AnsweredAssumed Answered

Automic: PowerShell Scripts at Scale

Question asked by Brandon_Humphrey_10489 on Mar 6, 2018
Latest reply on Mar 7, 2018 by Carsten_Schmitz
Excuse the long post. I'll start with a summary of my questions:

1. If I wanted to have a standard, DB query-able way of defining inputs, outputs, and dependencies for a specific Automic job AND I wanted to be able to use those attributes when the job was being called (for something like the location of an error log), would variables be the best way to accomplish that? If not, any recommendations?
2. How would I run a PowerShell script and use a job variable as one of the parameters on that script (such as Get-TestScript -AutomicLogFile %TRANSCRIPTLOG%). Where %TRANSCRIPTLOG% is a variable on the job with a path to the log file.
3. Are notifications able to use job variables to populate the details required for the notification (i.e. smtp address(es), subject, message, attachments)
4. If a job return code is not 0, can we make a REST API call to send job failure details to our application that manages on-call schedules?

At my company, we frequently use Automic to run PowerShell scripts, unfortunately, I don't think we do it well, at scale. At a certain point, it became an operational nightmare to make a change to a server that represents some type of input, output, or dependency for a job in Automic because we'd have to go back and make sure we understand which jobs/scripts were going to be impacted by that change and whether or not the job, script, etc. needed to be modified to account for that change; then we'd have to test.

If I have a script that requires that a certain PowerShell module exists on the agent server, I could run something like (Get-WindowsFeature -Name RSAT-AD-PowerShell).InstallState and if that returned something other than 'Installed' the dependency isn't met. Another example might be that the SCCM PShell Module needs to be loaded or Outlook 2016 needs to be installed, etc.

Let's say I have a .txt file that my PowerShell script 'consumes' for a list of Active Directory groups to query certain information for and that .txt file is at c:\automic\pshellInput.txt. If the directory c:\automic was changed (let's say NTFS permissions), then I'd need to know that the NTFS permissions change might impact this job. Another example might be .xml files, files that were FTP'd from another job, etc.

Let's say I have a script that FTPs a file to a specific server called Server1 and now Server1 is being retired and the new server will be called Server2. This change would impact this job. Another example might be a transcript log or an error log that is output from the script.

If I have a job and I create variables on that job called Input@1, Input@x..., Output@1, Output@x..., and Dependency@1, Dependency@x... From there, I could run a DB query on any variable matching 'Input' like 'c:\automic' with agent Server1 and know that those jobs would be impacted by a change to the c:\automic directory on Server1. The same would be true for outputs and dependencies. Would that be the recommended way of accomplishing something like this?

On that same token, if my process tab has the following:
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command "Import-Module -Name 'C:\automic\script.ps1' ; Get-TestScript -Verbose -AutomicLogFile %TRANSCRIPTLOG% -AutomicErrorLog %ERRORLOG%" 

Would I be able to use a variable from the job to also define the location of the transcriptLog and the errorLog?

On that same token, would I be able to setup an alert that attached the transcriptLog and the errorLog. So, I could have my script 'exit 1' or something other than 0, which could trigger a notification and then tell a generic notification to reference structured documentation for the distribution list, subject, and message of an email and then attach files from the variables on that job?

Lastly, is there a way to make an API call to a different application if a job doesn't exit 0? For instance, if I wanted to use a REST API call to notify our on call tech for a certain job failing and attach files, job failure details, etc.