Kimbrough Henley's presentation on monitoring ServiceDesk with Nagios. The presentation was given during the Nagios World Conference North America held Sept 27-29th, 2011 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna

1. Monitoring Unicenter ® Service Desk with Nagios ® Presented at the 2011 Nagios ® World Conference North America by Kimbrough Henley Network Administration/Technology Support and Solutions

3. Nagios® user since 2000

4. Employed by Deloitte Services

5. for fifteen years

6. Solo I/T support person for 100+ staff

7. Unicenter® Service Desk user

8. Disclaimer The views and opinions expressed in this presentation and discussion are solely those of the author and do not necessarily represent the opinions of Nagios Enterprises, LLC or any other parties.

10. Includes support for asset and knowledge base management and change management

12. No re-notification or auto escalation options

13. No notification based on a SLA

14. Limited three time periods available

15. Makes support staff more effective, productive, responsive, and compliant with policies Motivation

17. Customize checks for your precise needs

18. Some queues are checked less frequently

19. No budget necessary

20. Benefits the customer

21. Helps when out of the office or on the go More Motivation

22. The High Level Overview At its core, Nagios ® is a flexible task scheduling application. It schedules execution of plug-ins that return a result which is evaluated and when appropriate, other tasks are scheduled. The plug-in system for monitoring Service Desk simply fetches a page, parses the output, and returns a result back to Nagios ® . Hardware used in my environment is retired HP DL380 server, running quad Pentium 4's with 4 GB of RAM. .

24. Check for tickets about to expire

25. Check volume of tickets

26. Get notified when the CIO submits a help ticket Simply by mimicking queries in the URL GET request to Service Desk, options for searching tickets are only limited to the SD application itself. Every organization has unique policies and needs.

28. Service Desk Application

29. Your Nagios ® plug-ins for USD

30. The URL and session ID (SID)

32. Screen Scraping the JAVA+HTML pages

33. Using Web Service/SOAP WSDL One can monitor Service Desk in different ways.

34. Active Checks

35. In Action

36. In Action

37. Service Desk JAVA+HTML

38. Service Desk PDA/HTML Only

39. Service Desk Search Form This is the form that the Nagios ® plug-in will submit via “wget”.

40. Notification Config

42. PDMWEB engine (identified by pdmweb.exe or pdmweb2.exe.)

43. SID or Session ID

44. FID or Function ID

45. Components of a SD URL Server name is self explanatory, but in some environments, it may be selected randomly from a pool when you first connect. The pdmweb.exe in the URL indicates what web engine is being used. In my environment, it may be either pdmweb.exe or pdmweb2.exe. The session ID is used to track, identify the type of client (HTML or JAVA), and expire connections to the server. The FID (Function ID) variable is not completely understood but has connections to identifying what type of client is in use as well as other purposes. However, it does not affect our plug-in's operation.

46. Setting the Connection Variables The plug in-needs a valid session. Once you have established a SD session in a browser, update a text file with the connection information to be used by the plug-ins. Values are stored in SD-PDA-Session.txt and SD-Browser-Session.txt. SID=1008374279 FID=208 server=uscnt1116 pdmweb=pdmweb2 For JAVA pages, the values needed are obtained by establishing a connection to the SD server, clicking on a group in the DASHBOARD, and viewing the properties of the framed page on the right. For HTML-only pages, switch user agents (to a bot), connect to the server, click Search Requests, and look in the URL. The FID should always be set to “1234” in SD-Browser-Session.txt.

48. Three Plug-ins In Use Today check-sdgroup-by-uuid.sh check-sdgroup-byname.sh check-sd-expiring.sh

49. Finding the Group's ID Looking at the inbox in SD, click “Show Filter”.

50. All the Pieces in Place

51. Check-Group-By-Name Syntax $ ./check-sdgroup-byname.sh US-Southeast-Memphis 1 ALERT: 2 open ticket(s) for US-Southeast-Memphis.|open=2 Request List 2 Matches ____________________________________________________________ Req #: 4459981 End User: Doe, Lawrence Status: Open Priority: 3-Medium Summary: Outlook : PST size exceeded ____________________________________________________________ Req #: 4452311 End User: Doe, Brad J Status: Open Priority: 3-Medium Summary: Unable to access FTS site.

52. Check-Group-by-UUID Syntax If the queue name has spaces or odd characters in it, the check-sdgroup-by-uuid.sh should be used instead. $ ./check-sdgroup-pda.sh 85751D18EFF2EC4C83528C636F4952CA 1 Hermitage ALERT: 1 open ticket(s) for Hermitage.|open=1 Request List 1 Match ______________________________________________________________ Req #: 4371019 End User: Bronk, Benjy Status: Open Priority: 3-Medium Summary: dPrint - unable to log into dPrint pages for WFC office

53. Inside the Plug-ins In order to find tickets with an open status and a medium priority, the URL we would “wget” looks like this: wget -T 6 -t3 -q -O output-$3.html –user=fred –password=martianhttp:// $server /CAisd/ $pdmweb.exe ?SID= $SID +FID= $FID +OP=SEARCH+QBE.EQ.status=OP+QBE.EQ.priority=3+FACTORY=cr+KEEP.where_clause=group.id%3DU%27 $1 %27 n. b. I have explored using CURL instead of WGET. It was effective but not an improvement.

55. Notification Sample From a HTML/PDA based plug-in's results: ALERT: 1 open ticket(s) for Hermitage.|open=1 Request List 1 Match _______________________________________________________ Req #: 4371019 End User: Doe, William David Status: Open Priority: 3-Medium Summary: dPrint - unable to log into dPrint pages for WFC office

56. Checking Expiring Tickets Using the Java based search pages in Service Desk, you can search for tickets created on a specific date. Implement a script (sample included) to determine what “N business days ago” is, you can find tickets due to expire. $ ./check-sd-expiring.sh US-Southeast-Memphis 1 Memphis HDR tickets expiring on servicedesk. ALERT: 1 HDR ticket(s) expire today. 4374185, Open 5-Negotiated US-Southeast-Memphis

57. Notification Sample Birmingham HDR tickets expiring on Service Desk. ALERT: 1 HDR ticket(s) expire today. 4222282, Open 5-Negotiated US-Southeast-Birmingham Name, Tech Assigned to 08/05/2011 HD Data Retention: Doe, John M. Doe, John M. Practice Protection.Data Retention.Hard Drive IT Request USHDC1432 MEMPHIS YES 9015551234

58. Host Definition define host{ use generic-host host_name servicedesk alias Servicedesk address servicedesk contact_groups mem-admins check_command check-host-alive parents router1 }

59. Service Check Template define service{ name sd-open-tickets use generic-service host_name servicedesk notification_interval 240 notification_options c check_period et flap_detection_enabled 0 retry_interval 1 max_check_attempts 2 servicegroups servicedesk register 0 }

60. Service Check Definitions define service { use sd-open-tickets notification_options c notification_period 24x7 check_period 24x7 service_description Memphis Open Tickets check_command check-sdgroup-byname!US-Southeast-Memphis!1 contact_groups mem-admins } define service { use sd-hdr-tickets notification_options c notification_period 24x7 check_period 24x7 service_description Memphis HDR tickets expiring check_command check-sd-expiring!US-Southeast-Memphis contact_groups mem-admins } Generally notification_options should be C only but admins may want C,U,R.

61. Customizing Notifications You may want to change how notifications appear, such as leaving out “CRITICAL” in the results, or the $SERVICE_STATE$ macro in the notification command. The notification_command (how a person is notified) is an attribute of the contact person definition. Therefore, if a contact is getting notifications from other service checks, those notifications would be affected too. You can't have a different notification style for one different service checks. You must setup an additional contact for Service Desk checks only.

62. Graphing with PNP4Nagios The plug-in will produce performance data that can be graphed: $ ./check-sdgroup-byname.sh US-Southeast-Memphis 1 ALERT: 2 open ticket(s) for US-Southeast-Hermitage.|open=2

63. Graphing with PNP4Nagios Here, the output of 5 check-group plug-ins is combined on one graph. For best results, poll every 5 minutes, 24 hours a day.

67. Analogous to an API

68. Access may be restricted in a number of ways via permissions in the application

70. Automate session ID renewal for the plug-ins using Java pages

71. Consolidate into one script that will use command line input to select multiple search parameters (such as priority, status, incident area, creation date).

72. Troubleshooting/Development Tools WFetch Mozilla Live HTTP Headers (Firefox plug-in) WireShark Fiddler2 SoapUI The CA Service Desk Web Services User Guide may be useful for developing a Web Services-based plug-in.

74. Today, plug-ins that use the HTML only pages are preferred.

75. Customizable for your needs

76. Package is available on Nagios ® Exchange website

77. Package Includes all the scripts discussed