So I have a fun request from management. They want me to produce a document showing people exactly what all SCOM is monitoring for them. They do not want a phonebook that people are not going to read. Has anyone else done this or been ask for this I am looking for any tips on best ways to handle this request. I know I could point them to the management pack documentation but that would start to get hard to manage and most people would not understand most of it anyways as they have no SCOM training.
I have had the same requests from some teams at my workplace. I have answered with a saying that we have in Sweden “how long is rope?”. I have found it hard to pin point exactly what a MP monitors.
We have instead listed that your machine/service is monitored by these management packs:
OS (disk, cpu etc)
IIS (application pools, websites)
SQL
And the following custom monitors
Webtransacation monitor for “https://www.mycoolsite.now” that checks for the words “database is responding”
Eventlog monitoring: checks for the eventid 666 from the application devil
The fact that there are some monitors in for example the SQL monitoring that are not enabled by default is not taken in account. For example SQL agent job monitoring.
This is a very common question.
What you need is a pretty little script that gets all the details and makes it look nice. Luckily, Stefan Roth has done this for us:
Â
https://www.stefanroth.net/2014/02/13/scom-2012-effective-configuration-viewer-the-powershell-way/
In the past, I’ve approached this from a technology tier perspective. I’ve taken the general Management request, and broken it down to each MP; otherwise it’s going to be a phone book. I’ve offered them several, smaller phone books.
Once they consume the Windows Server OS MP, then SQL OS MP, they’re usually mentally exhausted and give up.
Overall, the best tool is what@Jannep suggested; the effective monitoring script. This also helps you ID things that you didn’t know were running, and then foster the discussion on how to tune things out.
…oh management; when their desire is to make the verbose, succinct.
Here’s an idea of what the script export looks like.
The previous answers are great and I’d agree that this is usually one of those questions where it can’t be answered satisfactorily; people either get a phonebook (which is “too long!”) because SCOM will quickly monitor a huge amount (why we have it in the first place!), or they get a summary (which “Isn’t detailed enough!”).
Whilst i’d agree that effective configuration is probably more useful than a pure MP view, you can use the opensource MP viewer tool to load MPs and then dump their contents to excel in a similar fashion to effective config. So if they want to know what all of the potential monitoring is for a given class, you could obtain that. The below PowerShell script will show management packs that contain (unit) monitors and rules in your environment, and a count so you can prioritise where to start…
$mg = Get-SCOMManagementGroup $mps = @{} $monitors = $mg.GetMonitors("IsUnitMonitor = 'true'") $monitors | % {$mps[$_.Identifier.Domain[0]] += 1} $rules = $mg.GetMonitoringRules() $rules | % {$mps[$_.ManagementPackName] += 1} $mps.GetEnumerator() | Sort-Object -Property value -Descending
One other note - some monitors/rules can be a bit misleading, in that they actually check for multiple issues. So just providing the Monitor name doesn’t always give the full picture.
I would like to thank everyone for all their input and I got some really good ideas here.
That is very helpful and I love the how long is rope I may have to start using that
Thanks that will be very useful if someone wants to know exactly what is being monitored on a particular server. Part of what management wants is to know when a server is built want all is monitored and then what all can we monitor if desired. Which really opens the other can of worms.
That is a tricky one. In short, it depends on what applications are installed (IIS, SQL etc.), in which case you can have a spreadsheet for each MP with what’s enabled by default. I have seen customer environments where EVERYTHING is disabled by default, then you drop computers into groups depending on what they want to be monitored. That is a very complex strategy that needs to be designed from the outset though. It’s really tricky