SCOM 2012: ACS Security Log Retention Monitor (Update)

Standard

A couple of weeks ago I released a Management Pack with a Security Log retention monitor. This monitor uses PowerShell to determine the retention of the security log. This is important in ACS implementations and therefore you want to monitor this. Unfortunately I discovered some performance issues with the monitor so I changed the monitor to resolve these problems for Windows 2008 and later systems. Continue reading

SCOM 2012: ACS Forwarder Security Log Retention Monitor

Standard

In an OpsMgr Audit Collection Services implementation the local security logs on the forwarders are the queue when the collector is not available. So the retention time of the Security Log is a very important, but out-of-the-box not monitored by OpsMgr. Today I decided to create a PowerShell monitor which monitors the retention time of the security event log. This PowerShell monitor uses the following script to define the retention of the Security event log of an ACS forwarder.

Continue reading

SCOM 2012: Get all computers with a specific alert (PowerShell)

Standard

Yesterday I received a question about: ‘Can you give me all unique computers with the following active alert’. My answer was ‘Yes, I Can!’. My first idea was to solve this with a PowerShell script and here it is. A short script of 2 lines which gives you all unique agents with the alert: ‘Workflow Initialization: Failed to start a workflow that runs a process or script’.

Import-Module OperationsManager
New-SCOMManagementGroupConnection -Computername "<<MGMT_SRV>>"

#Get all alerts complaining about missing credentials "System Center Management Health Service Credentials Not Found Alert Message"
$hosts = Get-SCOMAlert | Where-Object {$_.Name -eq "Workflow Initialization: Failed to start a workflow that runs a process or script" -and $_.ResolutionState -ne '255'} | Select PrincipalName
$hosts.GetEnumerator() | Sort-Object -Property PrincipalName -Unique

Before you can use this script in your environment you have to change the string: <<MGMT_SRV>> and probably the name of the alert. The string <<MGMT_SRV>> needs to be replaced with one of your SCOM management servers.

Have fun!

 

SCOM 2012 ACS: Powershell Collector (automatic) failover script

Standard

Last week I was installing a SCOM 2012 R2 environment with Audit Collection Services. Audit Collection Services is one of the additional functionalities of SCOM 2012 R2. ACS uses one or more Management Servers for the collector role. This role will collect all security logs from the agents. The challenge with the collector role is about the high availability of this role.

Continue reading

SCOM 2012 Network Monitoring: Rename Network Adapter

Standard

Everyone who has implemented SCOM 2012 Network Monitoring will be satisfied with the improvements with respect to SCOM 2007. More and more devices can be deeply monitored with SCOM 2012. One of the downsides at this moment is the naming of the Network Adapters. The name inside SCOM does not always reflect the name on the switch. See the following example:

image

Continue reading

SCOM 2012 Export Overrides Powershell Script

Standard

Today I was looking for a PowerShell script which can export all overrides based of a specific Management Pack. I found a script of Daniele Muscetta and Pete Zerger from SystemCenterCentral. This script did not worked out of the box on SCOM 2012 so I fixed that and added ‘HTML’ as output option. So with my addition it can be used on SCOM 2012 environments and the output can be a csv or html file.

Continue reading

SCOM 2012: Powershell Maintenance Mode Script

Standard

Putting hosts in Maintenance mode through the SCOM console is not the fasted way when you have more than 1 host on which you want to activate Maintenance Mode and when the host is also part of a cluster it’s not enough to only add a maintenance window for that host. You will still receive cluster alerts from the cluster on where the host resides. So today I created the first version of  my own Maintenance Mode script. The script has the following functionality: Continue reading

Hiding the task sequence progress dialog box

Standard

Last week I had a script which generated popup during my task sequence. This popup was visible behind the task sequence progress window. I searched for a solution to hide the task sequence progress window and found a post from Michael Niehaus on the TechNet blogs. The link to the original post is:

http://blogs.technet.com/b/mniehaus/archive/2010/03/26/hiding-and-showing-the-task-sequence-progress-dialog-box.aspx.

Continue reading