SCOM 2012 to Nagios connector

Introduction

Hello all!

I’ve been working on an exciting new project recently, well it’s exciting if you happen to use both SCOM and Nagios and you wish you only had to look at one of those two things. Specifically if that one thing you wanted to look at was Nagios… if you wanted to do it the other way around I won’t hold it against you… much.

Before I launch into specifically what it is I’ve been tinkering with, a disclaimer: THIS IS NOT DONE YET AND CONTAINS BIG HAIRY BUGS, THE KIND OF BUGS THAT MAKE WEIRD NOISES AND PREVENT YOU SLEEPING AT NIGHT. Ordinarily I wait until I’ve ironed all of these kind of bugs out before letting my code loose on the world but time has been a luxury resource lately and I’m not sure when I’m going to get an opportunity to finish this little project properly so I figured I’d let it out of the cage early in case any one else wanted to contribute.

So what is it?

I’ve created a powershell script that will take SCOM 2012 alerts and forward them to Nagios, big deal right? The *cool* part (or as cool as operations management can be) is that you are able to use a JSON driven language to control the flow of the integration. You can use it to dynamically map any SCOM alert to any Nagios service.

Want everything of a specific class to go to a specific service on the related SCOM host? Sure. Want to exclude a specific host or specific text from that mapping? No problem. Want to override the state of an alert from Critical to Warning? That’s fine too. The catch for all this is that you need to know how to use the SCOM powershell commandlets so that you can configure the JSON mapping file, as it does rely on you being able to tell it which attribute it needs to operate on.

How does it work?

The connector consists of three major components, the first is the script itself which does all the heavy lifting and will scan the list of New SCOM alerts every time it runs and interpret them. The second is the JSON mapping file that tells the script how it should deal with the alerts it finds. The last component is the tracking file, the tracking file is used so that the connector is able to keep track of what it sent to Nagios and when it sent it so that it can appropriately stagger updates.

The connector script will be configured as a scheduled task on the Operations Manager servers (it will only run on the server with the RMS emulator role). once it runs it will scan the New alerts in SCOM and for each alert it will look for a “valid” entry in the tracking file, if it can’t find one it will find a matching “pattern” in the JSON mapping file. You can use And, Or, Not statements to control the logical flow of how these patterns interact. Once it has determined where to send the alert, it will forward it to Nagios via NRDP and write an entry in the tracking file.

There are some other components such as the main configuration file and the logging stuff but they are all pretty standard stuff.

What’s the catch?

Apart from the fact it doesn’t quite work 100% right yet (though for simple set-ups it is trustworthy) there are a few other issues that mostly stem from the insufficient amount of time I’ve had to work on it. When configuring the JSON map you can currently only assign one “and, or, not” on each layer, this is because the logical operators are currently used as headings, so any attempt to duplicate them will cause them to be merged when they are imported. I have a longer term plan for making that much more extensible but I needed a solution quickly so this was a trade off I was willing to make in the short term.

There is also an insufficient amount of options for dealing with hostname translation, SCOM tends to stick the hostname any old place it pleases… so the connector will try to find the first hostname it can resolve in the fields you define, depending on your infrastructure this may cause issues. There are also a number of other similar constraints born of the same immediate need for a solution.

Where can I get it and how do I use it?

Next update I’ll be talking in depth about how you configure this beast as there’s a lot to get your head around and I would prefer it had its own dedicated post. As for acquiring the connector, if you are super keen and want to have a play before I begin to explain how it works I’ll be posting the links up tomorrow.

Enjoy your weekend!

Edit: The astute will notice that I haven’t posted a link yet, I’ve decided to delay it until next update as it looks like I may get a little bit of time to make some last minute fixes and life will be better with them.

comments powered by Disqus