Disclaimer: This content is no longer being maintained or updated. This content will be removed by 2025.

Setting up a PowerShell datasource in LogicMonitor is a similar process to other script datasources.

Active Discovery

If the PowerShell datasource is going to be multi-instance, active discovery can be used to automate the task. This can be done with a PowerShell script which returns outputs in the format mentioned above. Arguments can be used to pass host properties into scripts to pass credentials or specific host information into the script.

When you specify your PowerShell script for use with LogicMonitor, you should upload it to your account using the “Upload Script” button that will display when the script collector is selected, to ensure that the script is available on all collectors. Another thing to keep in mind when uploading, there is no version control, so new versions of scripts should be named differently. For example, PS-AD-00.ps1, PS-AD-01.ps1. Below is an example of the active discovery setup for a PowerShell script.

Note: When passing arguments, spaces are not supported in an argument. Arguments with a \, such as domain\user should have the \ escaped. e.g domain\\user. This may require a different property for the Active Discovery and Collection. These are due to be resolved in a future release.

Active Discovery

Collection

Collection is the same procedure as the Active Discovery setup. See a screenshot below for an example.

Note: Spaces are supported in arguments here. To allow for this put the argument in quotes. \ also do not need to be escaped like in Active Discovery

Collection

Datapoint Creation

If the script returns multiple values, I recommend outputting them in the format used in the example in the previous section. We can then use regex to pluck the values out.

If we used the output below  as an example we can use the following regex to return the data

match=(\d+)

updateSuccessfull=(\d+)

etc..

Datapoint Creation

Overview

PowerShell scripts can be integrated into LogicMonitor in order to monitor specific Windows stats which are unavailable from WMI or Perfmon.

Windows Setup

The most useful way to utilise PowerShell in LogicMonitor is by using remote PowerShell scripts. Some setup in Windows is required to allow this to happen.

STEP 1: Open a PowerShell window on each pc to be monitored and enter the following (note the * can be replaced with a collector ip):

Note: The monitored devices may need to be added to the collectors trustedhosts with the command on line 2

Enable-PSRemoting -Force
Set-Item wsman:\localhost\client\trustedhosts * -Force
Restart-Service WinRM -Force
winrm set winrm/config/winrs '@{MaxShellsPerUser="50"}'

STEP 2: Verify that remote Powershell is working and access is granted for a username and password which can be used in LogicMonitor. Open PowerShell on the machine the collector is running on and enter:

$hostname= (enter hostname here in quotes)
$pass= (enter password here in quotes)
$user= (enter username here in quotes)
$remotepass= ConvertTo-SecureString -String $pass -AsPlainText -Force
$remotecredential= new-object -typename System.Management.Automation.PSCredential -argumentlist $user, $remotepass
Invoke-Command -ComputerName $hostname -ScriptBlock {@(Get-Process -ea silentlycontinue "svchost").Count} -credential $remotecredential

Step 3: Once this is done the collector needs to be set to allow unrestricted Powershell scripts in the agent.conf file. For information on editing this file, see Editing the Collector Config Files.

# powershell execution policy, could be one of "Restricted, AllSigned, RemoteSigned, Unrestricted"
powershell.policy=Unrestricted

PowerShell Methods

When creating the script in PowerShell, you first need to define the credentials we’re going to use to connect, this can be done with the following.

# Pass credentials and hostname as arguments
param ([string] $hostname, [string] $user, [string] $pass)
# Change the password into a secure string to be used in the credentials
$remotepass= ConvertTo-SecureString -String $pass -AsPlainText -Force
# Build the credential
$UserCredential= new-object -typename System.Management.Automation.PSCredential -argumentlist $user,$remotepass

Once the credential is created this can be used to create a PowerShell session or invoke a command on a remote computer.
Invoke command can be used on its own if a single command needs to be executed, if more than one command needs to be executed or a specific application is being connected to (Exchange) a PowerShell session can be created which can be reused.

Here is an example of connecting to exchange using PowerShell (Kerberos Authentication requires the use of a fully qualified domain name) and gathering the database names and servers of exchange databases. We then close the session, as there are a limited number.

# Get credentials from arguments
param ([string] $fqdn, [string] $user, [string] $pass)
# Build credentials
$remotepass= ConvertTo-SecureString -String $pass -AsPlainText -Force
$UserCredential= new-object -typename System.Management.Automation.PSCredential -argumentlist $user,$remotepass
# Create and import the session, import only grabs a single cmdlet in order to speed the connection and execution time up.
$Session= New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https:// $fqdn /PowerShell/ -Authentication Kerberos -Credential $UserCredential
$importsession= Import-PSSession $Session -CommandName Get-MailboxDatabase -AllowClobber
#Create output which logicmonitor understands for instance names
$database= Get-MailboxDatabase -Status
for each ($database in $database){
Write-Host "$($database.Name)##$($database.Name)##$($database.Server)"
}
# Remove the PowerShell session
Remove-PSSession $Session

Another way to execute remote commands with PowerShell is by using the Invoke-Command cmdlet. Below is an example which is for active discovery in the Veeam Backups datasource (Veeam Commands need the Veeam PSsnapin)

If a session is created, the Invoke-Command can be used multiple times to run multiple commands.

# Get credentials from arguments
param ([string] $hostname, [string] $user, [string] $pass)
# Build Credential
$remotepass= ConvertTo-SecureString -String $pass -AsPlainText -Force
$remotecredential= new-object -typename System.Management.Automation.PSCredential -argumentlist $user,$remotepass
# Create Session
$Session= New-PSSession -ComputerName $hostname -Credential $remotecredential
# Invoke a command in the session created above and store the output in a variable for later processing. When using a Invoke-Command variables need to be passed, unlike Import-PSSession.
$jobs= Invoke-Command -Session $session -ScriptBlock {
Add-PSSnapin VeeamPSSnapin
Get-VBRJob -WarningAction silentlyContinue
}
# Create instance names from Veeam backup jobs
foreach ($jobs in $jobs){
$jobName= $jobs.Name
$jobDescription= $jobs.Description
Write-Host "$jobName##$jobName##$jobDescription"
}
# Remove the session
Remove-PSSession $Session

Invoke-Command doesn’t access global variables, they need to be passed within the command. See below for an example.

$jobs= Invoke-Command -Session $session -ScriptBlock {
@($wildvaluePassed= $args [0];
Add-PSSnapin VeeamPSSnapin
Get-VBRJob -WarningAction silentlyContinue |  Where-Object {$_.Name -eq $wildvaluePassed})
} -argumentlist $wildvalue

Active Discovery

Discovering instances in PowerShell can be an easy task. It usually consists of using a foreach loop to find each name in a PowerShell object and printing them in the format LogicMonitor can interpret.

$database= Get-MailboxDatabase -Status
foreach ($database in $database){
# Prints the instances in the format wildvalue##wildalias##description
Write-Host "$($database.Name)##$($database.Name)##$($database.Server)"
}

Collection

To collect the data for LogicMonitor we can utilise the use of the ##WILDVALUE## defined in Active Discovery to find the data for specific instances.

# Retrieve the WILDVALUE and credentials needed
param ([string] $fqdn, [string] $user, [string] $pass, [string] $wildvalue)
# Use the WILDVALUE to filter data in a powershell cmdlet$mailbox = Get-MailboxDatabaseCopyStatus | Where-Object {$_.Name -eq $wildvalue} | Select-Object Name,Status,CopyQueueLength,ReplayQueueLength,ContentIndexState

When you want to send data to logicmonitor the best method of achieving this is by using numerical values, this might mean converting boolean or states to integers, but this can be done with switches. A good way of pushing the data to LogicMonitor is following the format below. We can then use regex or key-value pairs as interpretation methods inside datapoints.

Write-Host "Result=$Result"
Write-Host "Working=$Working"
Write-Host "Completed=$Completed"
Write-Host "AvgSpeed=$AvgSpeed"
Write-Host "Duration=$DurationSeconds"
Write-Host "FinishedAgo=$FinishedAgo"
Write-Host "StartedAgo=$StartedAgo"