Docs » Splunk On-Call integrations » PRTG integration for Splunk On-Call

PRTG integration for Splunk On-Call 🔗

PRTG Network Monitor is a server up-time and utilization, network monitoring, and bandwidth usage software package for server infrastructure. It can monitor and classify bandwidth usage in a network using SNMP, packet sniffing, and Netflow. The following guide walks you through installing and configuring this integration.

In Splunk On-Call 🔗

From the Splunk On-Call web portal, select Integrations.

From the list of integrations options, select the PRTG (webhook) integration option.

On the resulting page, copy the Service API Endpoint to the clipboard. Be sure to replace the “$routing_key” part of this endpoint with the actual routing key you intend to use.

In PRTG Network Monitor 🔗

On your server, navigate to C:\Program Files (x86)\PRTG Network Monitor\Notifications\EXE and create a file named prtgtovictorops.ps1. In the file, paste the following code and save the updated file.

Param( [string]\ :math:`API\_URL,  \[string\]`\ MessageType,
[string]\ :math:`SiteName,  \[string\]`\ Device,
[string]\ :math:`DeviceId,  \[string\]`\ Name,
[string]\ :math:`Status,  \[string\]`\ Down,
[string]\ :math:`DateTime,  \[string\]`\ LinkDevice, [string]$Message )

Add-Type -AssemblyName System.Web.Extensions function ConvertTo-Json
([Object] $value) {
[System.Web.Script.Serialization.JavaScriptSerializer] $jsSerializer =
New-Object ‘System.Web.Script.Serialization.JavaScriptSerializer'
:math:`jsSerializer.Serialize(`\ value) }

function setMessageType ([string]
:math:`inputString) {  If (`\ inputString -like “Up\*”) { return
‘recovery' } elseif
(:math:`inputString -like "Down\*")  {  return 'critical'  }  elseif (`\ inputString
-like “Warning\*”) { return ‘warning' } else { return ‘info' } }

:math:`postVOAlert = ConvertTo-Json(@{ message\_type = SetMessageType(`\ Status);
entity_id = $DeviceId; entity_display_name = $Device; monitoring_tool =
“PRTG”; site_name =
:math:`SiteName; link\_device = "<`\ (:math:`LinkDevice)|`\ ($Device)
:math:`(`\ Name)>“; status =”\ :math:`(`\ Status) :math:`(`\ Down) on
:math:`(`\ DateTime)“; state_message = $Message; })

[Net.ServicePointManager]::SecurityProtocol =
[Net.SecurityProtocolType]::Tls12 $postVOAlert \| Out-File -FilePath
vo.log

[System.Net.WebClient] $webclient = New-Object ‘System.Net.WebClient'
$webclient.Headers.Add(“Content-Type”,“application/json”)
:math:`webclient.UploadData(`\ API_URL,
[System.Text.Encoding]::UTF8.GetBytes($postVOAlert)) \| Out-File
-FilePath vo.log -Append

From your server’s desktop, open PRTG Enterprise Console.

The PRTG Enterprise Console desktop icon.

In the PRTG Enterprise Console, select the Setup tab.

The

Select Notifications under “Account Settings”.

The

Select Add new notification.

A blue button stating

Enter “Splunk On-Call Notification” in the “Notification Name” field, then select Always notify ASAP, never summarize for “Method”.

A notification name and summary option.

Scroll down, then select EXECUTE PROGRAM.

An empty check box stating

Select Prtgtovictorops.ps1 from the “Program File” dropdown menu, then paste the following into the “Parameter” field replacing URL_to_notify with your “URL to notify” from the “In Splunk On-Call” section.

-API_URL 'URL_to_notify' -SiteName '%sitename' -Device '%device'
-DeviceId '%deviceid' -Name '%name' -Status '%status' -Down '%down'
-DateTime '%datetime' -LinkDevice '%linkdevice' -Message '%message'
The fields of

Enter the credentials for the Windows administrator that originally installed PRTG, then select Save.

An arrow points to a blue button stating

Select the Test link next to “VictorOps Notification”.

An arrow points to a blue button next to the VictorOps Notification stating

Select OK in “Notification Test Results”.

A gray button stating

An alert appears in your Splunk On-Call timeline.

Select the Devices tab.

The

Select the parent PRTG server connection.

The root PRTG server connection, labelled

Select the Notifications tab.

The

Select Add State Trigger.

The Notifications menu. An arrow points to a blue button stating

In this example, the trigger uses the “Warning” sensor state. You can modify these settings or create other triggers for when sensors are “Down” for example, make sure to select VictorOps Notification from the three dropdown menus after “perform”, then select Save.

Settings for the alert triggers. You can toggle various fields in this menu. An arrow points to a blue button stating

You have now completed setting up this integration.

Simulate an Alert 🔗

You can verify the integration by navigating to one of your sensors, selecting one, and selecting “simulate error status”. This creates through to Splunk On-Call.

Troubleshooting 🔗

Make sure you have the latest version of Powershell running in your PRTG environment for the integration script to work best. You can check which version of Powershell you currently have by running the following command line:

$PSVersionTable.PSVersion

If you have any questions, contact Splunk On-Call support .

This page was last updated on Aug 05, 2024.