SCOM 2012: Process Monitoring on Session Hosted Servers


This week I received a question about process monitoring. The question was about monitoring CPU and Memory usage of processes on RDS or Citrix XenApp Session Host servers. Process monitoring is one of the standard capabilities so I started with configuring process monitoring through the template which you can find in the Authoring section. But the results were not what I wanted to see. Check this blog to see why!

Continue reading

SCOM 2012: ACS Security Log Retention Monitor (Update)


A couple of weeks ago I released a Management Pack with a Security Log retention monitor. This monitor uses PowerShell to determine the retention of the security log. This is important in ACS implementations and therefore you want to monitor this. Unfortunately I discovered some performance issues with the monitor so I changed the monitor to resolve these problems for Windows 2008 and later systems. Continue reading

SCOM: Windows Operating System MP’s Updated to version 6.0.7292.0


Just a short blogpost to mention that the Windows Server Operating System Management Packs are updated to 6.0.7292.0. Based on the Management Pack documentation the following fixes are included:

  • Mount point Names have been changed from GUIDs to a friendly drive letter name
  • Fixed performance collection workflows that were failing for some mount points
  • Fix was made to include Mount points without a drive letter name

I imported these management packs in my test environment and the new Management Packs are working without any errors. As Always read first the management Pack documentations and then apply the pack to your OpsMgr environment. It’s preferred to do this first in your test environment and when everything works without errors you could update them in your production environment.

You can download the updated packs here.

SCOM 2012: ACS Alert on logons at Servers


This week I received a nice question when working on a ACS project. The question was to get an alert when an interactive logon event occurs on a group of servers.

With this question the following requirements were asked:

  • The alert should only be sent if the user account is member of an Active Directory group;
  • The alert should only be generated for servers is which are member of a specific OU;
  • The alert should be logged almost real-time. Continue reading