HPE OneView Alert Cleaner
In a large enterprise with hundreds of HP servers across multiple data centers, it can be challenging to keep track of every alert. This often leads to a large number of open alerts. Sometimes the condition that triggered an alert is no longer present. Unfortunately, OneView doesn’t always automatically close these alerts. That’s why I wrote this script.
The script has the following parameters:
- ovServer
The IP address or FQDN of the OneView appliance. Note that “https://” is not required.
Example:oneview01.local.domain - ovDomain
The domain name associated with the provided username. - ovUsername
The username used for authentication. - ovPassword
The password for the provided username. - CutOffDate
The number of days to go back in time. If no value is provided, the script defaults to 7 days. This means any alert older than 7 days will be closed.
There are two possible outputs from the script:
- Alerts Found
If the script finds alerts to close, the output will look like this:Found a total of 1 alert(s) to clear Resource Name: Backup Alert Description: The backup has not been taken and downloaded for over 50 hours. Corrective Action: Create and download a backup from the {"name":"Backup","uri":"rhref:#/settings/show/appliance/backup"} page. Scheduled backups can be enabled from the {"name":"backup settings","uri":"rhref:#/settings/edit/backup"}. {"name":"Learn More","uri":"/doc#/helpProductBook/settings/show/appliance/backup"}In this output, you will find the number of alerts that will be closed, along with the resource name, the alert description, and the recommended corrective action.
- No Alerts Found
If no alerts match the criteria, the output will be:No alerts found older than 08/01/2024 10:25:24
Functions in the Script
- AuthToken
- This function authenticates with the OneView appliance and retrieves the session token required for API requests.
- AllAlerts
- This function retrieves all active and locked alerts from OneView. Currently, the script uses this function to identify alerts that need to be cleared.
- ActiveAlerts
- This function fetches only active alerts. You can modify the script to use this function if you want to focus solely on active alerts instead of both active and locked alerts.
- LockedAlerts
- This function retrieves only locked alerts. You can opt to use this function if your focus is on managing locked alerts.
- DeleteLockedAlerts
- This function deletes specified alerts by their AlertID.
How the Script Works
- Step 1: The script authenticates with OneView and retrieves all active and locked alerts using the
AllAlertsfunction. - Step 2: It then filters these alerts based on the specified
CutOffDate, identifying alerts older than this date. - Step 3: If any alerts meet the criteria, the script outputs their details (resource name, description, and corrective action) and proceeds to clear them using the
DeleteLockedAlertsfunction. - Step 4: If no alerts are found that match the criteria, it outputs a message indicating this.
Customization Options
While the script currently uses the AllAlerts function, you can easily modify it to use the ActiveAlerts or LockedAlerts functions, depending on your specific needs.
Script: OneView Alert Cleaner (OVAC)
<#
.SYNOPSIS
Script: OneView Alert Cleaner (OVAC)
Version: 1.0 (Tested)
Date: Aug 1, 2024
Author: Kabir Ali - info@kablog.nl
Description: This script will clear old open alerts in OneView. With the CutOffDate variable you can specify what will be considered as old alerts.
Version history:
0.1 - Aug 1 - Initial version
1.0 - Aug 7 - Final version
.EXAMPLE
.\OVAC.ps1 -ovServer "10.10.10.10" -ovDomain "local.domain" -ovUsername "Username" -ovPassword "VMware1!" -CutOffDate "5"
#>
Param (
[Parameter(Mandatory = $true)][string]$ovServer,
[Parameter(Mandatory = $true)][string]$ovDomain,
[Parameter(Mandatory = $true)][string]$ovUsername,
[Parameter(Mandatory = $true)][string]$ovPassword,
[Parameter(Mandatory = $false)][string]$CutOffDate = "7"
)
# Function to request the AuthToken needed for the API
function AuthToken {
# Login to OneView and get session token
$body = @{
userName = $ovUsername
password = $ovPassword
authLoginDomain = $ovDomain
loginMsgAck = $true
}
$response = Invoke-RestMethod -Uri "$ovServer/rest/login-sessions" -Method Post -Body ($body | ConvertTo-Json) -ContentType "application/json" -Headers @{ "X-Api-Version" = "3800" }
$authToken = $response.sessionID
return $authToken
}
# Function to which will report all active and locked alerts
function AllAlerts {
# Get active and locked alerts
$AllAlertsUrl = "$ovServer/rest/alerts?start=0&count=-1&filter=""alertState NE 'Cleared'"""
$AuthToken = AuthToken
$AllAlertsResponse = Invoke-RestMethod -Uri $AllAlertsUrl -Method Get -Headers @{
"Auth" = $authToken
"X-Api-Version" = "3800"
}
# Output the alerts
#$LockalertsResponse | ConvertTo-Json -Depth 3
return $AllAlertsResponse
}
# Function to which will report only active alerts
function ActiveAlerts {
# Get active alerts
$alertsUrl = "$ovServer/rest/alerts?start=0&count=-1&filter=""alertState EQ 'Active'"""
$AuthToken = AuthToken
$alertsResponse = Invoke-RestMethod -Uri $alertsUrl -Method Get -Headers @{
"Auth" = $authToken
"X-Api-Version" = "3800"
}
# Output the alerts
#$alertsResponse | ConvertTo-Json -Depth 3
return $alertsResponse
}
# Function to which will report only locked alerts
function LockedAlerts {
# Get locked alerts
$LockalertsUrl = "$ovServer/rest/alerts?start=0&count=-1&filter=""alertState EQ 'Locked'"""
$AuthToken = AuthToken
$LockalertsResponse = Invoke-RestMethod -Uri $LockalertsUrl -Method Get -Headers @{
"Auth" = $authToken
"X-Api-Version" = "3800"
}
# Output the alerts
#$LockalertsResponse | ConvertTo-Json -Depth 3
return $LockalertsResponse
}
# Function to which will clear the alert
function DeleteLockedAlerts {
Param (
[string]$AlertID
)
# Delete locked alerts
$DelLockalertsUrl = "$($ovServer)$($AlertID)?force=true"
$AuthToken = AuthToken
$DelLockalertsResponse = Invoke-RestMethod -Uri $DelLockalertsUrl -Method Delete -Headers @{
"Auth" = $authToken
"X-Api-Version" = "200"
}
}
### MAIN CODE ###
# Suppress SSL errors
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
# Add https:// to ovServer
$ovServer = "https://$($ovServer)"
# Lookup all the active alerts in OneView
$AllAlerts = AllAlerts
# Get the current date and time
$currentDate = Get-Date
# Calculate the cutoff date (default: 7 days ago)
$cutDate = $currentDate.AddDays(-($CutOffDate))
# Filter the alert objects where 'created' date is older than 7 day
$filteredAlerts = $AllAlerts.members | Where-Object {
# Convert the 'created' property to DateTime and compare
[DateTime]::Parse($_.created) -lt $cutDate
}
if ($filteredAlerts.count -gt 0) {
# Display number of alerts to be cleared
Write-Output "Found a total of $($filteredAlerts.count) alerts to clear"
# Loop and clear alerts
foreach ($Alert in $filteredAlerts) {
Write-Output "Resource Name: $($Alert.associatedResource.resourceName)"
Write-Output "Alert description: $($Alert.description)"
Write-Output "Corrective Action: $($Alert.correctiveAction)"
DeleteLockedAlerts -AlertID $Alert.uri
}
} else {
Write-Output "No alerts found older than $($cutDate)"
}
Conclusion
Managing alerts in a large enterprise environment can be a daunting task, but with the OneView Alert Cleaner (OVAC) script, you can streamline the process by automatically clearing old alerts. By customizing the script to use different functions, such as AllAlerts, ActiveAlerts, or LockedAlerts, you can tailor it to your specific needs.
If you have any questions or need further assistance with the script, feel free to reach out to me at info@kablog.nl. I’m always happy to help!