Caution using Tags/Notes extending classes

  Please take ‘caution using Tags/Notes extending classes’.  Please read below if you use Tags/Notes on SCOM classes.  Ran across examples where SCOM Class Properties were used for tags that used the .Notes field on various classes, causing orphaned properties, NOT removed from OperationsManager database.     Background The Microsoft.Windows.Computer Class (insert class here) is …

Use SCOM helper for advanced administration

First, use SCOM helper for advanced administration (a shameless plug to Tyson & MonitoringGuys blog!)   In case you didn’t know, as I may be the last off the airplane, it’s time to talk about SCOMHelper.  Things you forget, like using a power drill, versus manual screwdriver, all because you’re familiar with the old trusty …

ConfigMgr SMS role alerts

It’s that time to figure out the ConfigMgr SMS role alerts – If you are monitoring your SCCM/MECM environment, then you get role failure alerts.  Many times, the Operations Helpdesk, NOSC, NOC, SOC, etc. will get alerts when various roles fail on the Configuration Manager platform.  The common ask is why, what do you see, …

WebConsole APM hotfix for SCOM2012R2 and above

SCOM hotfix released for WebConsole/APM on SCOM2012R2 and above, time for another SCOM shot!  Don’t forget your vaccination card 🙂   Let’s get started.  Time to fix the vulnerability for ‘SCOM hotfix released for WebConsole/APM on SCOM2012R2 and above’.  Read the support article, and assess what versions you have in your sandbox and production.  Once …

Mining Windows Event Log

  Use Get-WinEvent to use XML and filters from event viewer, to mine an event, including examples for a specific string, from a specific event, in a specific event log?     Hopefully this post will help with a few tips to simplify monitoring for events, whether in AzMon, SCOM, or via PowerShell.     …

Which subscription was the trigger?

Hello Again, Surprise! I am back, as a rusty nail, and back to make lemonade from lemons! Rusty Nail through Lemon   Ever run into an email you don’t want to get, but have difficulty finding the subscription entry?   Do you get a subscription Email, and that channel has the Notification ID, but you’re …

SCOM 2016 web console hot fix released

SCOM 2016 web console hot fix Security teams may be contacting you for CVE-2020-1331 vulnerability on the 2016 web console.  In my example, the Tenable scanner listed ALL SCOM management group servers – under SCOM2016/2019). NOTE KB does not install on server, so does not show up under ‘Installed Updates’     Background HotFix DLL …

Identify orphaned agent properties

  Back again, I’m going to ‘Identify orphaned agent properties’.  For instance, does an agent still show up under Windows Computer, or more classes, like Windows Operating System?  Typically we have handled this by using Holman’s purge blog.       Deleting and Purging data from the SCOM Database     First, my thanks to …

ADCS – Active Directory Certificate Services Addendum pack

  Hello again, it’s time to talk about ADCS – Active Directory Certificate Services Addendum!   First, I’d like to call out Bob Williams and Vance Cozier for their help and expertise! SCOM-ADCS-Addendum download     Background ADCS is Active Directory Certificate Services, or what we would know as a Certificate Authority.  The goal was …

Build FluentD conf file

Ready to build out a FluentD conf file?   Let’s build a FluentD conf file.  We can use the docs site for another example.  And now, let’s build a simple FluentD configuration file. Paste the XML code below, and save as <yourlogfile>.conf Create custom log file to test cd /etc/opt/microsoft/omsagent/scom/conf/omsagent.d/ # vi <yourlogfile>.conf vi mylog.conf …