Introduction to the Windows PowerShell Automations PowerPack

This section describes how to use the run book automation policies, run book actions, and custom action types found in the "Windows PowerShell Automations" PowerPack.

What is the Windows PowerShell Automations PowerPack?

The "Windows PowerShell Automations" PowerPack includes:

• A custom action type for running PowerShell commands on remote devices
• A device group with rules that include only Windows devices
• A set of run book actions that run diagnostic commands on Windows systems via PowerShell
• A set of run book automation policies that tie events from monitoring PowerPacks to the run book actions

The run book automation actions for this PowerPack are executed on the SL1 All-In-One Appliance or Data Collector.

In addition to using the standard content, you can use the content in the "Windows PowerShell Automations" PowerPack to:

• Create your own run book automation policies that include the pre-defined actions that run different sets of diagnostic commands.
• Use the supplied "Execute PowerShell Request" custom action type to configure your own run book action by supplying a set of commands to be executed via PowerShell.

Version 105 and later of this PowerPack supports Python 3.6.

Installing the Windows PowerShell Automations PowerPack

Before completing the steps in this section, you must import and install the latest version of the "Windows PowerShell Automations" PowerPack.

You must install the "Datacenter Automation Utilities" PowerPack version 201 or later before using this release of the "Windows PowerShell Automations" PowerPack.

The "Windows PowerShell Automations" PowerPack requires SL1 version 12.1.2 or later. For details on upgrading SL1, see the appropriate SL1Release Notes.

By default, installing a new version of a PowerPack overwrites all content from a previous version of that PowerPack that has already been installed on the target system. You can use the Enable Selective PowerPack Field Protection setting in the Behavior Settings page (System > Settings > Behavior) to prevent new PowerPacks from overwriting local changes for some commonly customized fields. For more information, see the section on Global Settings.

Ensure that you are running version 12.1.2 or later of SL1 before installing this PowerPack.

For details on upgrading SL1, see the relevant SL1 Platform Release Notes.

To download and install the PowerPack:

1. Search for and download the PowerPack from the PowerPacks page (Product Downloads > PowerPacks & SyncPacks) at the ScienceLogic Support Site.
2. In SL1, go to the PowerPacks page (System > Manage > PowerPacks).
3. Click the Actions button and choose Import PowerPack. The Import PowerPack dialog box appears.
4. Click [Browse] and navigate to the PowerPack file from step 1.
5. Select the PowerPack file and click Import. The PowerPack Installer modal displays a list of the PowerPack contents.
6. Click Install. The PowerPack is added to the PowerPacks page.

If you exit the PowerPack Installer modal without installing the imported PowerPack, the imported PowerPack will not appear in the PowerPacks page. However, the imported PowerPack will appear in the Imported PowerPacks modal. This page appears when you click the Actions menu and select Install PowerPack.

Creating a Credential for Windows PowerShell

If you do not have the "Microsoft: Windows Server" PowerPack installed, you must create a credential that includes the username and password to communicate with your Windows devices.

To prepare your Windows systems for monitoring, follow the instructions in Configuring Windows Servers for Monitoring with PowerShell.

If you have the "Microsoft: Windows Server" PowerPack installed and configured, you may skip this section.

To define a PowerShell credential in SL1:

1. Collect the information you need to create the credential:

• The username and password for a user on the Windows device.
• If the user is an Active Directory account, the hostname or IP address of the Active Directory server and the domain.
• Determine if an encrypted connection should be used.
• If you are using a Windows Management Proxy, the hostname or IP address of the proxy server.

2. Go to the Credential Management page (System > Manage > Credentials).
3. In the Credential Management page, click the Actions menu. Select Create PowerShell Credential.
4. The Credential Editor page appears, where you can define the following fields:

• Profile Name. Name of the credential. Can be any combination of alphanumeric characters. This field is required.
• Hostname/IP. Hostname or IP address of the device from which you want to retrieve data. This field is required.

• You can include the variable %D in this field. SL1 will replace the variable with the IP address of the device that is currently using the credential.
• You can include the variable %N in this field. SL1 will replace the variable with the hostname of the device that is currently using the credential. If SL1 cannot determine the hostname, SL1 will replace the variable with the primary, management IP address for the current device.
• You can include the prefix HOST or WSMAN before the variable %D in this field if the device you want to monitor uses a service principal name (for example, "HOST://%D" or "WSMAN://%D"). SL1 will use the WinRM service HOST or WSMan instead of HTTP and replace the variable with the IP address of the device that is currently using the credential.

• Username. Type the username for an account on the Windows device to be monitored or on the proxy server. This field is required.

NOTE: The user should not include the domain name prefix in the username for Active Directory accounts. For example, use "em7admin" instead of "MSDOMAIN\em7admin".

• Encrypted. Select whether SL1 will communicate with the device using an encrypted connection. Choices are:

• yes. When communicating with the Windows server, SL1 will use a local user account with authentication of type "Basic Auth". You must then use HTTPS and can use a Microsoft Certificate or a self-signed certificate.
• no. When communicating with the Windows server, SL1 will not encrypt the connection.

• Port. Type the port number used by the WinRM service on the Windows device. This field is automatically populated with the default port based on the value you selected in the Encrypted field. This field is required.

• Account Type. Type of authentication for the username and password in this credential. Choices are:

• Active Directory. On the Windows device, Active Directory will authenticate the username and password in this credential.
• Local. Local security on the Windows device will authenticate the username and password in this credential.

• Timeout (ms). Type the time, in milliseconds, after which SL1 will stop trying to collect data from the authenticating server. For collection to be successful, SL1 must connect to the authenticating server, execute the PowerShell command, and receive a response within the amount of time specified in this field.
• Password. Type the password for the account on the Windows device to be monitored or on the proxy server. This field is required.
• PowerShell Proxy Hostname/IP. If you use a proxy server in front of the Windows devices you want to communicate with, type the fully-qualified domain name or the IP address of the proxy server in this field.
• Active Directory Hostname/IP. If you selected Active Directory in the Account Type field, type the hostname or IP address of the Active Directory server that will authenticate the credential.
• Domain. If you selected Active Directory in the Account Type field, type the domain where the monitored Windows device resides.

5. To save the credential, click the Save button. To clear the values you set, click the Reset button.