NetXMS Support Forum

Good Evening!

Could you please clarify if the time filter option in EPP is using the Server time, or the local agent time? 

Please also note there appears to be a typo as of version 4.5.2 in the condition -> Events window. Inverse rule (as spelled on the other condition windows ) appears to be spelled "Invertse". I haven't seen this spelling on any of the other windows.

Thanks,
Chris

Hello NetXMS Team,

I'm not sure if it's too late, but I was hoping to give some suggestions for V5.0 Syntax changes with regards to 

https://track.radensolutions.com/issue/NX-2343

String Concatenation - Feature Request
I would suggest changing concatenation to "+" instead of ".." if possible. This is how Python concatenates strings and I think it would lead to less problems with the change to the way accessing attributes and methods looks like it's going to change. A check for data type could be run and if the type is a string the "+" would concatenate, and if the type is a number, it would perform the addition function.


I like using "." instead of "->" for attributes and methods as it feels more like Python to me. ( I like python if you can't tell.) 

Questions
Will there be a transition period to give time for us to migrate existing scripts and filters to the new syntax? 
For example, with string concatenation, adding either the ".." or "+" as the preferred and documented way of performing string concatenation. 

Feature Requests

• Add a warning to the compile function letting people know they have code that will be broken in future releases that needs to be updated.
• Add a warning popup on client startup that lets us know we have code that will be broken in future releases.
• Add a tool to the Tools tab that will check each script for deprecated code and provide a list of scripts and where they are located. For Example: "EPP Rule #21 has one or more deprecated method calls in Filtering Script"

Hello,
Through extensive setup and testing, I have been able to implement an integration with OpsGenie using NetXMS server actions and the OpsGenie API. This is a one-way integration currently and I may work on a two-way integration in the future.

Key Components:

• OpsGenie API
• Custom Scripts in Script Library
• Event Processing Policy Rules

The most basic functionality using this would be to create an OpsGenie alert when a node is down. This guide will walk you through setting up functionality to create, acknowledge, and close OpsGenie alerts from inside the NetXMS client. I won't go through the steps necessary to set up and opsgenie API integration but the link to the official guide for that will be posted below.

OpsGenie API Setup
You can obtain an API key by following the instructions here:  https://support.atlassian.com/opsgenie/docs/create-a-default-api-integration/
Additional API Docs can be found here: https://docs.opsgenie.com/docs/alert-api

Create Alert
To create an alert in OpsGenie we will need to set up an event processing policy that will call a server action.

Server Action:
Name: OpsGenie Create Alert
Type: Execute command on management server
Options: None
C:\\Windows\\System32\\curl.exe -v -X POST https://api.opsgenie.com/v2/alerts -H "Content-Type: application/json" -H "Authorization: GenieKey XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" -d "{ \\"message\\": \\"%Z - %m - %n\\", \\"alias\\": \\"%N%g\\", \\"description\\":\\"Ip Address: %a \\n \\n GUID: %g \\n \\n Severity: %S \\n \\n Event Name: %N \\n Event Source Object Name: %n \\n Time: %t \\n Zone Name: %Z\\", \\"entity\\":\\"%n\\", \\"priority\\":\\"%[ConvertSeverity]\\" }"
Important Notes:
·        Message will be the title of the OpsGenie Alert. In this example we have the Zone, the Event Name, and the Object Name for easy identification when receiving mobile alerts.
·        You MUST use \\ to escape the characters in the message or the request will not submit properly.
·        To be able to acknowledge and close OpsGenie alerts from inside NetXMS, you MUST use an alias that can be referenced. We will use %N%g for our alias. This will give us a unique Alias of EventName+GUID of the source object.
·        In multi-tenant MSP scenarios you can set "Zone Name: %Z" inside the command in order to route the alerts to the appropriate OpsGenie teams.
Macros used:
    ·        %n - Name of event source object. Name of interface when interface name is generated using macros.
    ·        %Z - Zone name of event source object.
    ·        %t - Event's timestamp is a form day-month-year hour:minute:second.
    ·        %g - Globally unique identifier (GUID) of event source object.
    ·        %N - Event's name.
    ·        %a - IP address of event source object.
    ·        %S - Event's severity code as text.

You can use additional macros for event processing: https://www.netxms.org/documentation/adminguide/event-processing.html#macros-for-event-processing

Custom Scripts:
This script is necessary because the severity codes for NetXMS are the opposite of OpsGenie. You can create this script in the script library.

Script ( ConvertSeverity )

sub main()
{
 prioritylevel = "P5";
   switch($event->severity)
   {
   case 0:
        prioritylevel = "P5";
        break;
   case 1:
        prioritylevel = "P4";
        break;
   case 2:
        prioritylevel = "P3";
        break;
   case 3:
        prioritylevel = "P2";
        break;
   case 4:
        prioritylevel = "P1";
        break;
   };
   return prioritylevel;
}



Good Morning/Evening, 

I just wanted to reach out and make sure we don't need to worry about the recently disclosed libcurl vulnerability CVE-2023-38545. This is a buffer overflow vulnerability in the socks5h proxy. The vulnerability has been patched in libcurl 8.4.0

Affected libcurl versions: 7.69.0 through 8.3.0

Can we get an updated grafana plugin that accepts dashboard variables? The current plugin is set to be deprecated for grafana cloud and grafana 11 users soon as grafana is no longer using angular in favor of react.

https://github.com/netxms/grafana/issues/24

https://grafana.com/docs/grafana/latest/developers/angular_deprecation/#why-are-we-deprecating-angular-support

https://grafana.com/docs/grafana/latest/developers/angular_deprecation/angular-plugins/#netxmshttpsgrafanacomgrafanapluginsradensolutions-netxms-datasource

According to Grafana:
"For data source plugins the query editor and config options will likely need a total rewrite."

Is there any development currently happening on the Grafana plugin? I checked github and noticed an issue was posted that AngularJS has been deprecated by Grafana in favor of React. 

https://github.com/netxms/grafana/issues/24

https://grafana.com/docs/grafana/latest/developers/angular_deprecation/#why-are-we-deprecating-angular-support

https://grafana.com/docs/grafana/latest/developers/angular_deprecation/angular-plugins/#netxmshttpsgrafanacomgrafanapluginsradensolutions-netxms-datasource

According to Grafana:
"For data source plugins the query editor and config options will likely need a total rewrite."

I was able to get the external alerting to work with OpsGenie finally and I think I discovered a bug in the Alarm generation.

I am using the following code inside HOOK:AlarmStateChange 

sub main()
{
    eventserver = FindNodeObject($node, 100);
    global alarmstate = $alarm->state;
    global eventname = $alarm->eventName;
    global sourceobj = FindObject($alarm->sourceObject);
    global nameobj = sourceobj->guid;   
   
    trace(0, "Alarm State" . alarmstate . " Alarm:" . eventname . nameobj);
    switch(alarmstate)   
    {
/* Alarm State is Outstanding */
        case "0":
            break;
/* Alarm State is Acknowledged */
        case "1":
            PostEvent(eventserver, "Xms_Alarm_Ack","ACKALARM", eventname . nameobj);
            break;
/* Alarm State is Resolved */
        case "2":
            PostEvent(eventserver, "Xms_Alarm_Resolve","RSLVALARM", eventname . nameobj);
            break;
/* Alarm State is Sticky Acknowledged */
        case "17":
            PostEvent(eventserver, "Xms_Alarm_StickyAck","SACKALARM", eventname . nameobj);
            break;       
    }
}
I originally had code for state 3 ( terminated ). This is where the bug seems to occur.
When the Alarm is created HOOK:AlarmStateChange runs. This is not a big deal as that allows us to call scripts when an event is created as it should have a state of 0. I noticed via the trace() function that some of the alarms were being created with a state of 3 instead of a state of 0.

Currently we have an EPP that uses a server action to send a CURL request to the OpsGenie API for alert generation. We have Opsgenie integrated directly with Teams, and Jira for ticket management. I would be happy to post a guide on how to do this if anybody else wants to know how we implemented it.

The code for state 3 ( terminated ) created an event "Xms_Alarm_Term". This event would be processed by the EPP and use a server action to send a CURL request to OpsGenie to close the alert. The practical implications of the alarm being created with a state of 3 is that the alert is created in OpsGenie and Closed in Opsgenie at exactly the same moment.

I suspect the problem is in alarm.cpp -> Copy constructor.

https://github.com/netxms/netxms/blob/master/src/server/core/alarm.cpp#L378

I could be wrong, but it appears that code is part of the alarm constructor that duplicates alarms if the event occurs again. I believe the reason this happens is the line (378 )
m_state = src->m_state;
That code appears to set the new alarm state as the state of the source alarm. This is only an issue if the source alarm is terminated as it creates a new copy of the alarm with a state of 3.

I could very well be wrong about this, but it makes sense in my head.

I'm trying to build a series of scripts that send curl requests via command line to an external API. I've gone through the Docs multiple times but I haven't been able to find any documentation on how to use NSXL to send a curl command. I was able to get it to work under Actions Configuration, but I need this to occur during Hook::AlarmStateChange. 

For Curl to work via Actions I had to specify C:\\Windows\\System32\\curl.exe

Is it possible to call this using NSXL?
If it is not possible, should we be calling the server action instead?