Schedule demo
Home

Executing Program

You can configure Applications Manager to automatically trigger scripts/programs/server commands when an alarm is generated. This will help minimize manual intervention in resolving system/application issues.

This document covers:

Configuring Execute Program Action

To execute a program, follow these steps:

  1. Select the New Action link from the top menu.

  2. Click Execute Program from the Actions in the left frame and specify the following details:

    • Enter the Display Name for the action.
    • Choose whether the program to be executed is from the local server or from a remote server.

    • If the program is on a remote server, specify the Target Hosts on which these actions are to be executed. There are three options available here:

      • Auto-select Hosts: This option will automatically detect and trigger the Execute Program action based on the associated monitor. For example, if the action is associated with a host, it will be triggered for that host. If the action is associated with a Tomcat monitor, it will be triggered on the Tomcat server's host.
      • Selected Hosts: This option lets you specify the exact hosts on which the action will be triggered. You can select the hosts from the ones listed.
      • All Hosts in the selected Monitor Group: This option lets the action be triggered on the server monitor hosts present in the Monitor Groups. You can select the Monitor Group from the ones listed.

      Additionally, you can choose to add a new host. For configuring a new host, enter the following details: Host Name / IP Address, Execution Mode (Telnet/SSH/Powershell), User Name and Password of the host, port number (Default Telnet port no: 23, SSH port no: 22), and then specify the command prompt value (for Telnet/SSH), which is the last character in your command prompt. Default value is $ and possible values are >, #, etc.

    Applications Manager Executing Program: Specifying target hosts for script located in remote server

    • Specify the program to be executed either as a command or as a script file. Make sure to implement the following methods if the program is to be executed as a script file:

      • If the script file to be executed is located in a directory, then specify the script file name along with the absolute directory path.
      • If the script file is to be executed from a remote Applications Manager server, it can be done by uploading the script file via Upload Files/Binaries option.

      You can also make use of Replaceable Tags to provide additional arguments to the program specified in this field.

    • Enter the directory path from which the script should be executed in the Directory to execute Program field.
    • You can use the success and failure notification fields to receive a response for both success and failure conditions of an action, either by selecting an existing email address or by defining a new email address using the New Action link.

    • The Abort after field is used to specify the timeout value for the program. Specify the time after which the program should be terminated.

      Note: It is important to provide the required time for aborting the command execution since the alarm processing is held up by the program execution. While executing the program, the command runs synchronously in the main alarm processing thread. This delays all subsequent alarms from being processed until the program execution is completed or terminated.

    Applications Manager Executing Program: Program to be executed

  3. If you want to execute the action during specific time periods, enable the Execute Action based on Business Hours option and select the Business Hour during which the action has to be executed. The action can be configured such that it is executed during or outside the selected Business Hours. Use the drop-down menu to select your time window or click on Add New Business Hour to create a new time window.
  4. Click Create Action to finish. This will list the Execute Program action name and its details along with the other actions configured.

View/Edit Execute Program Action

You can view and edit an existing Execute Program or execute that action from the Admin tab > Actions page.

  • To edit the action, click the Edit [ Applications Manager Executing Program: Edit action ] icon.
  • You can also have a trial execution of the action. To do so, click the Execute icon [ Applications Manager Executing Program: Execute action ] of that action.

Execute Program Usage

Pointers to where you can use the Execute Program action:

  • Integrate a .vbs script to be executed by writing a simple .bat file. With this, you can restart a remote service, reboot a machine, etc.
  • Execute custom actions like calling a Python script or Java class, etc.
  • Invoke a .wav file to make alarm noise on the server.
  • Execute a script on a remote server.
  • Trigger actions like cleaning up a hard disk when usage exceeds a threshold limit.

Note: Passing arguments to custom scripts can be further enhanced by using Replaceable Tags.

Usage examples

  • Shell script: When using a shell script, it is sufficient to specify the script file name alone (for example, sample.sh). There is no need to prefix it with sh.
  • PowerShell script: To use a PowerShell script, create a batch file (.bat) that invokes the .ps1 file, and then specify this .bat file in the Execute Program action. For example, create a file named run_script.bat with the following content:
    powershell.exe -ExecutionPolicy Bypass -File "C:\scripts\your_script.ps1"
    Then, specify run_script.bat as the program to execute.

Securing Execute Program Action

The Execute Program action option is designed to help you handle application problems and perform automated recovery actions with minimal manual intervention. While it enables quick response to alarms, its usage should be controlled to maintain system security.

Execute Program Action has the integrated ability to run scripts (including PowerShell scripts) and server commands based on the user privileges that run Applications Manager. Caution must be exercised with its usage. Additional security and access control features include:

  • Only users with Administrator or Delegated Administrator privileges are allowed to create or use Execute Program actions.
  • Any Execute Program Action created by an Administrator or Delegated Administrator remains disabled and in Pending Approval status until approved by a Super Administrator.
  • Create, Edit, or Delete operations on Execute Program actions are audited, and details are available under SettingsAudit Logs.
  • You can blacklist specific commands that are considered unsafe by adding them to the BlackListCommands.properties file located under <Applications Manager Home>\conf\. Learn more.
  • Script uploads can be disabled under SettingsServer SettingsEnable file upload.
  • Always verify scripts before running them and ensure they come from trusted sources to prevent unintended or malicious execution.

Local Server Execution

On performing local execution in Applications Manager, the program or script runs on the same server as the service, inheriting its administrative privileges. This enables it to perform tasks with elevated access but also requires caution, as any unauthorized changes to the script could pose security risks.

Note: Running scripts with elevated privileges can pose security risks if unauthorized users modify them to perform malicious actions.

Remote Server Execution

When a script is executed on a remote server in Applications Manager, it operates with the privileges of the configured user account. This setup allows controlled execution by limiting the script's actions to those allowed by the assigned user permissions. By using this model, security risks are minimized, as scripts can only perform actions within the specific access rights of the user account, preventing unauthorized or potentially harmful actions from taking place outside the user's designated privilege level.

Note: Running scripts with user-specific permissions on remote servers reduces security risks, as scripts cannot perform actions beyond the user's authorized level.

Best Practices for Secure Script Execution

  • Secure Script Execution: Apply security measures like access controls and regular audits to safeguard scripts.
  • Monitor Script Execution: Consistently review execution logs for any suspicious activity.
  • Secure Remote Configuration: Set up secure configurations, including access controls and firewall rules, on remote servers.
  • User Account Permissions: Assign only the necessary permissions to the user account used for remote script execution.
  • Monitor Remote Server Activity: Regularly inspect remote server logs to detect unusual or unauthorized actions.

Note: Implement privilege-based access control for scripts, ensuring they operate under the principle of least privilege. Scripts should execute with either administrative or specific user permissions, depending on the chosen execution mode, to enhance security and minimize potential risks.

Loved by customers all over the world

"Standout Tool With Extensive Monitoring Capabilities"

It allows us to track crucial metrics such as response times, resource utilization, error rates, and transaction performance. The real-time monitoring alerts promptly notify us of any issues or anomalies, enabling us to take immediate action.

Reviewer Role: Research and Development

carlos-rivero
"I like Applications Manager because it helps us to detect issues present in our servers and SQL databases."
Carlos Rivero

Tech Support Manager, Lexmark

Trusted by thousands of leading businesses globally