Icinga rest api

I have a powershell script, that remove downtimes. Now I want to change this script to get some Informations from the Icinga Server. But I get a error. Can someone help me to get some Information from hosts or services?

This is the part of the scipt:


> # This is the part that works with downtimes
> # $icinga_uri = "https://"+$icinga_host+":5665/v1/actions/remove-downtime";
> #This I is the change to get host Informations
> $icinga_uri = "https://"+$icinga_host+":5665/v1/objects/hosts";
> [securestring]$icinga_pass = ConvertTo-SecureString $icinga_apipass -AsPlainText -Force
>  
> [pscredential]$auth = New-Object System.Management.Automation.PSCredential($icinga_user,$icinga_pass)
>  
> $body = @{
>   "type"="Host"
>   "filter" = 'host.name=="'+$hname+'"'
> }
>  
> $headers = @{
>   "Accept"  = "application/json"
> }
>  
> #This is the part that works with downtimes
> #Invoke-WebRequest -Method POST -Uri $icinga_uri -Body ($body|ConvertTo-Json) -Headers $headers -Credential $auth -ContentType "application/json" -UseBasicParsing
> #Invoke-RestMethod -Method POST -Uri $icinga_uri -Body ($body|ConvertTo-Json) -Headers $headers -Credential $auth -ContentType "application/json" -UseBasicParsing 
> 
> #This is my change to get something about a host
>  Invoke-RestMethod -Method GET -Uri $icinga_uri -Body ($body|ConvertTo-Json) -Headers $headers -Credential $auth -ContentType "application/json" -UseBasicParsing

I prefere Invoke-WebRequest because strangly icinga2 api returns more data

add-type @"
    using System.Net;
    using System.Security.Cryptography.X509Certificates;
    public class TrustAllCertsPolicy : ICertificatePolicy {
        public bool CheckValidationResult(
            ServicePoint srvPoint, X509Certificate certificate,
            WebRequest request, int certificateProblem) {
            return true;
        }
    }
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy


$icinga_host="xxxxxx"

$icinga_uri = "https://"+$icinga_host+":5665/v1/objects/hosts";
$icinga_user = "xxxx"
[securestring]$icinga_pass = ConvertTo-SecureString "xxxxxxxxx" -AsPlainText -Force
 
[pscredential]$auth = New-Object System.Management.Automation.PSCredential($icinga_user,$icinga_pass)
$hname = "LAPTOP-xxxxxxx"
$body = @{
   type="Host"
   filter = 'host.name=="'+$hname+'"'
}
  
$headers = @{
   Accept  = "application/json"
}


$page= Invoke-WebRequest -Method GET -Uri $icinga_uri -Body $body -Headers $headers -Credential $auth -ContentType "application/json" -UseBasicParsing


$page.content

With your script I get the same error:
grafik

I think I have a error with the uri oder the body. If I chage the $icinga uri to:
$icinga_uri = "https://"+$icinga_host+":5665/v1/actions/remove-downtime";

and the Invoke-Webrequest to:
Invoke-WebRequest -Method POST -Uri $icinga_uri -Body ($body|ConvertTo-Json) -Headers $headers -Credential $auth -ContentType "application/json" -UseBasicParsing

the script works.

I dont’t know how I can get Information from the hosts or services.

I executed the script again and mine works (hostname and password adapted).

does your user have permissions to query hosts? Which powershell version do you use?

I think that is enough
grafik

grafik

I have found this script that works:

# Workaround for self signed certificates
# https://stackoverflow.com/questions/36456104/invoke-restmethod-ignore-self-signed-certs
if (-not("dummy" -as [type])) {
    add-type -TypeDefinition @"
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
 
public static class Dummy {
    public static bool ReturnTrue(object sender,
        X509Certificate certificate,
        X509Chain chain,
        SslPolicyErrors sslPolicyErrors) { return true; }
 
    public static RemoteCertificateValidationCallback GetDelegate() {
        return new RemoteCertificateValidationCallback(Dummy.ReturnTrue);
    }
}
"@
}
 
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = [dummy]::GetDelegate()
 
 
$icingaApiUser = "icinga-user"
$icingaApiPassword = "icingaapi-password"
$uri = '"https://server.doamin:5665/v1/objects/hosts"'
 
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $icingaApiUser, $icingaApiPassword)))
$httpAuthInfo = "Basic $base64AuthInfo"
$httpAcceptInfo = "application/json"
 
$httpHeader = @{
    "Authorization" = $httpAuthInfo
    "Accept" = $httpAcceptInfo
}
 
$result = Invoke-RestMethod -Headers $httpHeader -Uri $uri -Method "GET" -ContentType "application/json"
 
foreach ($h in $result.results) {
    Write-Host $h.name
}

But I don’t know why I can set a downtime with my own script a downtime but not get Information. And my script with the downtime works without the part with the selfsigned certificats:

# Workaround for self signed certificates
# https://stackoverflow.com/questions/36456104/invoke-restmethod-ignore-self-signed-certs
if (-not("dummy" -as [type])) {
    add-type -TypeDefinition @"
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
 
public static class Dummy {
    public static bool ReturnTrue(object sender,
        X509Certificate certificate,
        X509Chain chain,
        SslPolicyErrors sslPolicyErrors) { return true; }
 
    public static RemoteCertificateValidationCallback GetDelegate() {
        return new RemoteCertificateValidationCallback(Dummy.ReturnTrue);
    }
}
"@
}