Tag: report

January addendum updates

Fast and Furious (sarcasm and humor)
Fast and Furious (sarcasm and humor)

January addendum updates for multiple management packs

First, the biggest change item for large enterprise environments included a change in syntax for get-SCOMAlert
Example
get-scomalert -ResolutionState (0..254) -Name “##stringhere##*”
get-scomalert -ResolutionState 255 -Name “##stringhere##*”
Second, another change with the repo’s was a ‘whitespace audit’ encoded characters, or ‘data concealment’.  See AT&T link CyberSecurity Link
Third, after whitespace we focused on script/workflow efficiencies seen in large enterprise environments.  While Efforts began in December, the workflow efficiencies sprint resulted in two sets of improvements.
Fast and Efficient
Fast and Efficient
1) Added ‘Reset Monitors Script base code’ $Age variable
What does this mean?
Simply put $Age allows admins to define monitor age before resetting.
The default is 1 (day), but can be specified in the script to tailor to requirements.
Example
$Age = [DateTime](Get-Date).AddDays(-1)
2) Beyond incorporating $Age into the reset monitor logic, the packs utilize logic for a much faster runtime (~90%+).
What does this mean?
Updated logic quickly gathers unhealthy monitor objects, by leveraging ‘Get-SCOMManagementPack‘ and then ‘Get-SCOMClass‘, before passing to ‘Get-SCOMClassInstance‘.
Example PowerShell
## Grab the MP, get the Monitors and Rules from the MP, then grab all alerts found inside the Monitors/Rules
$SCOMCoreMP = Get-SCOMManagementPack -DisplayName “Microsoft Windows Server DNS Monitoring”
# Get classes – Examples –
$Monitoring = $SCOMCoreMP
# DNS pack naming
$DNSClasses = @(Get-SCOMClass -ManagementPack $Monitoring; )
$DNSClass = $DNSClasses | sort -property Name -uniq

Repo’s updated in January

January addendum updates include:
ADCS, ADDS, DNS, DFS/File Services, IIS, SCCM pack for MECM/MEM/MCM monitoring, Operating Systems, Proactive NOSC Daily Tasks, and Tangible ProV application monitoring.

Links below to GitHub repositories (repo’s)

ADDS addendum pack

Active Directory monitoring - definitely needs an addendum!
Active Directory monitoring – definitely needs an addendum!

To begin, the ‘ADDS addendum pack’ needs acknowledgement of the contributors who dealt with my many questions to better alert on AD issues!  My thanks to Bob Williams, Vance Cozier, Jason Windisch for their help and expertise with Active Directory (AD/ADDS).  If you need more background, check the why addendum pack post.

Quick Download(s)

2012 HTTPS://GITHUB.COM/THEKEVINJUSTIN/ADDS2012ADDENDUM/

2012R2 HTTPS://GITHUB.COM/THEKEVINJUSTIN/ADDS2012R2ADDENDUM/

2016+ https://github.com/theKevinJustin/ADDSAddendumAgnostic

 

Overview of capabilities

The Active Directory ADDS Addendum pack(s) change how Tier0 health, and Domain Admins consume alerts.  Then, AD product team re-wrote the packs back in 2016 to PowerShell workflows.  Many workflows measuring replication, health of your forest(s), at the cost of less alert noise than the 2008 packs.  Third, the addendums for 2012, 2012R2, and 2016+ version agnostic should help reduce alert ‘burden’.  Lastly, most environments should be 2016+, as the EOL/EOSL is quickly approaching in October!

 

Workflows

First, the DataSources (DS) and WriteActions (WA) clean up AD pack alerts, create daily reports, team, and AD pack summary alerts, where the WA are the on-demand tasks versions.

DataSources (DS) and WriteActions (WA) clean up AD pack alerts, create daily reports, team, and AD pack summary alerts, and the WA are the on-demand tasks versions of the DS
DataSources (DS) and WriteActions (WA) clean up AD pack alerts, create daily reports, team, and AD pack summary alerts, and the WA are the on-demand tasks versions of the DS

Data source (DS) scheduled workflows run weekdays between 0600-0700 local SCOM management server local time.  The summary and team reports (run during this time) summarize key insights.  NOTE: the Monday report gathers the last 72 hours, so administrators get a ‘what happened over the weekend’ view.  Tuesday-Friday reports are past 24 hours.  Lastly, the group policy report summarizing unique GPUpdate error output.

 

Monitoring

ADDS monitoring snapshot showing rules, tasks, recoveries with added capabilities
ADDS monitoring snapshot showing rules, tasks, recoveries with added capabilities

Addendum pack rules schedule data source execution, adding on-demand task alerts, including new group policy rule alerts.   The Recovery tasks add service recovery automation to bring us to the ‘manual intervention required’ alerting.  There are a few monitor/rule overrides to match the health model.  NOTE: The 2012R2 pack is missing the component alert, as there’s less than 2 months until the platform support ends.

The component alert is a new workflow that’s helped Tier0 admins.

Basically, this is a PowerShell workflow that checks SCOM alerts for multiple DC alerts to determine DC health.  I don’t change the AD critical service monitors, but simply summarize the alerts to tell you when intervention is required.

 

 

 

Tailoring the pack(s) to your environment

First, the Active Directory Domain Services management packs MUST be installed for the ‘ADDS Addendum pack'(s) to load.  The three versions currently supported have addendums, hopefully 2012,2012R2 are planned to be decommissioned in the short term.

 

Update the AD summary and team reports

The AD summary and team reports for specific Tier0 servers owned by Domain Administrators, AD Team (or any other aliases the SME’s may go by) group regular expressions.

In your favorite XML editor (mine is Notepad++), open the addendum pack(s), and find/replace for the following strings:

Look for the $ADDSServerAlerts

$ADDSServerAlerts = $ADDSReportAlerts | ? { ( $_.NetBiosComputerName -like “*A1*” ) `

 

Save pack

Import and enjoy!

 

Documentation

ADDS 2012+ management pack download

Load Test MP with Report

Read below if you want a specific MP for load testing

 

I don’t know about you, but I’ve come across the situation where you need to compare performance.

 

This MP should help validate performance, whether to validate physical versus virtual, or a new Server Farm, storage performance between environments, etc.

 

Shout to Tyson Paul for his initial MP with 2016, catch his blog here!

 

 

Let’s start with the MP shell

 

Check out the upcoming Gallery download for MP’s and fragments here

NOTE: GUID’s will vary to your environment

 

To build the MP, you will need to update the following:

 

Pack ID to include the OS version

 

Add Reference for OS Monitoring MP (can use Visual Studio (VS) MP alias if VS is available for use in your environment)

Class Type ID with OS version

Discovery ID and Target with OS Version

 

Overrides ID with OS Version, and Target with OS MP Rule name and reference

Use the OS Monitoring MP to help with the rule names

The far right of the Override lists the Rule that must match to the OS MP

 

View ID with OS Version

 

Folder Item Element ID and ID

 

MP Display Strings with OS Version

 

Save and Import MP without the Report parameter to see what Group ID SCOM assigns the Load Test group

 

 

Part 2 – include report after group is imported

Don’t forget to update MP version under Identity!

Get Report parameter value for group ID

From PowerShell

          get-ScomGroup | ? { $_.DisplayName -like “*Load Testing Group*” } | fl ID,DisplayName

Alternatively, obtain from SQL SSMS

          select [ManagedEntityDefaultName],[ManagedEntityRowId]

          FROM [vManagedEntity]

          where [ManagedEntityDefaultName] like ‘%load%’

          order by displayname

SSMS Output

 

In MP XML, update View Target GUID to your Group ID

 

Add Report section, and update parameter values Rule GUID

 

PowerShell commands to run from MS or console installed machine

The GUID’s needed for the report parameters section

 

get-scomrule | ? { $_.DisplayName -like “System Processor Queue Length*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “Current Disk Queue Length*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “Current Disk Queue*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “Current Dis*k Queue*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Current Disk Queue*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Average Disk Seconds Per Transfer*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Logical Disk Idle Time*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Processor Time Total*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Memory Available Megabytes*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Network Adapter Bytes Total*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*Memory Pages per Second*” } | fl ID,DisplayName,Name

get-scomrule | ? { $_.DisplayName -like “*System Processor Queue Length*” } | fl ID,DisplayName,Name

 

 

Verification

  1. From SCOM Console, Authoring Tab
    1. Update group with explicit members
    2. Verify Group members
  2. From SCOM Console, Monitoring Tab
    1. Verify Performance view has performance counters
  3. From SCOM Console Reporting Tab (this may take a few minutes to push report to Reporting server)
    1. Open report and run
    2. Export data for analysis