Time to update SCOM, specifically to ‘create SCOM Command Channels’, then subscribers, and subscriptions. Depending on requirements, create multiple channels within SCOM.
Save .ps1 file(s) to SCOM MS
LogAlert.ps1 to verify SCOM notification account
New-SNowEvent.ps1 to inject events into ServiceNow
New-SNowIncident.ps1 to inject incidents into ServiceNow
Save LogAlert.ps1
Create Command channel script and save to SCOM MS(s)
From Kevin Holman blog https://kevinholman.com/2021/08/25/what-account-will-command-channel-notifications-run-as-in-scom/
Open in (notepad/notepad++/VSCode, PowerShell ISE) editor, paste the following:
param($AlertID, $AlertName, $AlertDescription, $Severity, $ResolutionState, $ManagedEntityPath, $ManagedEntityDisplayName, $ManagedEntityFullName, $ManagedEntity, $CreatedByMonitor, $WorkflowId, $DataItemCreateTimeLocal, $WebConsoleUrl)
$ScriptName = “logalert.ps1”
$EventID = “710”
$whoami = whoami
$momapi = New-Object -comObject MOM.ScriptAPI
# Begin logging script starting into event log
write-host “Script is starting. `n Running as ($whoami).”
$momapi.LogScriptEvent($ScriptName,$EventID,0,”Script is starting. `n Running as ($whoami).”)
#Log script event that we are starting task
$momapi.LogScriptEvent($ScriptName,$EventID,0,”Script is starting. `nRunning as ($whoami). `nAlertID: ($AlertID) `nAlertName: ($AlertName) `nAlertDescription:($AlertDescription) `nSeverity:($Severity) `nResolutionState: ($ResolutionState) `nManagedEntityPath: ($ManagedEntityPath) `nManagedEntityDisplayName: ($ManagedEntityDisplayName) `nManagedEntityFullName: ($ManagedEntityFullName) `nManagedEntity: ($ManagedEntity) `nCreatedByMonitor: ($CreatedByMonitor) `nWorkFlowId: ($WorkflowId) `nDataItemCreateTimeLocal: ($DataItemCreateTimeLocal) `nWebConsoleURL: ($WebConsoleUrl)”)
write-host “LogAlert.ps1 script logging SCOM Notification channel account whoami = $($whoami)” >> C:\MonAdmin\scripts\TestOutputChannel.txt
Save content as LogAlert.ps1 on SCOM MS’s
NOTE path to setup channel execution
Save New-SNowEvent.ps1
Create Command channel script and save to SCOM MS(s)
Grab file from GitHub repository https://github.com/theKevinJustin/New-SNowEvent
As needed, save New-SNowEvent file as .ps1 on SCOM MS’s
Save New-SNowIncident.ps1
Depending on design requirements, grab file from GitHub repository https://github.com/theKevinJustin/New-SNOWIncidents
As needed, save New-SNowIncident file as .ps1 on SCOM MS’s
Configure ‘Test LogAlert.ps1 SCOM Command Channel’
This command channel helps admins determine variables possible to pass to PowerShell script(s).
SCOM Navigation steps:
Click on Administration Tab > Notifications > Channels
Click New
Name
Test LogAlert.ps1 SCOM Command Channel
Description
Test LogAlert.ps1 SCOM Command Channel using Holman’s blog https://kevinholman.com/2021/08/25/what-account-will-command-channel-notifications-run-as-in-scom/
Full path of the command file:
C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe
Command line parameters:
-executionPolicy bypass -noprofile -file “C:\MonAdmin\scripts\LogAlert.ps1” -AlertID “$Data[Default=’NotPresent’]/Context/DataItem/AlertId$” -AlertName “$Data[Default=’NotPresent’]/Context/DataItem/AlertName$” -AlertDescription “$Data[Default=’NotPresent’]/Context/DataItem/AlertDescription$” -Severity “$Data[Default=’NotPresent’]/Context/DataItem/Severity$” -ResolutionState “$Data[Default=’NotPresent’]/Context/DataItem/ResolutionState$” -ManagedEntityPath “$Data[Default=’NotPresent’]/Context/DataItem/ManagedEntityPath$” -ManagedEntityDisplayName “$Data[Default=’NotPresent’]/Context/DataItem/ManagedEntityDisplayName$” -ManagedEntityFullName “$Data[Default=’NotPresent’]/Context/DataItem/ManagedEntityFullName$” -ManagedEntity “$Data[Default=’NotPresent’]/Context/DataItem/ManagedEntity$” -CreatedByMonitor “$Data[Default=’NotPresent’]/Context/DataItem/CreatedByMonitor$” -WorkflowId “$Data[Default=’NotPresent’]/Context/DataItem/WorkflowId$” -DataItemCreateTimeLocal “$Data[Default=’NotPresent’]/Context/DataItem/DataItemCreateTimeLocal$” -WebConsoleUrl “$Target/Property[Type=”Notification!Microsoft.SystemCenter.AlertNotificationSubscriptionServer”]/WebConsoleUrl$?DisplayMode=Pivot&AlertID=$UrlEncodeData/Context/DataItem/AlertId$”
Startup Folder for Command Line:
C:\MonAdmin\SCRIPTS
Click Finish
Configure ‘ServiceNow SNOW Event Creation Channel’
SNOW Event command channel injects ServiceNow SNOW events, with logic to check for alert, incident, then update the SCOM alert TicketID, Owner, ResolutionState based on runtime.
SCOM Navigation steps:
Click on Administration Tab > Notifications > Channels
Click New
Name
ServiceNow SNOW Event Creation Channel
Use New-SNowEvent.ps1 to create SCOM subscription that creates SNOW incidents, then updates SCOM alert with TicketID, Owner, Resolution State for SCOM alert.
Full path of the command file:
C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe
Command line parameters:
-executionPolicy bypass -noprofile -file “C:\MonAdmin\scripts\New-SNowEvent.ps1” -AlertID “$Data[Default=’NotPresent’]/Context/DataItem/AlertId$” -AlertName “$Data[Default=’NotPresent’]/Context/DataItem/AlertName$” -AssignmentGroup “JustInTime Server Admins” -Team SYM
Startup Folder for Command Line:
C:\MonAdmin\SCRIPTS
Click Finish
Configure ‘ServiceNow SNOW Incident creation channel’
This command channel helps admins determine variables possible to pass to PowerShell script(s).
SCOM Navigation steps:
Click on Administration Tab > Notifications > Channels
Click New
Name
ServiceNow SNOW Incident creation channel
Use New-SNowIncident.ps1 to create SCOM subscription that creates SNOW incidents, then updates SCOM alert with TicketID, Owner, Resolution State for SCOM alert.
Full path of the command file:
C:\windows\system32\WindowsPowerShell\v1.0\powershell.exe
Command line parameters:
-executionPolicy bypass -noprofile -file “C:\MonAdmin\scripts\New-SNowIncident.ps1” -AlertName “$Data[Default=’Not Present’]/Context/DataItem/AlertName$” -AlertID “$Data[Default=’NotPresent’]/Context/DataItem/AlertId$” -Impact 4 -Urgency 4 -Priority 3 -AssignmentGroup “RCC-C – System Admin” -BusinessService SYSMAN -Category “SYSMAN Support” -SubCategory Repair -Channel Direct
Startup Folder for Command Line:
C:\MonAdmin\SCRIPTS
Click Finish