Support Center Home


GCP Device Groups

Overview

You can use LogicMonitor’s REST API to manage Google Cloud Platform (GCP) groups. GCP groups are device groups with a few key differences. This document covers the differences, as well as how to add and update GCP groups.

URI: /device/groups

GCP Group Differentiators

GCP Specific groupType

GCP groups have a special groupType value. Specifically, normal and dynamic groups will have a groupType value of Normal, while GCP device groups will have a value of GCP/SERVICE, where SERVICE is the GCP service the group was created for (for example, ComputeEngine, CloudSQL, AppEngine, and so on). The GCP account level group will have a groupType value of GCP/GcpRoot.

GCP Specific Fields

The gcpRegionsInfo, gcpTestResult, and gcpTestResultCode are all read-only fields specific to GCP groups. More importantly, GCP group specific information such as GCP account credentials and GCP service/region configurations, are included in the “extra” object in the device group JSON.

Specifically the extra object includes the following information:

Property Description Type Example
default The default service settings configured for the GCP group. This should include selectAll (can be used to select all regions for monitoring), monitoringRegions (can be used to select specific regions for monitoring), deadOperation (MANUALLY | KEEP_7_DAYS | KEEP_14_DAYS | KEEP_30_DAYS | IMMEDIATELY), useDefault (not applicable to default object), nameFilter (not applicable to default object), tags (used to specify tag filters), disableTerminatedHostAlerting JSON Array “default”: {“useDefault”: true, “selectAll”: false, “monitoringRegions”: [“us-west1″,”us-east1″,”us-central1″,”us-east4″,”northamerica-northeast1″,”southamerica-east1″,”europe-west1″,”europe-west2″,”europe-west3″,”europe-west4″,”asia-northeast1″,”asia-east1″,”asia-south1″,”asia-southeast1″,”australia-southeast1”], “tags”: [], “nameFilter”: [], “deadOperation”: “KEEP_7_DAYS”, “disableTerminatedHostAlerting”: true}
services The service settings for the GCP group. This should include selectAll (can be used to select all regions for monitoring), monitoringRegions (can be used to select specific regions for monitoring), deadOperation (MANUALLY | KEEP_7_DAYS | KEEP_14_DAYS | KEEP_30_DAYS | IMMEDIATELY), useDefault (whether or not default settings should be applied), nameFilter, tags (used to specify tag filters), disableTerminatedHostAlerting, deviceDisplayNameTemplate, normalCollectorConfig JSON Array “COMPUTEENGINE”: {“useDefault”: false, “selectAll”: false, “monitoringRegions”:[“us-west1″,”us-east1″,”us-central1″,”us-east4″,”northamerica-northeast1″,”southamerica-east1″,”europe-west1″,”europe-west2″,”europe-west3″,”europe-west4″,”asia-northeast1″,”asia-east1″,”asia-south1″,”asia-southeast1″,”australia-southeast1”], “tags”: [], “nameFilter”: [], “deadOperation”: “KEEP_7_DAYS”, “disableTerminatedHostAlerting”: true, “deviceDisplayNameTemplate”: “”, “normalCollectorConfig”: {“enable”: false, “collectors”: []}}
account The account level information for the GCP group. JSON Array “account”: {“projectId”: “development-198123”, “collectorId”: -2, “schedule”: “0 * * * *”, “serviceAccountKey”: { “type”: “service_account”, “project_id”: “development-198123”, “private_key_id”: “**********”, “private_key”: “**********”, “client_email”: “[email protected]”, “client_id”: “107550067926283000448”, “auth_uri”: “https://accounts.google.com/o/oauth2/auth”, “token_uri”: “https://oauth2.googleapis.com/token”, “Auth_provider_x509_cert_url”: “https://www.googleapis.com/oauth2/v1/certs”, “Client_x509_cert_url”: “https://www.googleapis.com/robot/v1/metadata/x509/youremail%40development-198123.iam.gserviceaccount.com”}}

Adding a GCP Group

To authenticate API requests, LogicMonitor requires a GCP service account key and the cloud API of each service you wish to monitor to be enabled. For more information on creating the correct service account key and enabling your GCP APIs, follow the steps provided in Adding your GCP environment into LogicMonitor. After a service key has been created and the cloud APIs have been enabled, you will need to make a POST request to the /device/groups resource to add your GCP account into LogicMonitor.

Example: Post New GCP Group

The following Python script request adds a GCP group named “LM GCP” with the following parameters:

  • The default service settings section only has two regions selected (us-west1 and us-east1) and resources are not set to be automatically deleted.
  • The App Engine, Compute Engine, and Cloud SQL services are selected for monitoring, where Cloud SQL has a tag filter applied, two regions selected, and resources are set to be automatically deleted after seven days.
  • The Auto Discovery frequency for the account is not set and will default to every hour.
  • Additionally, a property named “customer” is added to the group and set to the value “customerA”.
#!/bin/env python

import requests
import json
import hashlib
import base64
import time
import hmac

#Account Info
AccessId ='48v2wRzfK94y53sq5EuF'
AccessKey ='H_D9i(f5~B^U36^K6i42=^nS~e75gy382Bf6{)P+'
Company = 'api'

#Request Info
httpVerb ='POST'
resourcePath = '/device/groups'
queryParams =''
data = '{"parentId": "1", "name": "LM GCP", "description": "awesome google cloud group", "customProperties": [{"name": "customer", "value":"customerA"}], "groupType": "GCP/GcpRoot", "extra": {"account": {"projectId": "development-198123", "collectorId": -2, "schedule": "0 * * * *", "serviceAccountKey": { "type": "service_account", "project_id": "development-198123", "private_key_id": "**********", "private_key": "**********", "client_email": "[email protected]", "client_id": "107550067926283000448", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://oauth2.googleapis.com/token", "Auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "Client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/youremail%40development-198123.iam.gserviceaccount.com"}}, "default": {"useDefault": true, "selectAll": false, "monitoringRegions": ["us-west1", "us-east1"], "tags": [], "nameFilter": [], "deadOperation": "KEEP_7_DAYS", "disableTerminatedHostAlerting": true}, "services": {"APPENGINE": {"useDefault": true, "selectAll": false, "monitoringRegions": [], "tags": [], "nameFilter": [], "deadOperation": "KEEP_7_DAYS", "disableTerminatedHostAlerting": true}, "COMPUTEENGINE": {"useDefault": false, "selectAll": false, "monitoringRegions": ["us-east1"], "tags": [], "nameFilter": [], "deadOperation": "KEEP_7_DAYS", "disableTerminatedHostAlerting": true, "deviceDisplayNameTemplate": "", "customNSPSchedule": "", "normalCollectorConfig": {"enable": false, "collectors": []}}, "CLOUDSQL": {"useDefault": false, "selectAll": false, "monitoringRegions": ["us-east1", "us-west1"], "tags": [{"name": "system.gcp.tag.foo", "operation": "include", "value": "bar"}], "nameFilter": [], "deadOperation": "KEEP_7_DAYS", "disableTerminatedHostAlerting": true}}}}'

#Construct URL 
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath + queryParams

#Get current time in milliseconds
epoch = str(int(time.time() * 1000))

#Concatenate Request details
requestVars = httpVerb + epoch + data + resourcePath

#Construct signature
hmac1 =  hmac.new(AccessKey.encode(),msg=requestVars.encode(),digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(hmac1.encode())

#Construct headers
auth = 'LMv1 ' + AccessId + ':' + signature.decode() + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth}

#Make request
response = requests.post(url, data=data, headers=headers)

#Print status and body of response
print('Response Status:',response.status_code)
print('Response Body:',response.content)
Python

Updating a GCP Group

If you’re updating a GCP group, we recommend first making a GET request to get the group JSON, parsing the output, replacing the desired values, and then using PUT to update the resource.

Example: Update GCP Group

The following Python script makes a GET request to get device group 39 (which happens to be the GCP root group), parses out the response, replaces the assigned Collector, adds the configuration object, and then makes a PUT request to update the group 39. Use your account information and your GCP accounts device group to update your GCP group.

#!/bin/env python

import requests
import json
import hashlib
import base64
import time
import hmac

#Account Info
AccessId ='48v2wRzfK94y53sq5EuF'
AccessKey ='H_D9i(f5~B^U36^K6i42=^nS~e75gy382Bf6{)P+'
Company = 'api'

#Request Info
httpVerb ='GET'
resourcePath = '/device/groups/39'

#Construct URL 
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath 

#Get current time in milliseconds
epoch = str(int(time.time() * 1000))

#Concatenate Request details
requestVars = httpVerb + epoch + resourcePath

#Construct signature
hmac1 =  hmac.new(AccessKey.encode(),msg=requestVars.encode(),digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(hmac1.encode())

#Construct headers
auth = 'LMv1 ' + AccessId + ':' + signature.decode() + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth}

#Make request
response = requests.get(url, headers=headers)

#Parse response
jsonResponse = json.loads(response.content)

#Change Collector Id and add configuration object
group = jsonResponse['data']
group['extra']['account']['collectorId'] = 218

#PUT Request Info
httpVerb ='PUT'
resourcePath = '/device/groups/39'
queryParams =''
data = str(json.dumps(group))

#Construct URL 
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath +queryParams

#Get current time in milliseconds
epoch = str(int(time.time() * 1000))

#Concatenate Request details
requestVars = httpVerb + epoch + data + resourcePath

#Construct signature
hmac1 =  hmac.new(AccessKey.encode(),msg=requestVars.encode(),digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(hmac1.encode())

#Construct headers
auth = 'LMv1 ' + AccessId + ':' + signature.decode() + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth}

#Make request
putResponse = requests.put(url, data=data, headers=headers)

#Print status and body of response
print('Response Status:',response.status_code)
print('Response Body:',response.content)
Python

In This Article