it as a task or check. You do not have to manually download the .dll file. The script will create a lib folder in the scripts directory and download the .dll automatically. You only have to make sure your Windows server has the proper hardware management agent for your hardware. When your management agent reports hardware information correctly SNMP will usually work.

    The other thing to double check is that you have enabled community ‘public’. If you are using the wrong community name the SNMP service will not respond to any requests at all, just as if SNMP did not run.

    Hope this helps!

    For reference: This was my reply at Linkedin:
    Hi! If you are using the latest script version you should try to add -Verbose parameter to your check or task. You will get more detailed output telling you what the script has tried to do and (hopefully) why it hasn’t found any valid checks.

    BTW, running powershell scripts through MAX does not require modifying the ExecutionPolicy anymore. You only need that for running the script manually on the host. Which is another, very effective way of figuring out what is missing. Open a powershell terminal on the host, navigate to %Programfiles(x86)%\Advanced Monitoring Agent\Scripts. The script name is specific to you, but it should be all numbers ending in .ps1. You may have to open each .ps1 file to find the one you want. Run it like this: \12345.ps1 -Verbose if you only want to scan localhost.

    Like

    Reply

  3. Thank you so much for this script it is great. However I am having issues with the -target parameter. When adding -target 192.168.1.0/24 I get this error: Method invocation failed because [System.Object[]] doesn’t contain a method named ‘split’.

    Like

    Reply

  4. OK, thats the first version of Powershell v2, probably 2008 server (not R2). I treated a single item array as a string. Turns out that does not work on 2008 server. I uploaded a fixed version to GitHub.

    Like

    Reply

  5. The script reports back with the following error: ERROR: Script failed on item:
    Exception calling “.ctor” with “1” argument(s): “Could not load file or assembly ‘System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089’ or one of its dependencies. The system cannot find the file specified.”

    Like

    Reply

    1. It looks like the script cannot activate the .dll file. It is supposed to be downloaded to a subdirectory where the agent is installed, typically c:\\Program Files (x86)\\Advanced Monitoring Agent\\scripts\\lib. If the .dll is not there you may either download the .dll manually or run the script as Administrator. BTW, this should only be a problem if you run the script interactively. If you run it as an Automated task from the Dashboard something else may be wrong.

      Like

      Reply

      1. Hi Hugo, thanks for your reply!

        I’ve already tackled the problem by running the script in PowerShell ISE. By running the script in here, and not in the default PowerShell, i immediately received the wanted response.

        kind regards,

        Lars Pape

        Liked by 1 person

  6. Hi,

    I have been using this wonderful script for over a year now with great results until today. For some reason I cannot get it to run on two servers. I get the following error.

    Result:
    ERROR: Script failed on item:
    Constructor not found. Cannot find an appropriate constructor for type Lextm.SharpSnmpLib.ObjectIdentifier.

    Not sure how to resolve this.

    Thanks

    Like

    Reply

  7. This script was a godsend, however we’ve had mixed results since agent 10. Either it corrupts the ini so bad that the advanced monitoring service won’t start, or the SNMP names are all blank in the dashboard and need to be manually edited/updated.

    Hugo – are you still using this product and have interested in updating the script?

    Like

    Reply

  8. Hello and thank you for a great script! It for sure rocks my world! 😉
    It works for me 99% of the time but I have a problem with (I think) new HP Gen 9 servers.
    Or more likely when running the Max focus agent on Windows server 2016 when I think of it!
    After adding the script to Max Focus and adressing the iLo on a HP server it runs the script but in the end it sais “nothing to do” and it does not add any snmp checks at all. (se the logfile below)
    FYI the .2 adress is the ip adress of the HP iLo and the .80 address is a Qnap Nas.
    The thing is if you add the snmp checks individually it is working.
    Do you have any tips what could be the cause of this?

    Logfile………………..
    VERBOSE: Hostname: KLABSRV
    VERBOSE: PowerShell PSVersion: 5.1.14393.693
    VERBOSE: PowerShell CLRVersion: 4.0.30319.42000
    VERBOSE: PowerShell BuildVersion: 10.0.14393.693
    VERBOSE: Using public as value for Community string.
    VERBOSE: Number of Targets: 2
    VERBOSE: Target 1: 192.168.70.2
    VERBOSE: Target 2: 192.168.70.80
    VERBOSE: Using 161 for -UDPport.
    VERBOSE: Report Mode is ON
    VERBOSE: Using True as value for -ReportMode.
    VERBOSE: Locating Advanced Monitoring service and setting up variables.
    VERBOSE: Current Target is an IP address: 192.168.70.2
    VERBOSE: Using 192.168.70.2 as IP address of current SNMPhost
    VERBOSE: Trying to read value of “System” on 192.168.70.2.
    VERBOSE: Host 192.168.70.2 responded to SNMP. Testing presets.
    VERBOSE: Looping through all presets. Use -Debug for full details.
    VERBOSE: Current Target is an IP address: 192.168.70.80
    VERBOSE: Using 192.168.70.80 as IP address of current SNMPhost
    VERBOSE: Trying to read value of “System” on 192.168.70.80.
    VERBOSE: Host 192.168.70.80 responded to SNMP. Testing presets.
    VERBOSE: Looping through all presets. Use -Debug for full details.
    Nothing to do.

    /Per

    Like

    Reply

    1. Hi Per, sorry about the late reply.
      Right or wrong; the script hasn’t found any OIDs that your IP addresses respond to that haven’t already been added as checks. Three things I can think of that may cause this even if the script doesn’t throw any errors:
      1. The snmp_sys.xml file is not present in the agent directory or the file is empty (contains all the default IOD definitions provided by MAXfocus/Solarwinds MSP
      2. The SharpSnmpLib.dll version that I use does not work correctly on server 2016 (although I would have expected an error if it didn’t)
      3. All the default IODs has already been added to the 247_config.xml, but the agent does not or will not read them.

      The last option you will have to check for manually. Just open the 247_config.xml in a text editor and look for SNMP checks. The agent architecture has moved along since I wrote this script, so just writing new checks directly to the config file and restart the agent may no longer be a reliable method of configuring the agent.

      Like

      Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s