PowerShell probe

Xanadu IT Operations Management

Release

xanadu

ft:locale

en-US

ft:publication_title

Xanadu IT Operations Management

ft:clusterId

itom

bundleId

itom

workflow

Technology

PowerShell probe

Release version: Xanadu

Updated August 1, 2024

2 minutes to read

Summarize

Summarized using AI

Summary of PowerShell probe

The PowerShell Probe enables ServiceNow customers to execute PowerShell V2 scripts directly on the MID Server host. These scripts are specified through probe parameters, with the script filename serving as the parameter name. The probe operates by setting PowerShell as the ECC queue topic, allowing integration with ServiceNow’s probe framework.

Show full answer Show less

Key Features

Script Execution: Run PowerShell scripts by defining the script filename as a probe parameter.
Parameter Passing: Supports passing parameters to scripts either as environment variables (default) or optionally on the command line.
Parameter Types: Distinguishes between regular and encrypted parameters using different prefixes (powershellparam for plaintext, powershell for encrypted).
Debugging Support: Enables debug logging and credential troubleshooting output to help diagnose issues during script execution.
Custom Script Compatibility: Requires scripts to retrieve non-Boolean parameters from environment variables prefixed with SNC, ensuring seamless integration with probe parameters.

Practical Use for ServiceNow Customers

To implement the PowerShell Probe, customers specify the target host and the PowerShell script filename as required parameters. Additional script parameters can be passed as environment variables, facilitating secure and flexible script execution. When using encrypted parameters, customers must use the designated prefix to ensure proper decryption by the MID Server.

Custom PowerShell scripts must be adapted to read parameters from environment variables, which requires redefining any non-Boolean Param() inputs as variables that check for corresponding SNC environment variables.

Expected Outcomes

Efficient execution of PowerShell scripts on MID Servers, enabling automation and infrastructure management tasks.
Secure and flexible parameter handling, including support for encrypted credentials.
Enhanced troubleshooting capabilities through optional debug and credential debug outputs.
Improved integration of custom PowerShell scripts within ServiceNow’s ECC queue probe framework.

The PowerShell Probe executes PowerShell V2 scripts on the MID Server host.

PowerShell scripts are defined as probe parameters with the filename as the parameter name. It is available as a Probe probe type by specifying PowerShell as the probe's ECC queue topic.

PowerShell probe parameters


Parameter name	Description
source	[Required] The initial host to connect to. Default: None
<script name>.ps1	[Required] The filename of the PowerShell script to run. Replace <script name> with a valid filename prefix. Default: None
powershell_command_parameter_passing	Specifies whether to pass script parameters on the command line. Regardless of this parameter's value, ServiceNow makes all script parameters on the command line automatically available to PowerShell scripts as environment variables. Default: false
powershell_param_<script parameter name>	Passes additional parameters to the PowerShell script to be executed. Each parameter will appear to the script as an environment variable in the format $env:SNC_<script parameter name>. Parameters with this prefix are not considered encrypted and are passed through to the script untouched. Make sure you select the appropriate parameter between powershell_param_<script parameter name> and powershell_<script parameter name>. Using the wrong prefix results in errors in the PowerShell execution, which is passed back to the instance in the ECC queue input. Default: None
powershell_<script parameter name>	Passes additional parameters to the PowerShell script to be executed. Each parameter will appear to the script as an environment variable in the format $env:SNC_<script parameter name>. The MID Server assumes that any parameter with this prefix is encrypted and attempts to decrypt it. Make sure you select the appropriate parameter between powershell_param_<script parameter name> and powershell_<script parameter name>. Using the wrong prefix results in errors in the PowerShell execution, which is passed back to the instance in the ECC queue input Default: None
debug	Enables debug log output during the probe. Default: false
credentials_debug	Displays a <credentials_debug> section in the ECC queue, which can help you troubleshoot credentials. If you set this property to true, credential troubleshooting information is output to the ECC queue, even if the credentials succeed. Default: false

Scripting requirements

Any custom PowerShell scripts must use environment variables to pass any non-Boolean command line parameter. Replace non-Boolean parameters in the Param() portion of the script with script variables of the same name. Define the script variable as part of the environment with an SNC_ prefix. So a string parameter such as this:

Param([string]$paramName)

Becomes a script variable such as the following:

if(test-path env:\SNC_paramName) {
    $paramName = $env:SNC_paramName
}

For example, this parameter definition from the PSScript.ps1 script contains several string parameters that need to be redefined as script variables:

Param([string]$computer, [string]$script, [string]$user, [string]$password, [boolean]$useCred, [boolean]$isDiscovery, [boolean]$debug)

Defining the non-Boolean parameters as script variables would result in this type of script:

Param([boolean]$useCred, [boolean]$isDiscovery, [boolean]$debug)
 
# Copy the environment variables to the params
if(test-path env:\SNC_computer) {
  $computer=$env:SNC_computer
}
 
if(test-path env:\SNC_script) {
  $script=$env:SNC_script
}
 
if(test-path env:\SNC_user) {
  $user=$env:SNC_user
  $password=$env:SNC_password
}