Powershell Archives - Page 6 of 9

I have moved script logging to OMS

15/12/201607/01/2025
by Martin Ehrnst

For some time I have “rewritten” my scripts to utilize variables, connections and other assets in Azure automation. While doing this I have moved all script logging to the cloud as well.

previously all scripts were logging to a file or to the computers event log. I have some experience with sending custom data to OMS. Using their API i have sent weather data and the technique could easily be transferred to do my script logging.

I thought about creating a module for this for a while, but luckily, the great Mr Tao Yang already did it and it is available on GitHub, PSGallery and in Azure automation. The only thing i had to do was wrap everything in a function and call that each time i needed a log entry sent from my scripts.

Based on Tao’s OMSDataInjection module. Here’s how my function looks like

<#
    .DESCRIPTION
        Function sends a entry to OMS Log analytics.
        Used to send script log entries to OMS in a 'one liner'


    .NOTES
        Requires Tao Yang's OMSDatainjection Module: https://github.com/tyconsulting/OMSDataInjection-PSModule/releases/tag/1.1.1
        Author: Martin Ehrnst
        www.adatum.no
    
    .CHANGELOG
        06.12.16: Initial function release
    
#>

param (
    [parameter(Mandatory=$true)]
    [string]$Message,
    [parameter(Mandatory=$true)]
    [ValidateSet('Information','Warning','ERROR')]
    [string]$Severity
    )

$LogEntry = @{
  ScriptName = scriptName
  Severity = $Severity
  RanAT = $env:COMPUTERNAME
  Message  = "$Message"
  LogTime  = [Datetime]::UtcNow
}

$SendLog= New-OMSDataInjection -OMSWorkSpaceId '**************' -PrimaryKey '********************************' -LogType 'test' -UTCTimeStampField 'LogTime' -OMSDataObject $LogEntry
}

The only thing you have to before you use it is to define your script name, OMSWorkspaceID, PrimaryKey and a LogType. When all is good. Call this each time you want to send a log entry

Send-LogEntry -Message "testing 123" -Severity Warning

Here is a script, from on prem to Azure Automation to run on a Hybrid worker using this function to do the logging.

Please note that since i run through azure automation i have created a connection object and reffeer to that using instead of specifying the ID and Key.

<#
    .NAME
        Close-OldSCOMAlerts.ps1


    .DESCRIPTION
        Closes SCOM alerts based on severity, resolution state, repeat count etc. Alter settings in the configuration regions.
        The script requires OpsMgr module and Azure automation. I Reccomend storing the credentials and variables as assets and run the script on a hybrid worker.
        If you want to run locally, change the script parameters and hard code the values.


    .NOTES
        Requires Operations Manager Module and Tao Yang's OMSDatainjection Module
        Author: Martin Ehrnst
        Version: 1.1 Initial (Azure automation) Release 28.11.16
        www.adatum.no
        www.intility.no
    
    .CHANGELOG
        08.12.16: Using Tao Yang's OMSDataInjectionModule to ship script logs to OMS
        Removed local logging
    
#>

#region Configuration
$ErrorActionPreference = "Continue"
#$VerbosePreference = "Continue" #Uncomment to see verbose output
[int]$RepeatCount = 2 #Alerts with less than x repeat count will close
[int]$AlertAgeHours = 3 #Alert Age (older gets closed)
[string]$AlertSeverity = "Information" #specify alert severity you want to close
[int]$ResolutionState = 0 #0 NEW
[int]$SetState = 255 #255 CLOSED
[string]$Comment = "Alert closed by script in azure automation" #Comment to set on the closed alerts
#endregion

#region Modules
Import-Module "C:\Program Files\WindowsPowerShell\Modules\OMSDataInjection\1.1.1\OMSDataInjection.psm1"

$module = Get-Module -Name OperationsManager
if (!$module){
    Write-Verbose "Could not find SCOM Module. Importing"
    Import-Module OperationsManager -Cmdlet Get-SCOMalert, New-SCOMManagementGroupConnection, Update-SCOMAlert, Set-SCOMAlert
    }
#endregion

#region OMSLogging
    $OMSWorkspace = Get-AutomationConnection 'I2-Intility-Test'
    
    
function Send-LogEntry{
<#
    .DESCRIPTION
        Function sends a entry to OMS Log analytics.
        Used to send script log entries to OMS in a 'one liner'


    .NOTES
        Requires Tao Yang's OMSDatainjection Module: https://github.com/tyconsulting/OMSDataInjection-PSModule/releases/tag/1.1.1
        Author: Martin Ehrnst
        www.adatum.no
        www.intility.no
    
    .CHANGELOG
        06.12.16: Initial function release
    
#>
param (
    [parameter(Mandatory=$true)]
    [string]$Message,
    [parameter(Mandatory=$true)]
    [ValidateSet('Information','Warning','ERROR')]
    [string]$Severity
    )

$LogEntry = @{
  ScriptName = 'Close-OldSCOMAlerts.ps1'
  Severity = $Severity
  RanAT = $env:COMPUTERNAME
  Message  = $Message
  LogTime  = [Datetime]::UtcNow
}

$SendLog= New-OMSDataInjection -OMSConnection $OMSWorkspace -LogType 'AutomationLogs' -UTCTimeStampField 'LogTime' -OMSDataObject $LogEntry

}
#endregion

Send-LogEntry -Message "Starting azure automation runbook to close old scom alerts" -Severity Information

#region AzureConfig
    
    $SCOMOperator = Get-AutomationPSCredential -Name 'AzureAutomationSCOMOperator'
    $SCOMManagementServer = Get-AutomationVariable -Name 'SCOMProdSDKServer'

#endregion

Try {
    #Connecting to SCOM management server
    Write-Verbose "Connecting to $ManagementServer"
    New-SCOMManagementGroupConnection -ComputerName $SCOMManagementServer -Credential $SCOMOperator
    }
Catch {
    Write-Error "$_.Exception.Message"

    Send-LogEntry -Message "$_.Exception.Message" -Severity ERROR
    }

#Actual alert work
$Date = (Get-Date).AddHours(-$AlertAgeHours).ToUniversalTime() #Setting Alert age and converting to UTC

$Alerts = Get-ScomAlert | where {$_.TimeRaised -lt $Date `
    -and $_.ResolutionState -eq $ResolutionState `
    -and $_.Severity -match $AlertSeverity `
    -and $_.RepeatCount -lt $RepeatCount `
    -and $_.IsMonitorAlert -eq $false
    }
if ($Alerts){
        $count = $alerts.Count
        Send-LogEntry -Message "Closing $count alerts" -Severity Information
       
        $alerts | Set-SCOMAlert -ResolutionState $SetState -Comment $Comment
        Send-LogEntry -Message "Finished - closed $count alerts" -Severity Information
        Write-Output "closed $count alerts"
    }
else{
    Write-Output "No old alerts to close. Exiting script"
    Send-LogEntry -Message "Finished. No alerts to close" -Severity Information
    }

MPAuthoring

SCOM Task to restart Agent – am i complicating…

16/11/201607/01/2025
by Martin Ehrnst

As part of planning to migrate a large (3000 + VM) SCOM 2012 R2 environment to 2016 we will need to do a bit of agent configuration. I have created two tasks in Our SCOM console to help us add or delete management Groups from the monitored computers (when moving all agents we probably will use some other orchestration). The problem is that you will have to restart the agents HealthService to save new configuration. Since we execute the task/script through the Health service the task will fail when we attempt to restart. You may experience Your task to work, as in you will have the managment Group added, but you will not see any output.
Over the years People have published a lot of scripts that restarts the agents but unfortunately I have not managed to get them to work properly.

Therfore, i am complicating Things…

I created a script which creates a scheduled task set to run in one minute before it expires and deletes. The Whole thing Works perfectly, but there has to be another way?

<#
NAME: Create-SCOMAgentRestartSchedTask.ps1

.DESCRIPTION
    Creates a scheduled task on the computer which will restart scom health service.
    Script is used as agent task within SCOM as a 'hack' to restart agent through the console.
    
.NOTES
    Martin Ehrnst /Intility AS
    www.adatum.no

    Intial release November 16
    Version 1.0


#>

#Do some logging to the Operations Manager Event Log
$api = new-object -comObject MOM.ScriptAPI
$api.LogScriptEvent("Create-SCOMAgentRestartSchedTask.ps1", 1001, 4, "Creating a scheduled task to restart SCOM health service. Task will expire and delete after it's finished.")

$Service = "HealthService"
$Action = New-ScheduledTaskAction -Execute "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Argument "Get-Service $Service | restart-service -force"
$run = (Get-Date).AddMinutes(1) # Two minutes from now
$User = 'SYSTEM'
$trigger = New-ScheduledTaskTrigger -Once -At ($run)
$settings = New-ScheduledTaskSettingsSet -DeleteExpiredTaskAfter 00:00:01
Register-ScheduledTask -TaskName "Restart SCOM HealthService" -User $user -InputObject (
  (
    New-ScheduledTask -Action $Action -Trigger $trigger -Settings $settings
) | %{ $_.Triggers[0].EndBoundary = $run.AddMinutes(5).ToString('s') ; $_ })
write-host "created a task to restart $service in one minute"

I know that Microsoft have a recovery action to restart the agent when it is using too much memory and similar, but I haven’t broken Down their code.

Automation

SCOM 2016 Schedule Maintenance Script

09/11/201607/01/2025
by Martin Ehrnst

With Operation Manager 2016 we finally have the ability to Schedule maintenance for Objects.
Doing that in GUI is pretty straitght forward, altough i have seen some blog post on issues With conflicting maintenance schedules. Besides scheduling maintenance mode in the GUI we have gotten some New PS CMDlet’s to manage maintance schedules.

One of them are New-SCOMMaintenanceSchedule.

Based on this i have created the following script wich will take parameters for servername, comments, start and end date before creating a New maintenance Schedule With the supplied server Objects (Linux/Windows)

Feel free to use and please give me feedback on improvements and bugs. Beware that this Version has some limitations and little error handling.

<#

.SYNOPSIS
    System Center Operations Manager 2016 Schedule maintenance mode script.

.DESCRIPTION
    Adding a SCOM 2016 maintencance shedule to specified servers. Works with Linux and Windows servers.

.EXAMPLE
    New-SCOMServerMaintenanceSchedule.ps1 -ServerName SERVER01 -start '01/01/2017 18:30' -end '02/01/2017' -comment "your comment"

    Adds a new maintenance schedule with server SERVER01 starting Jan. 1. 2017 18:30 and ending Jan 2. 2017 00:00

.EXAMPLE
    New-SCOMServerMaintenanceSchedule.ps1 -ServerName SERVER01 -start NOW -end 02/01/2017 -comment "your comment"

    Adds a new maintenance schedule with server SERVER01 starting NOW (adding 30 seconds by default) ending Jan 2. 2017

.EXAMPLE
    New-SCOMServerMaintenanceSchedule.ps1 -ServerName SERVER01 -start NOW -end 02/01/2017 -comment "your comment" -ManagementServer OPSMGR123.DOMAIN

    Adds a new maintenance schedule with server SERVER01 starting NOW (adding 30 seconds by default) ending Jan 2. 2017 connecting to specific management server

.NOTES
    Author: Martin Ehrnst /Intility AS
    Date: November 2016
    Version 0.9 Beta
    This version has a default of non reccuring schedule and has a hard coded reason for maintenance. You can change this by altering the script directly
    Use at own risk

#>

param(
[Parameter(Mandatory=$True)]
[string[]]$ServerName,
[Parameter(Mandatory=$True)]
[string]$ManagementServer = 'localhost',
[Parameter(Mandatory=$True)]
[string]$start,
[Parameter(Mandatory=$True)]
[string]$End,
[Parameter(Mandatory=$True)]
[string]$Comment)

#####FUNCTIONS#######
function Input-Date{
param(
[string]$dateTime)

Do
{    
$Inputdate = $dateTime
if ($Inputdate -eq "NOW"){
    $Inputdate = (Get-Date).AddSeconds(30)}
Else{
$Inputdate = $Inputdate -as [datetime]}

if (!$Inputdate) { "Not A valid date and time"
break}

} while ($Inputdate -isnot [datetime])

$Inputdate
}

Function Get-SCOMServers{
Param(
[STRING[]]$Name
)
#Getting servers from Windows and Linux Computer Class
foreach ($O in $Name){
$Server = Get-ScomClass -id 'e817d034-02e8-294c-3509-01ca25481689','d3344825-d5d1-2656-852e-1053269703c0' | Get-SCOMClassInstance | where {$_.DisplayName -like "$o.*"}
if(!$Server){
Write-Host "Could not find server. Please check input"
break}
else{
$server}
}
}

######END FUNCTIONS####

#Maintenance start time
$InputStart = Input-Date -dateTime $start -ErrorAction Stop

#Maintenance end time
$InputEnd = Input-Date -dateTime $End -ErrorAction Stop

#Checking if module is loaded. if not load and connect to MS
$Module = Get-Module -Name OperationsManager
if (!$Module){
Import-Module OperationsManager}

New-SCOMManagementGroupConnection -ComputerName $ManagementServer

$Object = (Get-SCOMServers -Name $ServerName).ID
[STRING]$SheduleName = $ServerName + ":" + "Created with Script"
$Duration = (New-TimeSpan -Start $InputStart -End $InputEnd).TotalMinutes
$Reason = 'PlannedApplicationMaintenance'
$Frequency = '1' #1 Equals no frequency or 'once'

try{
New-SCOMMaintenanceSchedule -Name $SheduleName -Enabled $true -MonitoringObjects $Object -ActiveStartTime $InputStart -ActiveEndDate $InputEnd -Duration $Duration -ReasonCode $Reason -FreqType 1 -Comments $Comment -ErrorAction Stop
}
catch{
write-host "Something went wrong"
$_.Exception.Message}

I have moved script logging to OMS

Share this:

SCOM Task to restart Agent – am i complicating…

Therfore, i am complicating Things…

Share this:

SCOM 2016 Schedule Maintenance Script

Share this: