Monitoring connectivity for Slack and PagerDuty - slack-api

We are using PRTG to monitor a number of internal resources, and we have set it up to alert us on a Slack channel and/or via PagerDuty (depending on severity) using their respective APIs. Considering that Slack and PagerDuty are external to us, we would also like to monitor whether our PRTG instance can access them -- basically, a form of self-monitoring or Who Watches the Watchmen?
So far the only reliable method we've found for Slack is to post an actual message to a private "testing" Slack channel, e.g. (Slack URL details redacted):
POST https://hooks.slack.com/services/XXX/YYY/ZZZ
Content-Type: application/json
{ "text": " ", "channel": "#prtg-webhook-test" }
Similarly, PagerDuty's Events API appears to be POST only, and the valid actions are limited to trigger, acknowledge, and resolve:
POST https://events.pagerduty.com/v2/enqueue
Content-Type: application/json
Is there a good way to test HTTPS connectivity without posting an actual Slack message / creating an actual PagerDuty alert? I couldn't find anything in documentation for either service, or a creative way to create an appropriate sensor in PRTG.

For Slack you might rather want to make an call to the API, not to a webhook.
I would recommend using auth.test, since its one of the few methods that has no rate limit.
Also, for the whole Slack service you can see the current status on this official webpage.

For pure connectivity, you can do a POST against the Events API with an empty payload, and you'll get an error message back:
curl --location --request POST 'https://events.pd-staging.com/v2/enqueue' \
--header 'Content-Type: application/json' \
--data-raw '{}'
{
"status": "invalid event",
"message": "Event object is invalid",
"errors": [
"'event_action' is missing or blank",
"'routing_key' must be provided in the body, or provided in the headers using 'x-routing-key'"
]
}
If you'd also like to validate your routing key, you can send an acknowledge event with a dummy dedup_key:
curl --location --request POST 'https://events.pd-staging.com/v2/enqueue' \
--header 'Content-Type: application/json' \
--header 'Cookie: uid=rBGA1lymclmSzRCsAwO3Ag==' \
--data-raw '{
"routing_key": "<your_routing_key>",
"event_action": "acknowledge",
"dedup_key": "something_that_will_never_match_an_open_incident"
}'
{
"status": "success",
"message": "Event processed",
"dedup_key": "something_that_will_never_match_an_open_incident"
}
Note that this will not show up anywhere in the PagerDuty UI, but that could be what you'd want anyways.

Related

Create organizationalBrandingProperties

I'm trying to create Organizational branding via Graph API
Unfortunately it doesn't work as documented
curl --fail-with-body --silent --show-error --oauth2-bearer TOKEN -X PUT -H 'Content-Type: application/json' -d #- https://graph.microsoft.com/v1.0/organization/7c9674e7-ad41-482b-af13-fff7ba1c38f6/branding <<< '{
"backgroundColor":"#FFFF33",
"signInPageText":"Welcome",
"usernameHintText":"hint"
}'
{
'error': {
'code': 'Request_BadRequest',
'message': 'Specified HTTP method is not allowed for the request target.',
'innerError': {
'date': '2021-04-21T12:59:57',
'request-id': 'a5ce577c-d0a9-4888-9999-521d7ba452b1',
'client-request-id': 'a5ce577c-d0a9-4888-9999-521d7ba452b1'
}
}
neither PATCH works:
curl --fail-with-body --silent --show-error --oauth2-bearer TOKEN -X PATCH -H 'Content-Type: application/json' -d #- https://graph.microsoft.com/v1.0/organization/7c9674e7-ad41-482b-af13-fff7ba1c38f6/branding <<< '{
"backgroundColor":"#FFFF33",
"signInPageText":"Welcome",
"usernameHintText":"hint"
}'
{
"error": {
"code": "Request_ResourceNotFound",
"message": "Resource '7c9674e7-ad41-482b-af13-fff7ba1c38f6' does not exist or one of its queried reference-property objects are not present.",
"innerError": {
"date": "2021-04-21T13:07:43",
"request-id": "c2c7056b-0043-40cb-82b8-6d262f190005",
"client-request-id": "c2c7056b-0043-40cb-82b8-6d262f190005"
}
}
I tried opening an Azure support request but they told me
The AAD Developer queue is experiencing a very high number of requests.
Please expect a delay in the assignation as the cases are assigned considering case severity, time in queue, customer service level and business impact.
Since Azure support has proven to be useless yet again, maybe somebody here would be able to help me? :)
Based on my test, I have the same error when I use PUT method.
But PATCH works fine for me.
id should be the organization id or tenant id.
Please get the id first with
GET https://graph.microsoft.com/beta/organization/
Then use the id for PATCH method:
PATCH https://graph.microsoft.com/v1.0/organization/{id}/branding
Content-Type: application/json
Content-Language: en-US
{
"backgroundColor": "#FFFF33",
"signInPageText": "Welcome",
"usernameHintText": "hint"
}
Update:
Application token is not supported for this endpoint. See Permissions.
Microsoft support finally responded (after 2 months!) with
Application Permission are currently not supported on this
endpoint, meaning that you will need an on-behalf of user token with
Delegated permissions to use this endpoint.
Since your goal was to automate this process, one workaround that
sometimes is feasible is to have a dedicated user in your tenant to
perform those actions, and that will authenticate with ROPC flow. This
flow allows to directly send the credentials information (username and
password) and because of that does not require an UI or interaction.
There is currently a known issue regarding the GET and PATCH method for the branding endpoint that is already reported and the fix
is in progress. This issue will cause an 404 error mentioning that the
tenant resource is not found.
Issue seems to be with locale being used, If you wish to get/update
the default branding, can you please try to include an header with
Accept-language as 0 (shown in the below image), if you want to get
branding for any other locale, you’ll need to pass the valid ISO-639
locale.

Create subscription for OneDrive Business returns 403 forbidden

I'm using Microsoft Graph API to build and integration with OneDrive. Everything has worked well and I have been able to register my App, get a token, navigate the OneDrive items and download files.
I started creating subscriptions to receive notifications from OneDrive when user does something. This works without any problem when user signs in with their "personal account" but when they use "work or school" account I get the following error message:
{
"error": {
"code": "ExtensionError",
"message": "Operation: Create; Exception: [Status Code: Forbidden; Reason: The caller does not have permission to perform the action.]",
"innerError": {
"request-id": "ffaf7fae-e0b0-4cd8-b911-bac4c2fb290a",
"date": "2019-09-18T00:18:40"
}
}
}
And this is the call I make to create the subscription:
curl -X POST \
https://graph.microsoft.com/v1.0/subscriptions \
-H 'Authorization: Bearer [access_token]' \
-H 'Content-Type: application/json' \
-H 'Host: graph.microsoft.com' \
-d ' {
"resource": "me/drive/root",
"changeType": "updated",
"clientState": "[email_Address]",
"notificationUrl": "https://webhook_url",
"expirationDateTime": "2019-09-19T04:43:47.6099364+00:00"
}'
The user has Files.ReadWrite.All permission which based on the documentation should be enough.
I had this same problem. The only difference is I am trying to setup a driveItem subscription on a business OneDrive path /users/<id>/drive/root but getting the same error as you on the response.
So, using the same access token, I did a GET /v1.0/users/<id>/drive/root and fetched the driveId of the parent from the response. Then I attempted to create the subscription at /drives/<driveId>/root and it worked. All requests were using the same access token and the previous way used to work for months.
So you might try doing a GET for your /me/drive/root and see if you can set it up with the driveId.
As a bonus, the subscription is now sending web-hooks like I expect.

Cumulocity - Send Measurement/Alarm/Event using external ID via HTTP

I've been recently exploring Cumulocity and managed to use the external ID to send data (measurements/alarms/events) via MQTT. Its well documented and pretty straight forward.
But I cant find how to send data (measurement/alarm/event) using ExternalID instead of source.
For example, here is how POST of a measurement looks like if you know ClientID of device:
curl -X POST \
https://myTenant.cumulocity.com/measurement/measurements \
-H 'Accept: application/vnd.com.nsn.cumulocity.measurement+json' \
-H 'Authorization: Basic mytoken' \
-H 'Content-Type: application/json' \
-d '{
"c8y_TemperatureMeasurement": {
"T": {
"value": 25,
"unit": "C" }
},
"time":"2019-03-07T10:03:14.000+11:00",
"source": {
"id":"1234567" },
"type": "c8y_TemperatureMeasurement"
}'
Is there a way to replace that "source": {"id":"1234567" }, with external ID?
What would the request look like?
As of today, this is not possible:
Instead you have to first convert the externalID to the source id once (e.g. when the device is booted its done as first actions). Afterwards send all requests (e.g. POSTs to create measurements/alarms/events) using this retrieved sourceID.
This is also described in the Device SDK for HTTP here: https://cumulocity.com/guides/device-sdk/rest#step-1-check-if-the-device-is-already-registered .
Thanks for the good feedback on the documentation!

Twilio Join Google Hangouts Conference Call

I'm using Google Hangouts for Enterprise that comes with GSuite. When a Google Hangouts meet starts, It gives a dial-in number with a pin.
+1 xxxx-xxxx-3235 , Some PIN number (3495093#)
I'm trying to join this meeting through a Twilio voice call using the Twilio Voice API.
curl 'https://api.twilio.com/2010-04-01/Accounts/AC8bc5f1756b2e10ce344333e0ec6f7acacc46/Calls.json' -X POST \
--data-urlencode 'To=+1 xxxx-xxxx-3235' \
--data-urlencode 'From=+1xxxxxxxxxx6' \
--data-urlencode 'Url=https://demo.twilio.com/welcome/voice/' \
--data-urlencode 'SendDigits=wwwww34975093#‬#' \
-u AC8bc5f1756b2e10c824e0ec6f7acacc46:[AuthToken]
‪
When I execute the call through CURL I get this response message
{
"code": 21206,
"message": "Invalid sendDigits: wwwww34975093#",
"more_info": "https://www.twilio.com/docs/errors/21206",
"status": 400
}
I'm not sure what's wrong here. I'm adding half-a-second wait to the PIN using wwwww. Even passing the PIN without wwwww gives me the same error.
So my question is, is it even possible to join a third party conference call through Twilio.
There is a hidden control character:
{"code": 21206, "message": "Invalid sendDigits: wwwww34975093#\u202c#"
Remove that and it will work.

Not receiving push notifications if sending "data" (but "notification" works) payloads to GCM/FCM in iOS didReceiveRemoteNotification

I am trying to get "data" payload notifications to be received for our iOS app.
Today we can send GCM notification push notifications as according to:
https://developers.google.com/cloud-messaging/concept-options
(FCM has the same text)
An easy test is using CURL:
curl -X POST \
https://gcm-http.googleapis.com/gcm/send \
-H 'authorization: key=##_GCM_SERVER_ID_##' \
-H 'cache-control: no-cache' \
-H 'content-type: application/json' \
-H 'postman-token: ##_POSTMAN_TOKEN_##' \
-d '{
"notification": {
"body": "Test body"
},
"to" : "##_DEVICE_TOKEN_##"
}
'
This will successfully trigger iOS AppDelegate.didReceiveRemoteNotification:fetchCompletionHandler function.
However, if change it to a data notification:
curl -X POST \
https://gcm-http.googleapis.com/gcm/send \
-H 'authorization: key=##_GCM_SERVER_ID_##' \
-H 'cache-control: no-cache' \
-H 'content-type: application/json' \
-H 'postman-token: ##_POSTMAN_TOKEN_##' \
-d '{
"data": {
"body": "Test body"
},
"to" : "##_DEVICE_TOKEN_##"
}
'
I can't see anything is being sent to the app from GCM (in either didReceiveRemoteNotification functions), even if the app is in background/foreground.
Even though it says in the documentation it should:
https://developers.google.com/cloud-messaging/concept-options#notifications_and_data_messages
Note these further platform-specific details:
On Android, data payload can be retrieved in the Intent used to launch your activity.
On iOS, data payload will be found in didReceiveRemoteNotification:.
GCM can handle pure data push notifications to the APN network right?
Do I need to do anything special to receive data, compared to notification, Push Notifications in iOS?
When sending the Data type message with FCM to iOS devices, they will only be received if content_available is set to true in your FCM request body, eg:
{
"to": "--fcm-token--",
"content_available": true,
"data": {
"priority": "high",
"hello": "world"
}
}
Aside from the notes that you've shared, please don't miss out that,
On iOS, GCM stores the message and delivers it only when the app is in the foreground and has established a GCM connection.
With this, you may want to check Establishing a Connection. Then, when your XMPP connection is established, CCS and your server use normal XMPP <message> stanzas to send JSON-encoded messages back and forth. The body of the <message> must be:
<gcm xmlns:google:mobile:data>
JSON payload
</gcm>
Also, note that message_id is a required field for data message. Check this sample request format for message with payload - data message shown in Downstream Messages. You just have to convert it using CURL.
<message id="">
<gcm xmlns="google:mobile:data">
{
"to":"REGISTRATION_ID", // "to" replaces "registration_ids"
"message_id":"m-1366082849205" // new required field
"data":
{
"hello":"world",
}
"time_to_live":"600",
"delay_while_idle": true/false,
"delivery_receipt_requested": true/false
}
</gcm>
</message>
For more information, see XMPP Connection Server Reference.

Resources