Scenario .com



Scripting Alert UpdatesA question that comes up regularly on the technet forums is how to configure updates to alerts, usually around custom fields that need manipulating prior to forwarding on to a help desk system. Here are a few solutions that may or may not meet your needs. As always with scripts, test thoroughly in a suitable development environment before deploying to production and use is at your own risk. With the legalese out of the way ....Contents TOC \o "1-3" \h \z \u Scenario PAGEREF _Toc263074948 \h 2Overview PAGEREF _Toc263074949 \h 2Script PAGEREF _Toc263074950 \h 2Running the script from PowerShell PAGEREF _Toc263074951 \h 4Running the script from an Operations Manager rule PAGEREF _Toc263074952 \h 5Using Opalis with Operations Manager Integration Kit PAGEREF _Toc263074953 \h 7Running the Script from the Opalis Server PAGEREF _Toc263074954 \h 15ScenarioOverviewWhen a new rule comes in, I want to update the alert so that:Custom field1 contains the Server Principal NameCustom field2 contains the Severity of the AlertCustom field3 contains the Management Pack that generated the AlertScriptFirst up we need to get the powershell script. # Name of Root Management Server $RMS="XXXX" # Initialise OpsMgr Provider write-Host write-Host "Executing UpdateAlerts.ps1 ..." write-Host ## prepare OpsMgr shell if ((Get-PSSnapin | Where-Object {$_.Name -eq 'Microsoft.EnterpriseManagement.OperationsManager.Client'}) -eq $null) { Write-Host Write-Host "File loaded." Write-Host "Initializing shell for operations manager..." Write-Host "Add Microsoft.EnterpriseManagement.OperationsManager.Client snap in." Add-PSSnapin Microsoft.EnterpriseManagement.OperationsManager.Client -ErrorAction SilentlyContinue -ErrorVariable Err if ($Err) { $(throw write-Host $Err) } } if ((Get-ManagementGroupConnection | Where-Object {$_.ManagementServerName -eq $RMS}) -eq $null) { Write-Host "Connect to Management Server: $RMS" New-ManagementGroupConnection $RMS -ErrorAction SilentlyContinue -ErrorVariable Err if ($Err) { $(throw write-Host $Err) } } if ((Get-PSDrive | Where-Object {$_.Name -eq 'Monitoring'}) -eq $null) { Write-Host "Create Monitoring drive from Provider." New-PSDrive -Name: Monitoring -PSProvider: OperationsManagerMonitoring -Root: \ -ErrorAction SilentlyContinue -ErrorVariable Err if ($Err) { $(throw write-Host $Err) } Write-Host "Operations manager shell initialized." Write-Host } Set-Location Monitoring:\$RMS #Get-Alert - update alert foreach ($alert in get-alert -criteria 'PrincipalName is not null and ResolutionState = 0') { $alert.CustomField1 = $alert.PrincipalName $alert.CustomField2 = $alert.Severity $alert.ResolutionState = "5" if ($alert.IsMonitorAlert -like 'False') { $alert.CustomField3 = ((get-rule $alert.monitoringruleid).getmanagementpack()).displayname } else { $alert.CustomField3 = (get-monitor $alert.problemid).getmanagementpack().displayname } $alert.Update("Alert Updated by UpdateAlerts.ps1") } We also need to create an Alert Resolution State for Alert Updated - Administration > Settings > Alerts in the operator console.We do this so that when we run the script we only pull back new alerts and not alerts that have already been updated. Running the script from PowerShellCopy and paste the script from page 2 into a file called UpdateAlerts.ps1 and save this in a folder called c:\scripts on the Root Management ServerOpen the Operations Manager (power) Shell as administrator (right click and run as administrator).Change the folder to c:\scripts and run the script using ./UpdateAlerts.ps1The Alert is updated:Running the script from an Operations Manager ruleSay we want to run this script every 10 minutes to automate the updates. We can do this via an Operations Manager timed command rule. Be careful with this from a performance perspective. PowerShell can be quite resource intensive so make sure your alerting is fine tuned to ensure that not too many alerts are being processed.Create a Timed Command Rule in a custom management pack – choose Execute a CommandConfigure the Rule Name, Rule Category (I have chosen Operations) and target the Root Management Server Set a scheduleConfigure the Command Line (create c:\temp if necessary)Using Opalis with Operations Manager Integration KitIf you are working through this article then make sure that you disable or delete the rule that we created above. You will also need to make sure that you have imported the Operations Manager 2007 Integration Pack into Opalis. We are now going to run this powershell script from Opalis.In the Opalis Client, create a new policyRename the Policy to UpdateAlert (you will be prompted to “check out” the policy”). Add scheduling object (Monitor Date/Time) and change the name of the object to every 5 minutes and change the details page to every 5 minutes (see below)Double check that you have configured the Operations Manager 2007 IntegrationGo to the Microsoft Operations Manager 2007 objects and click and drag the Get Alert object into the policyRight click the Get Alert object and choose properties and configure the connection and add a filter to pull back just New Alerts (Resolution State = New)7. Click and Drag the Update Alert object into the policyCreate a workflow by clicking and dragging a connector line from \ to each object in the workflow (every 5 minutes Get Alert Update Alert)Right Click Update Alert and choose properties:Set the ConnectionIn the Alert ID text box, right click, choose subscribe, published dataMake sure that Get Alert is selected as the object and then choose the ID field. This will pick up the Alert ID from the Get Alert object so that the updates we make only affect the select Alerts. The window now looks like thisClick on Select Fields at the bottom of the window and select the fields that we are going to update – select custom field 2, custom field 3 and resolution state, move them to the right window by clicking on >> and then click ok Right click in the text box next to CustomField2 and choose subscribe, published data and then select the netbios computer name fieldFor custom field3 choose SeverityFor ResolutionState, click once in the text box and you’ll see an ellipse buttonClick on the ellipse button and you’ll get to choose the resolution stateYou should now see this – click Finish:Then Check in the policyThen start the policyThe updates aren’t the same as the script – the Management Pack isn’t exposed and only the NetBios computer name is available. But you can get this without any scripting. Running the Script from the Opalis ServerBut if you want to script the whole solution then stop the policy that was created above and we can look to plug the PowerShell script directly into Opalis. Copy the updatealert.ps1 script to c:\scripts on the Opalis server.Create a new policy – I have called this Run PShell Script and add a Monitor Date / Time object to run every 5 minutes exactly as we did in the previous policy (update alert)Add the Run Program script object and create the workflow between the Schedule and the scriptRight click Run ProgramOn the General Tab, change the name to Update AlertOn the Details Tab, enter the following On the Mode, select Command ExecutionComputer = Opalis Server IP AddressCommand = C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -Command "c:\scripts\updatealert.ps1"Working folder = c:\TempAnd click Finish ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download