Parse Events via PowerShell into table

  Parse Events via PowerShell into table.  Ever have need to parse an event, and grab a field from the event description, then perform some action after that?   Here’s some PowerShell that may help you first to create a table, then setup columns, gather data, then parse what you need, and run a command to …

Mining Windows Event Log

  Use Get-WinEvent to use XML and filters from event viewer, to mine an event, including examples for a specific string, from a specific event, in a specific event log?     Hopefully this post will help with a few tips to simplify monitoring for events, whether in AzMon, SCOM, or via PowerShell.     …

Which subscription was the trigger?

Hello Again, Surprise! I am back, as a rusty nail, and back to make lemonade from lemons! Rusty Nail through Lemon   Ever run into an email you don’t want to get, but have difficulty finding the subscription entry?   Do you get a subscription Email, and that channel has the Notification ID, but you’re …

SCOM 2016 web console hot fix released

SCOM 2016 web console hot fix Security teams may be contacting you for CVE-2020-1331 vulnerability on the 2016 web console.  In my example, the Tenable scanner listed ALL SCOM management group servers – under SCOM2016/2019). NOTE KB does not install on server, so does not show up under ‘Installed Updates’     Background HotFix DLL …

Identify orphaned agent properties

  Back again, I’m going to ‘Identify orphaned agent properties’.  For instance, does an agent still show up under Windows Computer, or more classes, like Windows Operating System?  Typically we have handled this by using Holman’s purge blog.       Deleting and Purging data from the SCOM Database     First, my thanks to …

ADCS – Active Directory Certificate Services Addendum pack

  Hello again, it’s time to talk about ADCS – Active Directory Certificate Services Addendum!   First, I’d like to call out Bob Williams and Vance Cozier for their help and expertise! SCOM-ADCS-Addendum download     Background ADCS is Active Directory Certificate Services, or what we would know as a Certificate Authority.  The goal was …

Don’t forget python as pre-req for agent install

  Hey guys, don’t forget python as pre-req for agent install!  Came across this again, where the docs site doesn’t mention python-ctypes as pre-req for agent install.  Let’s flip to GitHub for the agent.  GitHub lists the python pre-req here.  Otherwise, it’s Openssl 1.1.0 is only supported on x86_64 platforms (64-bit).     Let’s begin …

Need to find the command UNIX pack runs for perf counter

    Have you ever needed to find the command UNIX pack runs for perf counter?   Say the processor time value doesn’t match what the Unix admin may be saying SCOM is showing.   Many times you can look at the SCOM management pack, and those commands trace back to the UNIX library.   Background:  …

Build FluentD conf file

Ready to build out a FluentD conf file?   Let’s build a FluentD conf file.  We can use the docs site for another example.  And now, let’s build a simple FluentD configuration file. Paste the XML code below, and save as <yourlogfile>.conf Create custom log file to test cd /etc/opt/microsoft/omsagent/scom/conf/omsagent.d/ # vi <yourlogfile>.conf vi mylog.conf …

OMSAgent FluentD debunked – Configure Linux FluentD – part2

Now to begin – OMSAgent FluentD debunked Configure Linux FluentD – part2 –> see part one (1) here)     First, my thanks to Mike Johnston@Microsoft (CSS SEE SME) to help validate my steps and testing, to configure Linux FluentD on an Ubuntu server!  Are you ready to bust a myth – OMSAgent FluentD debunked …