Versions Compared

Version Old Version 10 New Version 11
Changes made by

Caleb Miller

Caleb Miller

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleGithub Setup as of January 2022

You will require a GitHub repository/Repo to store the scripts themselves.

Step

Screenshot

Create a GitHub repository

Log into GitHub.

In this demo, we'll be creating a new test repository. Press "New Repository"

Info

Note: You don't have to do this if you already have a repository.

The repository can be public or private. Apica recommends that it be set as private. Private repositories give you more requests on your GitHub token rate limit.

Click "Create repository."

Create GitHub Personal Access Token

We've created the repository (keep it in a new tab while creating a Personal Access Token that you'll give to ASM).

Personal Access Tokens are used to run any scripts that you create inside ASM as a check.

 

Getting the Personal Access Token

This Personal Access Token will allow ASM to pull scripts from your repository.

Go to your user Settings.

Scroll down to Developer settings and click "Personal Access Tokens."

Generate New Token

Click "Generate new token."

Enter your GitHub password if prompted.

Apica recommends adding a new note. So, we will put “ASM 2021-11-03" into the note field in this example.

For this example, only we'll set no expiration because we don't want this token to expire, but do set a token expiration date as your security policy requires.

Select the permission scope that will be needed for this example: repo [no others are needed].

Finally, click Generate token.

 

GitHub generates your token

Info

Make sure to copy your personal access token now. You won't be able to see it again!

Copy the token into a text file for later re-use.

Tip

If you have your Personal Access Token and your Repository we can start scripting.

2. Scripting an Example Python Check

...

We will be coding a straightforward Python check for its use in ASM. This Python check will call a URL that we specify, and it will return the response that we received from this URL.

Step

Screenshot

Import Libraries (as needed)

import requests

import sys

import JSON

import time

After Python is up, import the requests {a library for doing any URL call}, sys, JSON, and time libraries into the virtual environment.

Info

See https://apica-kb.atlassian.net/wiki/spaces/ASMDOCS/pages/2135393547/Scripted+Check#7.-Appendix for instructions on using a custom module within your script.

Image Modified

 

Set the URL Request

Set the URL call to be an argument.

Make a GET request against that URL.

The response will need to set a default URL to call, if we don't have an argument. Set exceptions as 'e'. and The URL will be http://google.com.

Our script returned a 200 status code. Our script will call either http://google.com or a URL that we provide.

Code Block
languagepy
  try:
        url = sys.argv[1]
except Exception as e:
       url = 'https://google.com'

response = requests.get (url)
print (response.status_code)  url = sys.argv[1)
Image Modified

Add JSON format

What JSON format does Apica’s back-end system expect? Apica’s back-end is based on MongoDB.

MongoDB allows us to have an expandable result format. So that's a result format that you can upload almost anything to, and it will become a part of the result.

We have the start and end times that we need. So the start and end times will be the start and end times of your check in ASM (These will show up in the check Result view in ASM).

  • Set start_time = time.time().

  • Set end_time = time.time().

Note: we're doing the start_time before our URL call and the end_time at the end of our URL call. This measures the time it takes to call this URL.

Set a message. So our message is “URL call returned status code”, then adds a string response (the returned status code) the value that you see here, in the JSON format, it will be the value of the results.

So this is the main value that you will see. Usually, it's the duration, but it could be anything. To show this, let's say that it's the status code, because this is what we're saying in the message. So we'll set it to response.status.code.
After running this, we have our JSON output; by itself, a valid result.

Code Block
languagepy
  try:
        url = sys.argv[1]
except Exception as e:
       url = 'https://google.com'

start_time = time.time()
response = requests.get (url)
end_time time. time()

json_return = (
 "returncode": 0,
 "start_time": start_time,
  "end_time": end_time,
  "message": "URL call returned status code: " + str(response.status_code),
  "unit": "ms",
  "value": response.status.code,
}
 
print(json.dumps(json_return))

 

 

 

 

 

 

 

 

 

Image Modified

 

Expanding the Returned values

Let's expand this a little bit; we have an expandable JSON format, so let's give ourselves more content and data.

How many headers do we have here?

What is the length of the returned content?

Add these lines below the "value" (line 16 above) to return the response header count and the size of the content.

"header_count": Len(response. headers),

"content_size": len(response.content)

 

Image Modified

Although simple, the above is a perfectly valid example of a Python Scripted Check. It uses Python standard libraries and the 'requests' library, included in the Apica Scripted Check Private Agent installation.

...

Some additional points to the previous steps.

Step

Screenshot

About Adding JSON Return Values

When we simply added some values into the JSON, we could have added any sort of content that you want to include. In the previous case, we added these:

"header_count": len(response.headers),

"content_size": len(response.content)

 

Image Modified

Adding More Values

A very powerful concept that Apica supports with Scripted Checks: Add more fields to add more values.

Let’s capture the headers coming out of our response by creating another field and calling it 'headers.' This is going to be an actual inner JSON object that contains our headers.

Add dict_response.headers and rerun the check. The result shows that we have our header, JSON, inside this field.

Image Modified

Anything that JSON supports is supported in this result format. So you can add lists, inner dictionaries, null values, integers, booleans, etc. to this JSON.

Later, we will show you how to retrieve this information through the ASM API. So anything that you can get from your code, you can get through the ASM API as your check is run.

...

We've uploaded a script into GitHub, we will use the script to create a check in ASM.

Step

Screenshot

Open ASM

Navigate to New Check+

Image Modified

Add Script via Run Python.

The Run Python Scripted Check type icon should be displayed. If you don't have this, you may need to get it unlocked. Please ask your sales team for access because this is a more advanced check, not available for customers by default.

Image Modified

Creating a Run Python Check, Step 1

Enter "New Test Check." Add any description and relevant tags, and then click Next.

Image Modified

Run Python Step 2

Configure this check

  • Resource URL/Github URL

  • Resource Auth Type

  • Resource Auth

  • Resource Path

  • Secondary Resource

  • Script Runner 

  • Script Arguments

  • Location

Info

  • Note that the agent will delete any local files you create after running your script. Any sensitive data written to local files during script execution is deleted at the end of execution.

Image Modified

Resource URL/Github URL: This answers the question, "Where do we find your script?" This could be an HTTP download link, or it can be to your GitHub repository. For this example, go to your repository and copy+paste the URL here, ending with the branch (master/main). Ours is main.

Enter the URL that this script resides at. In this example, it resides in a GitHub Repo at https://github.com/[username]/NewTestRepository/main

Resource Auth Type: This type of resource authorization will be needed, GitHub or HTTP. This example uses GitHub. But if you have your file on an HTTP server, you could use HTTP as the type.

Resource Auth: Resource authorization is required. The authorization header allows you to download resources.

  • It's a basic authorization header when your resource authorization type is HTTP.

    • If you have an HTTP server with no protection, you may do it that way, but Apica does not recommend it because it's not secure.

  • If your auth type is GitHub, this form <USERNAME>:<TOKEN>.

    • Remember, the token is the Personal Access Token that we created back in the first step [it can also be empty if your repository is public].

    • Example if your username is foobar: foobar:ghp_JlvGv7PGTrAzI2LWVIQZDhRthYBBQI1TGl0J

Expand
titleResource Auth Best Practice

To set the Resource Auth, remember that it is a hidden field, so you won't be able to see anything you type here. Apica recommends taking your username as your username without the email domain and then assembling it with the colon and Personal Access Token so you can see it in another location.

For example: if your GitHub username is foobar@gmail.com, your username will be 'foobar,' without @gmail.com.

Then append the colon ':.'

Finally, add the Personal Access Token, and your resource authorization looks like this and is ready to copy into that field:

foobar:ghp_JlvGv7PGTrAzI2LWVIQZDhRthYBBQI1TGl0J

Resource Path: This is the path inside your repository to the scripts you want to run. Our example scripts are just in the base level repository, so enter main.py

Secondary Resource: If your script requires any sort of additional files, you can use this secondary resource to download another file. However, you can also start your script off by downloading the file directly: That way, you can use any sort of security you want to protect it. For example, you could have a secondary resource, like a certificate protected by OAuth: Your script could go through the whole OAuth process and then use the local file.

In this example, the secondary resource will be blank because it is unnecessary.

It is possible to reference subfolders from a base directory using the “Secondary Resource” field. For instance, if your use case requires a “/python/main.py” file and main.py depends on a module defined in /python/modules, you can specify /python, and the check runner will recognize the module because it is able to “search” the /python folder for secondary resources.

For example, if “local_module_sample.py” depends on a subfolder in /python, you can specify the project like so:

Image Modified

Script Runner: Python is pre-selected (as the only choice).

Script Arguments: These will be provided if we enter them on the command lines. Enter http://example.com So, we will pass this argument to our script.

Location: So now let's look at all of our private locations to use this. This example uses the Sweden Stockholm Amazon location. Click Next,

Step 3 Interval, Thresholds & Monitor Groups

In this example, we will be creating a manual check.

Select an interval, if needed, and check the groups you want this check to be a part of.

Click Next.

Image Modified

Confirm your Check

A Confirmation Page will be displayed for you to either go Back to edit it or Create to continue.

If you are satisfied, you click Create to create the check.

Image Modified

Check Created

  • Uncheck Enable Failover (which is checked by default) because we don't want to have that enabled right now, as this is just for demo purposes.

  • Set the max attempts to 1 because we want the check to fail quickly for the test.

  • Click Save.

Apica generally recommends these settings for testing because what can happen is too long with the default behaviors. If Max Attempts remains at three and the Attempt Pause for each attempt is 30 seconds, this means that your test check could wait up to 90 seconds if it's failing. And so these settings don't help when trying just to debug something; it's better to have the information that your check failed from the beginning.

Click the Check Details button in the upper right as we're ready to run our check.

Image ModifiedImage Modified

Check Details Page

The Check Details page has a section called "Status Last 24 Hours," and beneath that will be a "Run Check" icon. Click to run manually.

Image Modified

Check Results

In this example, we set the “Last Value” to the status code by assigning it to the variable “value” in the script.

Image Modified

 

 

Drill down

Drilling into these results, we see the Result value (ms) is 200 because, even though the typical value for a result is the number of milliseconds it took to respond, we specified in our JSON that the value would be the response status code, so the 200 is displayed in its place. The number of Attempts is shown as 1, and beneath the result, code is the JSON that we specified:

Image Modified
Code Block
languagepy
json_return = {
    "returncode": 0,
    "start_time": start_time,
    "end_time": end_time,
    "message": "URL call returned status code: " + str(response.status_code),
    "unit": "ms",
    "value": response.status_code,
    "headed count": len(response.headers),
    "content_size": len(response.content),
    "headers": dict(response.headers)
}

Messaging via JSON

From Returned Value Table View, note the message it says URL call return status code 200. But this is the message that we sent inside of our JSON. So message when you set it will be placed here.

So you can record any data you like, and it will show up here.

Image ModifiedImage Modified

Any metrics data that you want to record, you can keep for any data mining.

...

After creating our new check, using a Python script that we uploaded into GitHub, we know that the script presents the HTTP status code of the URL called as the value of the result in ASM. Next, we will use the ASM API to get information about this check.

 

Step

Screenshot

Open ASM

Navigate to Tools, API

Select a check using the drop-down box

Image Modified

Select the Target check for the API

We've selected the Test Demo check. Beneath that check selection is some example API calls to help you get started quickly.

We've copied the Last Result call pasted it into Postman to run it.

Image Modified

 

Image Modified

Postman Results of Standard API Check Endpoint

Here, via API, is the last value of your check run, 200.

Image Modified

200 is the last status code of the URL. This is nice but is just a raw number without data or context, and there's no JSON used. This could be used just for a small script or something you can pull the last result of your check maybe test it for something.

A better API endpoint is the Checks Generic Check ID Results API endpoint.

Apica API for Generic Results

This API endpoint looks up the results for checks that present a result type of generic. 'Generic' checks mean that they have the expandable JSON result format we saw in Step 5 above.

Image Modified

Generic type Checks: Run Python scripts, Run Javascript, Run Java, and (when released) Run Azure Cloud, Run Lamda, etc.

Postman Results of Generic API Check Endpoint

In Postman, using this API endpoint:

https://api-wpm.apicasystem.com/dev/Checks/generic/43454/results?

auth_ticket=18FFE***-****-****-****-****0DCO

Instead of the earlier (for comparison):

https://api-wpm.apicasystem.com/dev/Checks/49454/lastvalue?auth_ticket=18FFE***-****-****-****-****0DCO

The API documentation for Generic Check shows these capabilities:

  • Set a filter with a range

    • Return the most recent results

    • Return results that occurred in between defined two-millisecond values that, for example, answer the question, "What results came in between 1.2 and 2.3 seconds?"

  • Define a period to query (between two UTC stamps)

  • Return specific results IDs.

This is a POST endpoint:

Image Modified

Note the JSON results returned above. So you may need to use these in some other API call to lookup even more information. In this example, we're just going to use the most recent because that is the simplest and easiest to show.

The Result Object

Note the headers that returned and (not shown in the screen capture) the content size, the header count, etc. All of the information you recorded in your script comes through the API.

Image Modified

What you choose to do next with these metrics is all up to your needs.

  • You could create a script that scrapes this URL every once in a while, looks up to the last hour of results, and parses the JSON for data that you need.

  • You could even create another check that would read this information and then crunch the data to present other results, e.g., the average size of the headers or content length.

  • There is much more, only limited by your use cases.

Review:

  1. We've scripted our check (in this example, Python).

  2. We've uploaded a script to GitHub.

  3. We’ve created our ASM check using a script in a GitHub repository.

  4. We've run our check in ASM and viewed the results.

  5. We've pulled the results for the API, including the custom JSON.

...