On the subject of spending money wisely

SCOM, System Center, SCOM Tricks, SCOM 2012 Send feedback »

I wish to direct your attention to a blog post made by my friend and fellow System Center MVP Tao Yang. He is talking about community efforts and contributions and on how some of them get turned into commercial products. If you are working with SCOM for instance you will find many management packs and scripts and solutions and thoughts right from the community. You will also find some great paid solutions written by serious software vendors who add value. There are also cases where both options are available and this is a point where you have to think on how to spend your time and money wisely. (By the way a great way is supporting a dog charity, look to the right of this post!). Power to the community. Please read his blog post:

http://blog.tyang.org/2015/08/07/spend-your-money-wisely/

Regards, Bob Cornelissen

SCOM monitoring multiple services running under one account or similar names

SCOM, System Center, SCOM Tricks, SCOM 2012 Send feedback »

Recently I received a request to be able to monitor all Windows Services running under a specific user account (service account) one certain machines, and to bring them together in a overview. I will show you how I did this.

This blog post will show you a complete way to monitor a list of services running using the same account.
I will show you at the bottom of the post how to monitor a list of services with a similar name (which is just a few words different from this whole story).

First of all we have of course multiple ways to monitor services as I have explained in a blog post series about the subject: SCOM - Monitoring a Service - Part 1 intro. However all of this is geared towards monitoring a single service on a single machine or a group of machines for instance.

But sometimes I get requests to:

  • Monitor multiple services with somewhat similar names (for instance "System Center *").
  • Monitor multiple services running under a certain account.
  • Alert if any service on any server is running using a certain account (which they dont want).

The first item has been blogged about years ago. The second one is what I was asked to do in this case, so I will pick that one up first. And the last one is something we did in a completely diffeent manner and I might blog about that as well later if you like that (the question was actually not nonly for Windows Services, but also for Windows Scheduled Tasks). I will get back to that in a minute.

The next thing is to bring these items for the first two bullets together in a dashboard or console. As example in the case I ran into at a certain customer the easy way would be to open up a Savision Live Map and add them through an automatic population rule. That way they are of course added to a group and are visible and have a rollup, all happy. In this case we were limited in the amount of maps we could use. So a next likely alternative is to create a distributed application (DA) in SCOM. From there we can add the found services into the DA's. Problem is this does not populate automatically by default. But we can change that behavior to enable automatic population of items on a DA. Think it is best to put that in a separate post how to do that. But the idea was to: find these services + monitor them + put them in a DA + automatically. So also if a service gets added which uses the same criteria it should automatically be brought into monitoring and should be added to the DA! And in his specific case we added the resulting DA's as items on an existing Live Map dashboard.

You know what, I can blog about all these things :p B) These kind of workarounds are not always easy to find, and sometimes it is an adjustment of what has been described by one or two people before.

Lets start

We need to have a discovery and monitoring of Windows Services running on a certain machine, for all services which are using the same service account. And we also wanted to do this for both Automatic and Manual services.
Now we need to create a similar use case to do this blog post with. Lets go and find all Windows Services on the SCOM management server using the SDK service account (On my test machine im running a few services with that account to make it easy for me).
I will write this down mostly step by step and expect a little knowledge on how to do stuff in the SCOM Console and there will be XML editting involved, but still no crazy stuff. :crazy:

Let's do this! :))

I am going to use a method posted about by Brian Wren wayyyyy back in 2008 for using wildcards with the Windows Service template, and adjust it to my needs. By the way the method in the post mentioned is the way to monitor multiple services with a similar name and a wildcard, using the same template as we use below. Lucky we can keep using the same methods as before and even modify them for other similar needs!

I want to have a new fresh management pack, and I want to have a group of servers to target this service monitoring to. So I start with creating a New Group in SCOM and meanwhile when it asks me where I want to save it I will have it create a New Management Pack for me.

The name is easy to recognize and I am using a versioning format as 1.year.month.anumber. This way with the year and month placed there when I create updates to a pack it is always a higher version than the last time I editted it (if it is in the same month I just move the last digit up a version number). Just one of the things I use for a versioning strategy.

And now we have a group in the same management pack. From this point I walk through the wizard for the group and just add the SCOM Management server to it. So this is my group of servers where I want to monitor the services on.

Moving on, now we will go to the Authoring pane in the SCOM console.

In the Authoring pane find the Management pack templates -> Windows Service. Click the Add Monitoring Wizard. Select Windows Service to start the correct wizard.

Enter a name and description and of course place this in the newly created management pack.

Now on the Service Details page we enter a temporary service name. We will change this later, but we need to have something we can find back quickly enough. So I entered test123 as service name. Next we select the targeted group, which is the group we created earlier and contains the application servers. Because we want to monitor these services both when they are in automatic state and manual startup state we de-select the checkbox at "Monitor only automatic service". I am not that interested in performance data for each service so I just walk through the rest of the wizard in a Next Next Next Finish kind of way.

So now we have a service monitor created in the new management pack and targetted at a group of servers.

Now go to the SCOM Admin pane and go to the Management Packs list. Find this management pack and export it to for instance the desktop.

First we need to do something else before we start editting the code within the exported XML of the management pack.

Now the default Windows Service monitoring template uses a different method to find the specific service (discover it!) than we would use to collect several services in one query. FOr this we want to use WMI to query windows for all the services we are interested in and put that in the Discovery item in the management pack we just created. For this to work of course we first need to find the correct WMI query and test if this gives us the desired result. For this we can use a tool already installed on your machine.

Go to the server where there are these different services running using the same service account. Open a command prompt. Type wbemtest and press enter.

Press the Connect button, make sure it says "root\cimv2" near the top and press Connect button again.

We should now be connected and all the buttons enabled. Find the Query button and click it.

Now the trick is to make the right query to get your data returned to you. In my case I had to search a little bit. Also because I wanted to have the extra filter not only for account name but also wanting to see manual and automatically starting services.

select * from win32_service where (Startname like '%sdk%') AND (Startmode != 'Disabled')

I came up with that query. So what does it do. Well it requests the list of windows services and filters it (where) to find any service with a Startname containing sdk. The percent % signs around it are the wildcards. In WMI they use a percent sign as wildcard and not the star. And I added a second filter where I filtered out all disabled services. That should give me what I want. Lets run the query by clicking the Apply button.

Alright. These are the internal names for the services and indeed there are two SCOM related services and 3 SQL related services which are running with an account with "sdk" in the name somewhere. So after some playing and trying to find how to write WMI queries we finally have a query which will return what we want. Now please copy the query somewhere, so we can use this later.

Now the management pack Authoring part! We will now edit the XML of the management pack we saved earlier. You can do this in any editor and even in Notepad, but I suggest to use at least an editor with some code highlighting. For instance I use Notepad++ for this.
And of course I found out that I did not have it installed on this test server, so I downloaded it (free !) and installed it.

Open up the XML file in the preferred tekst editor. We want to find the Discovery for our custom service we created. So find "test123" and you will have found the discovery.
This looks like a lot of stuff and to some it is not Always too clear what it all means, but stay with me. I will highlight the pieces of code within this block we want to change:

I am sorry to report that this blogging software messes up the XML code blocks and the codeblock option makes it unreadable. So I put the whole thing in MS Word and made two screenshots of the whole discovery. The red parts of the code is what we are looking for (in three places).


We are going to replace the first red part with:


(I left the Frequency tag in there so you recognize it).

The next red piece was where it said: 'BinaryPathName'
We replace that by: 'PathName'

And the third red piece was for the DisplayName and in my case it said: SDK Services
We will replace that by: $Data/Property[@Name='Name']$

Next I scroll to the top of the code and find the version number and give the last digit a higher number:

Now I found out that the template can also make a strange management pack reference. We are using discovery modules living in the Windows Library and the reference has an alias. We need to change something to make this work. Go to near the top of the management pack code (first 30 lines or so) and you will see a list of references. Look for the one listing the Microsoft.Windows.Library as such:

See the here purple colors alias? We need to copy that alias name (so everyting between the quotes and not including those quotes). Next go to the first block of tekst you replaced.

Now the bit where I put the red line under is a reference, we can recognize it by the ! exclamation mark ! Now replace the part before the exclamation mark (windows) with the alias you had in your reference.


Now it should look like the above, and referencing the reference alias you found in your code.

Next I save the file using the exact same name (do not rename management pack files!). And I go to SCOM Admin pane - Management Packs and I import this management pack from disk.

Now in the SCOM Console go to the Monitoring pane. On the left hand side scroll all the way down until you find "Windows Service and Process Monitoring" and go to the state view called "Windows Service State". Within minute I saw these 5 services appear and a few minutes later they were in a monitored state as well. The two at the top just happened to be in there already.

Alright, there we have it! We are now monitoring all windows services - running under a service account with sdk in the name of the account - for both automatic and manual start services - on all machines in a custom group we created.

How to monitor multiple services with a similar name in SCOM

Alright as promissed how to monitor a group of services with a similar display name, such as this example:

You see the group of Jalasoft services there. I want to find all of them and monitor them all. Well you have seen that we can use wbemtest tool to create a WMI query to get that data. In this case we will filter on the name (this is the displayname as you see it in the screenshot above).

select * from win32_service where (name like '%Jalasoft%')

There is our string and the result while querying WMI for this. Exactly what we want.

Well in the story above we know where the query ended up, so we can just insert this WMI query in the same place to have it monitor all services with Jalasoft in the name.

In this case I want to add this monitoring set to the existing pack I created above. So in short the order of actions:

  • Create a Service monitoring template entry and name it Jalasoft Services.
  • Store it in the Custom Appllication Monitoring management pack.
  • Complete the wizard and put in a recognizable name in the what service to monitor field.
  • Export the management pack
  • Verify through wbemtest that our WMI query gives the desired result and copy the correct query
  • Open up the exported management pack in an XML editor or text editor and find the discovery relating to this in the way shown above and replace the three blocks of code for the three new ones and of course insert the right WMI query.
  • Find the management pack reference Alias pointing to Microsoft.Windows.Library and replace the reference in the new code block for that one.
  • Raise the number of the management pack version and save the management pack.
  • Import the management pack
  • Inspect the results in the monitoring pane

And there we go:

A group of services with something similar in the name, running on a group of servers we defined. Any service with similar name being added to this group of machines will get picked up within a few minutes and be monitored.

Initial Conclusion

SO now we have had the story on how to add either a group of services with a similar name or running under a similar account.
Brian Wren's post was all we need to cover the second example and also put us on the right path for the first example. I just thought it was time to blog about this in an extensive post to show how this is done and what things we can run into. Also using the SCOM 2012 R2 interface of course and showing the wbemtest interface.

Next on the agenda:

Well I said in the beginning that I wanted these objects placed in a distributed application in SCOM and have it pull in these services automatically. So I will create a simple Distributed Application and I will add all Jalasoft services to it.

Of course this will be in my next post coming very soon!

Bob Cornelissen

Experiences implementing the Veeam management pack with monitoring groups

SCOM, System Center, SCOM Tricks, SCOM 2012 Send feedback »

It has been a while since I wrote about Veeam and their management pack for monitoring VMware products (did you know they also added Hyper-V to that now?). Lately I got a chance to install this pack in a reasonable size environment, so this is a good chance to write more about the product and what it can do for us.

Situation sketch

This environment has two VMware infrastructures. One for the servers based on 60+ hosts and one for the VDI desktops environment also roughly based on 60+ hosts. This situation also requires that we have different monitoring for each environment, because we are not really interested in VDI desktops which get destroyed and rebuilt every day. But in the server infra we are interested in the guests as those are the ones we also monitor with SCOM agents. I will discuss as well how this was achieved, because Veeam has a way of doing this which not every organization will use, but it is very useful in the scenario we are dealing with.

Design

When designing your Veeam-SCOM monitoring infrastructure there are a few things to keep in mind which affected our design in this scenario.

  • Numbers. A bit of an open door, but the amounts of hosts/datastores/VM’s you monitor has an effect on the sizing of your Veeam Collectors. Deciding whether or not to monitor VM’s makes a big difference.
  • Wanting two separate methods of monitoring for the two environments is best done with the use of Monitoring Groups. It is a feature included in the Enterprise Plus license of Veeam and gives possibility to create in our case two Monitoring Groups. Each with their own collection policy (one not interested in collecting VM information for instance).
  • A Collector can only be a member of one Monitoring Group.
  • High Availability, even though a collector might be able to handle the load it might be desired to have an additional collector in each monitoring group for high availability purposes and during normal situations a way to spread the load.

One good piece of advice is to download the resource kit and use it. It has an excel sheet in it which is a calculator for the estimated number of collectors you need for a certain environment!

By the way you will find that a collector can handle a very nice load. The stability of this platform has been strengthened throughout the years (And I have been stress testing previous versions of the pack for years in some big environments just to see when it would break down under the load and give the feedback to the developers).

In our case we went with 3 collectors for the server VMware environment and for 2 collectors for the VDI environment. Because we were not interested in the VDI VM’s this was enough to also provide high availability for the collectors within the monitoring groups.

Monitoring Groups

Because not many are using the monitoring groups feature I will show you what it looks like.

Veeam Monitoring Groups

This picture shows on the left hand side the monitoring groups. The top one is the default and the other two were created manually. The example shows the VDI monitoring group with 2 collectors and some stats. In the middle of the picture there are two important things we adjusted as a start. First of all to change the collection interval from the default 5 minutes to 10 minutes (this basically gives a bit less data flow simply because it collects for instance performance data less frequently). The second important setting is setting the Collect VM Data to false for this monitoring group. With thousands of VDI VMs this makes quite a difference.

If you open the monitoring group collector settings you see first of all the possibility to stop the inheritance from the settings of the top level to flow down to this monitoring group. Next we set the EnableVMDiscovery option to False to stop the discovery of VMs and their data from going towards SCOM.

Something else to note in these settings is the CollectionInterval which in this case we set to 10 minutes. And as an example the DataStoreScanInterval that is set to a number, which is actually a multiplier for the CollectionInterval. So when I changed the CollectionInterval from 5 minutes to 10 minutes, also other collections which happen less often are dependent on this setting. In this case the Datastores will be scanned every 12x10 minutes, so every 2 hours instead of every 1 hour. Keep in mind that when tinkering with the collector settings there might be multiple things happening in the background. In case you want to play with the default settings make sure you read up on what these settings do. Veeam MP is very well documented from design to install to adjusting to monitoring.

Now, when starting out with the installation and connecting the collectors to the VCenter servers we deliberately set the collection interval to 10 minutes and also the VM discovery to disabled on both monitoring groups. We figured the amount of data coming in from only the hosts, VCenter, clusters, datastores and hardware and so on and the resulting alerts from that would be enough to start with in the first few days. This was a good decision as there was enough to start with all these layers without already putting the VMs layer on top of it. For larger environments I think it is useful to phase in the deployment this way to give opportunity to do tuning and tweaking and discuss the resulting alerts and views with the operators. It also gives you opportunity to check on the performance and dataflow of the collectors and their agents and the SCOM infrastructure. Check also for most common alerts and health state changes and the amount of performance data coming in and see if this suits your needs. After that continue to the next phase and bring in more monitored stuff.

Hope this was useful to show a case where monitoring groups within the Veeam Management Pack can be used and why. Actually I wrote this post a while back and did not get to posting it until now. Meanwhile we have done a lot of tuning and dashboarding for instance.
Bob Cornelissen

Free SCOM MP Authoring University opportunity

SCOM, System Center, SCOM Tricks, SCOM 2012 Send feedback »

Our friends at Infront Consulting Group are organizing another great set of sessions on SCOM MP Authoring. Watch below for an announcement and registration information. The event is capped to 100 attendees for get there on time:

Silect Software and Infront Consulting are hosting a FREE MP University on August 12th. Registration is capped at 100 people so we wanted to ask you to spread the word to your many followers. Brian Wren and Kevin Holman will both be presenting.

Jump to the registration at This Link

A big thank you to Infront Consulting and Silect Software for organizing this and for the presenters such as Brian Wren and Kevin Holman for being there! B)

Microsoft acquires BlueStripe

SCOM, System Center, SCOM Tricks, SCOM 2012 Send feedback »

I am sure many of you know about BlueStripe solutions and how they connect to SCOM for application discovery and so on. Today we hear that Microsoft has aquired BlueStripe. I think this is a very good move indeed! Read the announcement here:

http://blogs.microsoft.com/blog/2015/06/10/microsoft-acquires-bluestripe-to-help-customers-improve-application-visibility-and-management-across-the-datacenter-and-cloud/

We will probably soon see the effects of this in several areas around monitoring and management B)

SCOM and Savision Extension as a package for locked down workstations

SCOM, System Center, SCOM Tricks, SCOM 2012 Send feedback »

For those of you wanting to provide the SCOM full console, possibly augmented with Savision Live Maps extensions, to desktops which are locked down, as a package. It might help B)

Case
We want to create a software package for the SCOM Console with Savision Live maps extensions so it can be run on managed locked down desktops.
Used are Windows 7 desktops and ThinApp and AppSense.
The desktops are locked down for users.

Package
We started with the prerequisites and installation files which needed to be added to the package (or not):
- .Net Framework 4, was already available in the system, so not included in building this package
- SQL CLR Types, was already present in the image as package, so not included
- ReportViewer 2012, was already present in the image as package, so not included
+ SCOM 2012 R2 Console installation
+ The at that time current Update Rollup 5 for SCOM 2012 R2
+ Savision Live maps extension for the at time current version 7.3

Problem
After the package was created and installed there were problems with SCOM and specifically with the Savision extension for viewing Savision maps directly from the full SCOM console.
It looked strongly like a rights issue, because the problem would occur on the restricted desktops with normal users.

Solution
The issue were the below mentioned two dll files, which do not get created at installation, but at login. The first user to login seems to create these two files in the ProgramData path. The creation of dll files in that path was blocked by AppSense.

The solution is to WhiteList the specific path in AppSense Application Manager so a user can write the dll there.
It seems that the subdirectory where these are created are dependent on the version of Savision used and when updating it to a newer version an additional subdirectory is created and the new two files placed there. So a wildcard was used for the folder name.
There was also an exclusion made for the SCOM directory:

As soon as it was made possible for a user to create these files upon first login to SCOM Console and opening a Live Map these were created and everything worked fine.

A big thanks to Jerry Chen for checking and fixing this.

Bob Cornelissen

SCOM Object reference not set to an instance of an object

SCOM, Service Manager, SCOM Tricks, SCOM 2012 Send feedback »

I had some problems with a State view in SCOM for a certain class, which used to work and now produced an error saying:
Object reference not set to an instance of an object

So I opened up the Discovered Inventory view and selected the appropriate class and waited for the screen to populate.
The same error appeared.

Just for fun I thought I would pick up the instances of the class with powershell by using the get-scomclass and get-scomclassinstance combination to get a table of all objects of the class and that did turn out a list of data.
So I suspected a faulty entry somewhere in the database for one of the discovered objects. Actually I had 1 top level class created and 3 child classes and this happened to two of the child classes.

Updating the pack to a newer version did not work and it was confirmed in the test environment that the pack should not be the problem.

I created a state view of the not monitored top level class and added columns for the other classes to it and that one looked fine.

So I wanted the discovered objects to be all gone from SCOM
The way you usually speed up the process is by setting overrides to the discovery rules for these classes and disabling them for all objects.
Next you run the command remove-scomdisabledclassinstance
And wait for it to remove all the entries.

But while running this command I got an error (see below in text and picture form):

PS C:\> remove-scomdisabledclassinstance
**WARNING** This operation WILL result in class instances and relationships being permanently deleted. This operation i
s irreversible and will likely result in a significant amount of activity in the operational database. Are you sure you
want to do this? [Y/N]

y
Started. This operation may take a very long time to complete.
remove-scomdisabledclassinstance : Discovery data has been received from a rule targeted at a non-existent object ID.
Object ID: 8375a67f-5750-53e1-bd9f-7468152934b0
Rule ID: 3147a861-3d91-74a6-675e-e41be8f92658
At line:1 char:1
+ remove-scomdisabledclassinstance
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (Microsoft.Syste...nstancesCommand:RemoveSCDisabledClassInstancesComma
nd) [Remove-SCOMDisabledClassInstance], DiscoveryDataFromRuleTargetedToDeletedObjectException
+ FullyQualifiedErrorId : ExecutionError,Microsoft.SystemCenter.OperationsManagerV10.Commands.RemoveSCDisabledClas
sInstancesCommand

If you get that error the best you can first do is in SCOM open up a Discovered Inventory view and check how many objects are still there (if it does not throw the same exception as the one I started with!).

Check the number of entries there.
Now run the remove-scomdisabledclassinstance command again.
If it throws the error refresh the screen to check if discovered inventory shows a lower number of discovered instances.
Keep doing that until it finishes. Took me 25 times :>

Next I waited for a grooming interval and let it populate the classes again one by one by turning the discoveries back on.

Bob Cornelissen

Saving dogs while monitoring

SCOM, System Center, Active Directory, SCOM Tricks, SCOM 2012, Windows 2012, Configuration Manager Send feedback »

I know this blog is all about my technical career in IT, with System Center and Microsoft products and so on and so on. But I also have a secondary life which is very important to me and a lot more. In fact I am somewhat of a shy person and so is my wife. We do not ask for favors much, but do like to give them. I am talking about our dog and animal sanctuary in Thailand. Currently my wife and our staff Oarn are mainly taking care of about 60 dogs in 3 locations. Also some of our family members like the Mother and sister of my wife in one location and her father in another are doing their best to help out. We have to do all of this out of our own pocket and I can tell you it is not possible to do this alone. Also we have some huge set backs in the past few months. We are in the process of emergency relocation and are in a big stress to find funding to be able to buy a new small plot of land in a less expensive province where we can relocate to, build fencing, build a roof, build a 1 room shelter for staff and relocate most of the dogs to that location. Of course this is next to our ongoing push for health (sterilization, anti-tick program, helping sick and wounded, vaccinations, vitamins and trace elements and iron in their food somehow to get them healthier).

Two days ago I did a webinar with my good friend Cameron Fuller for our friends at Jalasoft. The webinar was of course SCOM and monitoring related. Read about the webinar and also some of the things which Cameron said about the dog sanctuary which I would not have said myself and humbles us:
http://blogs.catapultsystems.com/cfuller/archive/2015/04/16/what-is-new-and-coming-soon-to-the-microsoft-monitoring-world-and-helping-a-good-cause-opinsights-scom-opsmgr-sysctr.aspx

We all donated the proceedings of this webinar to the good cause. Lek's House Of Tails.
More information can be found at following locations:

A website with some background information (see the tabs near the top below the picture) and information on how to donate (there are other methods, feel free to get in touch if you want to know how):
http://lekshouseoftails.azurewebsites.net/?page_id=222

The facebook page of the sanctuary:
https://www.facebook.com/LeksHouseOfTails

My personal Facebook Page (have lots of pictures from several years of the dog sanctuary):
https://www.facebook.com/bob.cornelissen.5

Feel free to contact us!

Also if you want to help out by whatever means (on location help in Thailand, financial, words of advice, toys, sharing our pages and posts, liking a post or whatever you can think of it is very much appreciated!
These dogs we have known for years, we have known their grandparents and all. They got deserted by people. They were in dire need. We try to help them have a life, eat food, have a roof for the rain, have a blanket to sleep on, have a bowl to eat from, be safe from getting hit by people or cars or getting poisonned or caught for some terrible plight. We just want to keep them safe, fed, healthy. They deserve a chance and all of them are really sweet and kind.
Due to bad circumstances we had to relocate to a temporary place and will soon move to our new place, which is a piece of empty land with nothing on it and start all over.

Now to get back to the webinar at Jalasoft. We have done this webinar and I feel it went great :p We want to thank Jalasoft for giving us this opportunity. I want to thank again my co-presenter Cameron Fuller, don't even know how to say how thankful we are mate.

Also a big thank you to several community members out of the technical community and MVP's who have helped in several ways in the past year.

During the webinar we had a surprise for the great folks and team at Jalasoft and that was that we named one of the pups without a name after their product range: Xian.
See below for a picture of Xian (on the left, with his brothers), it is a very smart and active dog and we thought it is a perfect fit :D

One more thing: The webinar we did was recorded and I am sure Jalasoft will publish it soon. Of course you can Always send a message to sales@jalasoft.com to get access to the webinar recording or the slides and of course to get more information on one or more of their great products. Of course in the near future I will be writing about several products and monitoring and System Center.

Xian and brothers

Thank you all so much for your patience and help and shares on behalf of me, my wife, our families and 60 sets of teeth from our dogs!
Bob Cornelissen

SCOM 2012 Importing a list of ICMP Devices

SCOM, System Center, SCOM Tricks, SCOM 2012 Send feedback »

Today we had a case where we wanted to make an additional ICMP ping monitoring for all the Unix/Linux servers we were already monitoring in SCOM. There was a specific reason for that. I wanted to quickly get all the IP addresses of the Unix/Linux machines out of SCOM and into the Device Discovery.

First I started by wanting to export the IP addresses through Powershell. So I started from a query I had made earlier over here and use that to pick up only the IP address and create a CSV file.

get-scomclass -Displayname "UNIX/Linux Computer" |get-scomclassinstance |select @Label="IPAddress";Expression={$_.'[Microsoft.Unix.Computer].IPAddress'}} |Export-CSV -notype C:\Scripts\nixexport.txt

Alright, Now I have a TXT file I can play with. I used Notepad to replace the double quote with nothing. And I removed the first line (which was the header). This leaves us with a simple txt file with a list of all IP addresses.

Next in the SCOM Network Device Discovery, I opened an existing discovery rule with some devices in it already and selected the Import button in that wizard (step 1 in below picture). Select the txt file and all the devices will be added to the bottom of the devices list of the discovery rule. Next Multi-select all of them (step 2 in below picture) and select Edit (step 3). Change discovery mode to ICMP. The picture was taken after they all got changed to ICMP already. And now click through the rest of the discovery wizard and let it run.

So this went quite quickly and with very little remembering of IP addresses and typos.

Good luck!
Bob Cornelissen

SCOM 2012 R2 UR5 and SCOM 2012 SP1 UR9 released

SCOM, System Center, SCOM 2012 Send feedback »

Last night there were some update rollups released for SCOM. One for SCOM 2012 SP1 and one for SCOM 2012 R2. Will list them below.

For SCOM 2012 SP1 this is Update Rollup 9 and can be found at KB3023167. The description does not include much at the moment except the mention of Operational Insight and the support for SUSE Linux 12. The article can be found here: http://support.microsoft.com/kb/3023167

For SCOM 2012 R2 this is Update Rollup 5 and can be found at KB3023138. The description has several items listed and there is also the Linux packs separately with an update. The article can be found here: http://support.microsoft.com/kb/3023138

Items in the UR5 rollup for SCOM 2012 R2:

  • Monitoringhost process crashes because of bind failures against Active Directory
  • RunAs accounts cannot be edited because of "Specified cast is invalid" exception
  • Application crashes when a search is finished without filter criteria on Distributed application designer
  • MonitoringHost crashes with the exception - System.OverflowException: Value was either too large or too small for an Int32
  • Support to troubleshoot PowerShell scripts
  • Operational Insights through Operations Manager
  • "Reset the Baseline," "Pause the baseline," and "Resume the baseline" tasks fail when they are run against an Optimized performance collection rule
  • An exception occurs when you edit subscriptions that contain deleted monitors or objects
  • You can't set Widget column width
  • Event 4506: Data was dropped because of too much outstanding data
  • Support for handling Datawarehouse time-outs
  • Can't continue scan with NOLOCK because of data movement
  • $ScriptContext.Context does not persist the value in PowerShell widgets
  • Evaluation version alert

And the Unix/linux Pack:

  • Updating the SCX Agent causes deep monitoring status for the JEE Application Server to be reset.
  • By default, the Rpcimap monitor for Red Hat Enterprise Linux 5 is now disabled.
  • Monitoring in UTC +13 causes Unix Process Monitoring template to fail.
  • Using scxadmin -log-rotate causes logging to stop after log rotation.

As Always please first test the update rollups and supporting management packs and any newly released management packs first in a test environment!

Bob Cornelissen

Contact / Help. ©2015 by Bob Cornelissen. blog software.
Design & icons by N.Design Studio. Skin by Tender Feelings / Evo Factory.