NetXMS Support Forum

Please add to the NXSL documentation on how to get array size.

For those wondering, it's size attribute:

array dataArray;
dataArray = %(1, 2, 3);
println dataArray->size;


Quote3

Also, can we get the old NetXMS Wiki pages on NXSL functions moved over to the new NXSL documentation? A number of functions are still missing documentation.

Making literal $ doesn't work for ExternalParameters in 3.6-300 it seems as per this other thread?

Unless there is some other way to run PowerShell commands?

nxagentd.conf portion:

ExternalParameter=Get-ScheduledTask(*):powershell.exe -NoProfile -Command "$$Parameter = \"$2\"; Write-Host (Get-ScheduledTask -TaskName \"$1\").$$Parameter"


nxagentd.log portion:

2020.12.16 18:38:36.287 *D* [comm.cs.5          ] Received message CMD_GET_PARAMETER (699)
2020.12.16 18:38:36.287 *D* [comm.cs.5          ] Requesting parameter "Get-ScheduledTask("Test Task", "State")"
2020.12.16 18:38:36.287 *D* [comm.cs.5          ] H_ExternalParameter called for "Get-ScheduledTask("Test Task", "State")" "Spowershell -NoProfile -Command "$Parameter = \"$2\"; Write-Host (Get-ScheduledTask -TaskName \"$1\").$Parameter""
2020.12.16 18:38:36.287 *D* [exec               ] RunExternal called for "Get-ScheduledTask("Test Task", "State")" "Spowershell -NoProfile -Command "$Parameter = \"$2\"; Write-Host (Get-ScheduledTask -TaskName \"$1\").$Parameter""
2020.12.16 18:38:36.287 *D* [exec               ] RunExternal: command line is "powershell -NoProfile -Command "Parameter = \"State\"; Write-Host (Get-ScheduledTask -TaskName \"Test Task\").Parameter""
2020.12.16 18:38:36.287 *D* [exec               ] RunExternal (shell exec): worker thread created


It would be useful to have additional agent tunnel node binding actions based on an attribute of a verified agent certificate (eg: Common Name, Subject, SAN, arbitrary OID etc. against node name, node IP etc.) such as "Bind tunnel to existing node using certificate" and "Bind tunnel to existing node or create new node".

With Windows Agents now able to access client certificates using the System Certificate Store (CAPI CNG), this would close the loop at the server and and allow for semi-or-fully automated TLS setups for NetXMS nodes, depending on user requirements.

One could use ADCS to make a NetXMS Agent Certificate Template that has an CA-decided attribute which allows for node matching, configure a GPO to enable certificate auto-enrolment using the Certificate Services Client on Windows devices to obtain said ADCS issued certificate. The NetXMS Agent certificate is presented to NetXMS server by the agent upon initial connection, the NetXMS server verifies it and, upon successful verification, matches the agent to a node utilising value(s) from the verified certificate, presented by the agent, either for existing nodes only or even automating node creation as well.

It would be important to consider certificate renewal scenarios though such as when new, but still verified and valid, certificates are presented by an agent to the server for a matching node that was already matched to the same agent but with an older certificate.

I need to write a NXShell script that sets the severity-based settings for the Propagation of status for interface objects as I'm unhappy with the defaults.

I'm assuming I have to use AbstractObject's statusPropagationMethod and maybe statusTransformation? Except they're read only? Any quick snippets on how to change each status to another status should be helpful.

I find that we always seem to be spend so much time trying to trying troubleshooting strange Status Calculation problems with nodes, trying to find the cause of incorrect statuses.
A nodes status can be influenced by children (interface etc.) and how they're setup to calculate and propagate status, status polling, Overridden Status DCI etc.

We really need an additional Tool in NetXMS Console which you can select a node and it gives us a tree/list of the things taken into account, and the result of each item, when calculating the status of a node to try to determine root causes of unexpected statuses.

According to the documentation, ReadPersistentStorage() is suppose to return null if key does not exist but it seems to be returning an empty string ("") for a recently deleted (This is all happening within EPP) Persistent Storage value.

Is this a bug?

We currently have a some EPP rules that are the same as the Delayed Action Example in the documentation but we wanted to do the same thing for the uptime alert as well. We want to cause a notification action to occur if a node goes back up after the downtime has been longer than N (the length of the downtime timer) but don't want to cause a notification action to occur if the node goes back up if the downtime has been shorter than N (the length of the downtime timer).

I'm assuming the best way to do this is to utilise the Persistent Storage functionality? Set a timestamp when it goes down and have another rule that deletes the stored value if it goes back up before N (through use of a filtering script) and another rule that executes a notification action if it goes back up after N (through use of a filtering script)?

Any advice on specifics would be helpful.

We have racks that have shelves of non-rackable equipment and we also have some half-U switches. It would be useful if the Rack visualisation could support multiple nodes to one rack position in some way, at least with the Status Indicators and hovertips.

It would also be useful if we could define our own passive element images.

In NXMC, once you Apply your changes to a Rack objects Passive Elements in the UI, you can no longer perform any changes until you close and reopen the Properties window for the Rack object.

It would be useful for Rack objects to support Map Appearance features like Containers and Nodes do.

What does the Root cause analysis script in the Alarm section of an Event Process Policy rule do? I assume it's for identifying root cause of an alarm, obviously, but I can't find documentation on the feature (what script should return) and the workflow of the feature.

I know SMTP authentication and it's transport (SSL/STARTTLS) has been spoken about for a while (1, 2) but what's the current status of this feature? Will it be implemented as another Notification Channel if at all?

I'm looking to evaluate the Agent Tunnels feature but I wanted to learn more about how it works.

• Will there be support in the future to configure TLS protocol and cipher suites etc. for hardening?
• I'm assuming it's utilising Mutual TLS for server and client authentication?
• How are the agent certificates generated? Are they self-signed then registered with NetXMS server? Is a CSR generated on agent, sent to NetXMS, signed by NetXMS (How?) and then signed certificate returned? If the latter, how is the NetXMS CA managed?
• How is NetXMS server certificate validated (on initial connection and subsequent ones) by agents? I'm assuming agent needs to trust the Issuing CA of the NetXMS server certificate? Does it use the platforms relevant certificate store or a Java certificate store or just a file?

I'm experimenting with logwatch parser configurations for Windows Event Logs, specifically with our ADFS farm:
<parser>
    <file>*AD FS/Admin</file>
    <macros>
    </macros>
    <rules>
<rule>
<match>.+?Error message: [ \r\n]+(.+?)-(.+) .+</match>
            <id>342</id>
<event param="2">100123</event>
        </rule>
    </rules>
</parser>

But it appears I'm blowing up EvtRender call, message too big?
2020.05.25 15:55:17.555 *I* [                   ] NetXMS Agent started
2020.05.25 15:55:24.773 *D* [                   ] PostEvent(): event_code=100123, event_name=(null), timestamp=1590386123, num_args=10, arg[0]="[email protected]", arg[1]="The", arg[2]="AD FS", arg[3]="342", arg[4]="1", arg[5]="11902", arg[6]="1", arg[7]="http://schemas.microsoft.com/ws/2006/05/identitymodel/tokens/UserName", arg[8]="[email protected] user name or password is incorrect", arg[9]="System.IdentityModel.Tokens.SecurityTokenValidationException: [email protected] ---> System.ComponentModel.Win32Exception: The user name or password is incorrect

   at Microsoft.IdentityServer.Tokens.LsaLogonUserHelper.GetLsaLogonUserHandle(SafeHGlobalHandle pLogonInfo, Int32 logonInfoSize, SafeCloseHandle& tokenHandle, SafeLsaReturnBufferHandle& profileHandle)

   at Microsoft.IdentityServer.Tokens.LsaLogonUserHelper.GetLsaLogonUserInfo(SafeHGlobalHandle pLogonInfo, Int32 logonInfoSize, DateTime& nextPasswordChange, DateTime& lastPasswordChange, String authenticationType, String issuerName)

   at Microsoft.IdentityServer.Tokens.LsaLogonUserHelper.GetLsaLogonUser(String domain, String username, String password, DateTime& nextPasswordChange, DateTime& lastPasswordChange, String issuerName)

   at Microsoft.IdentityServer.Service.LocalAccountStores.ActiveDirectory.ActiveDirectoryCpTrustStore.ValidateUser(IAuthenticationContext context)

   --- End of inner exception stack trace ---

   at Microsoft.IdentityServer.Service.LocalAccountStores.ActiveDirectory.ActiveDirectoryCpTrustStore.ValidateUser(IAuthenticationContext context)

   at Microsoft.IdentityServer.Service.Tokens.MsisLocalCpUserNameSecurityTokenHandler.ValidateTokenInternal(UsernameAuthenticationContext usernameAuthenticationContext, SecurityToken token)

   at Microsoft.IdentityServer.Service.Tokens.MsisLocalCpUserNameSecurityTokenHandler.ValidateToken(SecurityToken token)



System.ComponentModel.Win32Exception (0x80004005): The user name or password is incorrect

   at Microsoft.IdentityServer.Tokens.LsaLogonUserHelper.GetLsaLogonUserHandle(SafeHGlobalHandle pLogonInfo, Int32 logonInfoSize, SafeCloseHandle& tokenHandle, SafeLsaReturnBufferHandle& profileHandle)

   at Microsoft.IdentityServer.Tokens.LsaLogonUserHelper.GetLsaLogonUserInfo(SafeHGlobalHandle pLogonInfo, Int32 logonInfoSize, DateTime& nextPasswordChange, DateTime& lastPasswordChange, String authenticationType, String issuerName)

   at Microsoft.IdentityServer.Tokens.LsaLogonUserHelper.GetLsaLogonUser(String domain, String username, String password, DateTime& nextPasswordChange, DateTime& lastPasswordChange, String issuerName)

   at Microsoft.IdentityServer.Service.LocalAccountStores.ActiveDirectory.ActiveDirectoryCpTrustStore.ValidateUser(IAuthenticationContext context)"
2020.05.25 15:55:24.773 *D* [logwatch           ] ExtractVariables: Call to EvtRender failed: The data area passed to a system call is too small.


We have a number of offline nodes that show their status as normal, despite being completely offline. There is no DCI for Status, it's just a node with ICMP and SNMP enabled and has children interfaces generated by an old SNMP Configuration Poll.

What could be causing this?

Seeing as the NXMC option has been removed from the only Windows NetXMS install package available (the server one), can we please have a dedicated NXMC Windows install? Preferably MSI?
At the very least, can you please out put the file version metadata information on the nxmc.exe binary so those of us who use deployment tools to install and keep software up to date and write proper and correct rules. With just the ZIP file, it's a real pain to deploy NXMC.

It would be good to disable syslog retention without disabling the syslog receiver and the log parser. Housekeeping keeps killing our NetXMS database server.

It would be good if Event Processing Filtering Scripts, DCI Transformation Scripts etc. could be linked to scripts in the Script Library (not imported from Script Library, although that could be good too).
Not only would this allow for rapid reuse in a centralised manner, it would allow for easier change management if a script snippet is reused in many places. Currently, changing a calculation in a script snippet that's used by lots of DCI Transformation scripts across multiple objects would mean you have to go into each one and change it, if it was linked to a script in the Script Library, it would only need to be changed once.

Would be good to be able create Windows Performance Counter DCIs using NXSL CreateDCI.

Does anyone else on here use the syslog feature with InnoDB? We keep having catastrophic performance issues when using it in any production capacity. How do others deal with this?