Home » 2006 (Page 9)

Yearly Archives: 2006

Monitor logfile

June 10, 2006 / 2 Comments on Monitor logfile

Do you have some strange application with a logfile? It is suitable to monitor that logfile with MOM. Below there is a short walkthrough how to do that. To get this to work you will need a new provider and a new rule.

1.
Create a new provider.
You create provides in Administrator Console, Management Packs, Provides.
Right-click Provides and choose “Create Provide”, fill in information as below
Source of the provider: Application Log
Type: Application Log
Settings: Generic single-log file
Directory: for example C:\LOG
Format: Generic
File Pattern: for example system.log or log*
Click Finish when done

2.
Create a new computer group, name it to some something suitable for example MyApp. Add all computers you want to monitor.

3.
Create a new rule group. Associate the new computer group with your new rule group.

4.
In you new rule group, right-click Event Rules and choose “Alert on or response to event…”
fill in information as below at Advanced on the Event Rule Properties – Criteria tab.
Provider Name: Choose the provider you created before
Field: Parameter 4
Condition: matches wildcard
Value: For example *warning* if we want an alert when that word is in the logfile.
                Click Add to list
                Click Close
Event Rule Properties – Criteria, click next
Event Rule Properties – Schedule, click next
Event Rule Properties – Alert, check “Generate alert, then click next
Event Rule Properties – Alert Suppression, click next
Event Rule Properties – Responses, click next
Event Rule Properties – Knowledge Base, click next
Event Rule Properties – General, input a name and click finished

That should do it!

Note that it can take some minutes before new rules is active. Also note that MOM will start “read” a line when the application has started on a new line. So when the application has start write to line 2 MOM will read line 1.

I have upload screenshots with all settings, you can find them under screenshots.

Remove management pack

June 9, 2006 / Leave a comment

I got a question a couple of days ago from my friend Christoffer Andersson:
“Is it possible to remove a management pack from SCOM 2007”?

Operations Manager 2007 also includes the ability to delete a management pack.
Deleting a management pack will remove all management pack objects and discovered data from the database.

source: Operations Manager 2007 Help

Virtual Appliances

June 8, 2006 / 1 Comment on Virtual Appliances

A “virtual appliance” is a pre-installed and pre-conf application or IS running on a standard server or desktop computer in a virtual environment. There is a couple of hundreds   

There is a couple of hundreds virtual appliances ready for download at vmware.com. For example anti-spam servers, mailservers, proxy, firewalls and IDS servers. 

You will find Virtual Appliance here. 

You can download Vmware server for free here. 

 

Microsoft Certified Professional

June 8, 2006 / Leave a comment

During a short timeframe you will get a second shot for free on Microsoft cert. Take the chance and book a test before the offer ends. More information here.

Vista Beta 2

June 8, 2006 / Leave a comment

Vista Beta 2 is now published, you can download it here

http://download.windowsvista.com/preview/beta2/en/x86/download.htm

MOM KB

June 7, 2006 / Leave a comment

Yesterday there was a new KB publish

How to add space to the Microsoft Operations Manager OnePoint Database

Mail notification based on computer groups

June 7, 2006 / 1 Comment on Mail notification based on computer groups

Billy Grind is administrator for a server named CONTOSOFILE01. Billy wants to get a e-mail if something happens with CONTOSOFILE01. This short instruction is based on a working MOM installation and that SMTP is already setup and working.

First we need to add Billy as a operator, we can do that under “Nofification” in Administrator Console

1.       Right-click “Operators” and choose “Create Operator…”

2.       Operator Properties – General” tab, input name of the operator, then click next

3.       Operator Properties – Email, Mark “Email this operator”, input the operator e-mail , then click next

4.       Operators Properties – Page, click next

5.       Operators Properties – Command, click finish

Then we need to create a notification group where the new operator will be member

1.       Right-click “Notification Groups” and choose “Create Notification Group…”

2.       Input a name, for example fileserver administrators

3.       Mark the operator you just created, and click left arrow, click finish

Then we need to create a new computer group where CONTOSOFILE will be member and a rule that will send e-mail to Billy Grind

1.       First create a new computer group and include CONTOSOFILE01

2.       Then create a new rule group

3.       Right-click the new rule group, choose “Associate with Computer Group…” choose the computer you just created, then close that window

4.       Right-click “Alert Rules” and choose “Create alert rule…”

5.       Alert Rule Properties – Alert Criteria”, click next (there will be no criterias)

6.        Alert Rule Properties – Schedule, click next7.       Alert Rule Properties – Responses, choose add and then “Send a notification to a Notification group”, choose you new operators group and then click OK

8.       Alert Rule Properties – Responses, click next

9.       Alert Rule Properties – Knowledge Base, click next

10.   Alert Rule Properties – General, input a name for your new rule, verify that “This rule is enable” is marked, then click finish.

Ok, now it’s done. Note that it can take some minutes before the new rule is active.

If you want to setup more criteria for e-mail notification I recommend you to install Notification Workflow. Another thing to thing about is which e-mail server you are running MOM alerts on, what happens if  that mailserver goes offline? It could be a good ideas to install a extra SMTP server for MOM.

 

KB article,  “Failed to send SMTP message” error when MOM 2005 tries to send SMTP e-mail notification response”

 

Rolebased security

June 6, 2006 / 1 Comment on Rolebased security

There is a large number of operations in SCOM 2007 for example close alerts, run scripts and change rules. All these operations have been group in different profiles.  Every profile correspond to function or service. Below there is a explanation to every default role. A great news is that we finally got that true read-only operator role without multiple management groups.

  • Report Operator
    This profile is used to give permissions to reports. SCOM 2007 have integrated SQL Reporting service security into SCOM 2007 security. Only members or the Report Operators role can read reports.
  • Report Security Administrator
    This profiles is used between SQL Reporting services and SCOM 2007. The IIS application pool that run SQL Reporting Server is using this profile.
  • Read-Only Operator
    This profile is for persons who should only be enable to read alerts and views. What the persion can see is controlled by scope.
  • Operator
    This profile is for persons that need access to alerts, views and to be enable to run tasks. This profile is the same as MOM User group in MOM 2005.
  • Advanced Operator
    This profile is based on the operator profile, but this profile can also change a part of the configuration. Which part of the configuration is controlled by the running scope.
  • Author
    This profile is the same as the MOM Author group in MOM 2005. This profiles if for persons who will work with management packs and settings.
  • Administrator
    The Administrator profile is the most powerful profile. Administrators can do anything within the system. During the installation you will choose a group who will become SCOM 2007 Administrators. This profile is the same as MOM Administrators in MOM 2005.

System Center Operations Manager 2007 Beta 2

June 6, 2006 / Leave a comment

Today System Center Operations Manager 2007 beta 2 was released. You can download it at Microsoft Connect. You can find FAQ about SCOM 2007 here I have installed SCOM 2007 in Hyper-V and some commentary is

  • Require SQL 2005 with SP1
  • During the installation you can choose a security group that will be SCOM administrators. Local administrators is no longer SCOM Administrators
  • You can change the name of the database, default name is OperationsManager
  • Administrator Console is gone. In SCOM 2007 all operations is done from the same console, Operator Console. What you see and can do is controlled by roles. There is seven roles in SCOM out-of-the box. Administrator is the highest role and read-only operator is the lowest. A read-only operator can only read alerts and look at views in operator console.
  • MOM v3 Command Shell, a great way to operate SCOM

 

 

CSUtility.exe

June 3, 2006 / Leave a comment

When you work with console scope in MOM 2005 you will soon notice that you can only add username to a scope, not groups. If you have a service desk with 50 persons  it will be a lot of work to add them all. presumably there is already a security group named service desk in your organization and then you can use a tool named csutility.exe, included in MOM 2006 resource kit.I this example I have  a security group named “Exchange Administrators”. All exchange administrators is member of that group. In MOM I have a console scope for them named “Exchange Administrators Scope”. When new exchange administrators is hired or quite they are added/removed to/from that group. After that group has been modify I run the following command

CSUTIL.EXE Synchronize "Exchange Administrators Scope" "DOMAIN\Exchange Administrators"

What will happened is that all members of “Exchange Administrators” will be added to the scope named “Exchange Administrators Scope”. If I have removed a user from Exchange Administrators it will be removed from the scope too. The scope is synchronized with the MOM scope.

This will save you a lot of time, because the security group is already in place.

 

MOM 2005 Resource Kit

 

Post navigation

Older posts Newer posts