SCOM 2012 ACS: Powershell Collector (automatic) failover script

Standard

Last week I was installing a SCOM 2012 R2 environment with Audit Collection Services. Audit Collection Services is one of the additional functionalities of SCOM 2012 R2. ACS uses one or more Management Servers for the collector role. This role will collect all security logs from the agents. The challenge with the collector role is about the high availability of this role.

Continue reading

SCOM 2012: ACS Alert on logons at Servers

Standard

This week I received a nice question when working on a ACS project. The question was to get an alert when an interactive logon event occurs on a group of servers.

With this question the following requirements were asked:

  • The alert should only be sent if the user account is member of an Active Directory group;
  • The alert should only be generated for servers is which are member of a specific OU;
  • The alert should be logged almost real-time. Continue reading