Hi @minntech ,
I’ll share how I accomplished this. I rarely use python as well so I’m sure there might be a better way, but this worked for me
The first thing I do, is wrap my powershell script code in python and have python create and execute the script when the procedure/monitor runs on the endpoint.
Here is a small example of the python code that executes a powershell script. I’ll break it down a little below and highlight the important parts
sys.stderr.write("%d%d%d" % (arg, arg, arg))
# Please use "alert(1)" to turn on the monitor(trigger an alert)
# Please use "alert(0)" to turn off the monitor(disable an alert)
# Please do not change above block and write your script below
#####Powershell Code Starts Here
Sample function that outputs a value to trigger iTarian RMM monitors
if ($Monitored_Condition -eq 'Problem')
Invoke-iTarianAlert -Monitored_Condition "Problem"
#####Powershell Code Ends Here
print ("Executing Powershell Script")
alertactive = "alert(1)"
alertinactive = "alert(0)"
from subprocess import PIPE, Popen
_disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection
_revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection
self.old_value = ctypes.c_long()
self.success = self._disable(ctypes.byref(self.old_value))
def __exit__(self, type, value, traceback):
obj = Popen(command, shell = True, stdout = PIPE, stderr = PIPE)
out, err = obj.communicate()
if alertactive in out.strip():
print "!!Trigger value detected, raise the alarm!!"
print "Trigger value not detected, return to your duties"
with open(file_path, 'wb') as wr:
ecmd('powershell "Set-ExecutionPolicy RemoteSigned"')
print ecmd('powershell "%s"'%file_path)
- Your Powershell script code is placed inbetween the quotes of ps_content
#Powershell script code goes here
<li>Python prints an optional message (I like for verbose logging reasons) then sets 1 variable "alertactive"
<li>"Alertactive" contains the value that python will compare to powershells output after its executed
print (“Executing Powershell Script”)
alertactive = “alert(1)”
<li>Then this python code is what compares the powershell output to "alertactive" and then triggers or doesnt trigger the alert
if alertactive in out.strip():
print “!!Trigger value detected, raise the alarm!!”
print “Trigger value not detected, return to your duties”
<li>Its checking if the value of "alertactive" is contained within out.strip() where "out" is the variable that holds all the values/data the powershell script output when it was executed
<li>In our example powershell script, when the script runs, if the $monitor_condition equals "Problem", the powershell script outputs a value of "alert(1)"
<li>So when python checks if powershells output ("out") contains the value of "alertactive" (which we previously set as "alert(1)") it matches in this case so python executes "alert(1)" directly which triggers the RMM alert
<li>It also prints a message that we found an alert trigger. Printed messages are similiar to write-host in powershell and these should show up in procedure logs and alert email messages
</ul> (NOTE: i've seen a varying degree of success with alert emails showing the output. Not sure if a bug. Most of the time it does. Its always shown within the logs for me at least)
<li>If powershells output does NOT match "alertactive" (else) then python executes "alert(0)" which tells RMM there is no alert.
<li>"Return out.strip()" tells python to output the output of powershell. So if you have verbose messages in powershell this will allow them to show up in procedure logs and alert emails
The rest of the python code should be fairly straight forward, it takes the ps_content and creates the powershell script (in temp directory), executes the script, then lastly removes the temporary powershell script
I hope that this might help you a little. Again, I'm sure there is a much easier way to do this, but this has worked consistently for me, since I pretty much only use powershell scripts