Web API for System Center Operations Manager
The SCOM web API is updated, see this post
You will always find the latest SCOM Web API release on GitHub
System Center Operations Manager (SCOM) is a widely used monitoring platform and one of its advatages is the ability to custom author monitoring through management pack development.
With a ‘cloud first’ approach most systems is able to do information exchange or integration through a web-based API, often reffered to as a REST API. SCOM have many ways to exchange information and the System Center Suite also have an integration platform call System Center Service Provide Foundation (SPF) which you can read more about here
To support a more light weight integration platform i decided to start my first C# project and develop a web-based API for SCOM that supported the daily used “functions”. Thanks to my colleague @RudiMartinsen i managed to create a working solution.
API Endpoints
- [GET] Agents (Admin privileges required)
- Get all agents
- single based on Guid
- [GET] Alerts
- Gets all alerts
- single based on Guid
- Single based on ComputerName
- Include ‘closed’ with IncClosed=true
- [PUT] Alerts
- Update a single alert with resolution state and/or ticket id
- Monitor generated alerts will be resett if 255 (closed) is sent as resolution state
- [GET] WindowComputers
- Get all partial monitoring object from the Windows Computer class
- Single based on ComputerName
- [POST] ComputerMaintenance*
- Maintenance mode a Windows Computer for a specific # minutes
- [GET] MonintoringObject/{id}
- Get a single monitoring object based on ID (Guid)
I have uploaded the source project on GitHub and hopefully our community can continue to develop and introduce new features missing in this release.
Installation
There are two versions of the API. One without user impersonation and one where this is available. To install the version with user impersonation enabled. Do the following on a SCOM Management server
- Download the project or .zip file from GitHub
- Copy the required .dll from your management server (\Operations Manager\Server\SDK Binaries) to the web api Bin folder
- Microsoft.EnterpriseManagement.Core.dll
- Microsoft.EnterpriseManagement.OperationsManager.dll
- Microsoft.EnterpriseManagement.Runtime.dll
- Create a new web site and set physical path to where you extracted the files
- Enable windows authentication (and basic if you want)
- Set your Application pool to use network service identity
Examples
Using powershell here are a few examples on how you can use the API
Get Alerts
#Get all alerts Invoke-RestMethod -Uri 'http://localhost:64049/Api/alerts' -UseDefaultCredentials #Get a single alert Invoke-RestMethod -Uri 'http://localhost:64049/Api/alerts?id=4a6f29e3-f4b5-4883-a3f2-97eb3be50c12' -UseDefaultCredentials #Get alerts specified with computername Invoke-RestMethod -Uri 'http://localhost:64049/Api/alerts?ComputerName=COMPUTERNAME.fqdn' -UseDefaultCredentials
Put a computer in to maintenance
PS C:\Users\...> $json = @" { "DisplayName": "COMPUTERNAME.fqdn", "Minutes": 10, "comment": "I believe this is working" } "@ Invoke-RestMethod -Method POST -Uri 'http://localhost:64049/API/ComputerMaintenance' -Body $json -UseDefaultCredentials -ContentType 'Application/json'
Returns
DisplayName Minutes EndTime comment ----------- ------- ------- ------- COMPUTER NAME.fqdn 10 2017-05-05T08:42:56.5938294Z I believe this is working
Get a monitoring object
#Get a monitoring object Invoke-restmethod -uri 'http://localhost:64049/API/MonitoringObject/cb191c1a-47dc-3c51-3686-9f66dd59f187' -UseDefaultCredentials displayName : D: healthState : Success inMaintenance : False stateLastModified : 23.03.2017 15.39.23 classes : path : MyComputerHostingThisDisk.fqdn
Limitations*
- SCOM .dll files will need to copied manually in to the web api application folder as I assume im not allowed to redestribute these.
34 COMMENTS
Thank you very much for sharing, I learned a lot from your article. Very cool. Thanks. nimabi
Please provide the sample value for the
Also when i browse http://localhost:64049/swagger/docs/v1 , i am getring the json , not swagger UI
what am i missing
did you figure this out? I havent worked with this for years, so i dont remember 🙁
I may need your help. I tried many ways but couldn’t solve it, but after reading your article, I think you have a way to help me. I’m looking forward for your reply. Thanks.
The point of view of your article has taught me a lot, and I already know how to improve the paper on gate.oi, thank you. https://www.gate.io/ru/signup/XwNAU
I am a website designer. Recently, I am designing a website template about gate.io. The boss’s requirements are very strange, which makes me very difficult. I have consulted many websites, and later I discovered your blog, which is the style I hope to need. thank you very much. Would you allow me to use your blog style as a reference? thank you!
how to put an microsoft.windows.cluster instead of put microsoft.windows.computer in maintenance?
How can i put a Microsoft.windows.cluster instead of Microsoft.windows.computer in Maintenance ?
Great question. Have you tried using the object maintenance? I have not tried this my self, and not sure how it traverse on clusters
Hey,
I was looking around to find a description of the fields under: /API/Agents. I get the json with the 20 values (0 to 19), I can figure out some of them (like hostname, management server, etc) but some of them are still a mystery. Could you shed some light on this, please 😀 ?
p.s. Great work with this, you saved me a lot of trouble..
Hi Stefan. I’m not in front of my computer,but from the top of my head it’s strictly raw data. The same you would get when using get-scomagent in powershell. Any particular fields you don’t know the meaning of?
Hey, thanks for the reply.
Here is what I get via the API:
0 “216e1921-8ee7-b22c-8f1a-20a25482e00f”
1 “servx1.domain.lcl”
2 “domain.lcl”
3 “servx1”
4 “servx1.domain.lcl”
5 “SYSTEM”
6 “DC\\adminusr”
7 “2018-02-20T17:48:16”
8 true
9 true
10 false
11 “7.1.10184.0”
12 3
13 false
14 “62577b69-f6df-2fa8-3c64-3b78150e47fb”
15 “118c0f18-7a70-5f57-3a9b-eeaf1705b3fc”
16 “scomgw.domain.lcl”
17 “06ac2d70-a350-65c7-460c-b9db271d7345”
18 “37848e16-37a2-b81b-daaf-60a5a626be93”
19 “2018-02-20T17:55:52.61”
I presume the following:
0 – host id
1 – name
2 – domain
3 – computername
4 – DisplayName
5 – ActionAccountIdentity
6 – InstalledBy
7 – InstallTime
11 – Version
16 – PrimaryManagementServerName
19 – looks like LastModified, but I am not sure
I have no idea what the following represent: 8, 9, 10, 12, 13, 14, 15, 17, 18
Thanks
Hmmm… I will have to check it out my self. Maybe tomorrow. To be honest I have never used the endpoint my self. Only created it as I figured it would be useful at some point 😉
Yeah. We need to create our own model for this… Here’s the output from Get-SCOMAgent powershell commandlet. If you feel confident to do so, please contribute to the code on GitHub
Again, sorry for not quality check that endpoint at all.
PatchList : System Center 2016 Operations Manager Update Rollup 3 Patch;
PrimaryManagementServerName : ManagementServer
ManagementGroup : ManagementGroup
Id : 43d87c22-f3a5-788c-01af-fffb9e705453
LastModified : 26.02.2018 10.41.31
Name : ComputerName.domain.local
DisplayName : ComputerName.domain.local
HostComputer : ComputerName.domain.local
HostedHealthService : ComputerName.domain.local
HealthState : Success
PrincipalName : ComputerName.domain.local
NetworkName : ComputerName.domain.local
ComputerName : ComputerName
Domain : I04
IPAddress : 10.1.1.11, fe80::1c4a:1cfa:c68c:21a4, 2a00:10b0:2:40:1c4a:1cfa
:10b0:2:26::128
Version : 8.0.10918.0
RequestCompression : True
CommunicationPort : 5723
MaximumSizeOfAllTransferredFilesBytes : 0
MaximumQueueSizeBytes : 104857600
ManuallyInstalled : False
InstallTime : 20.04.2017 10.33.12
InstalledBy : domain\UserWhoInstalled
CreateListener : False
AuthenticationName :
ActionAccountIdentity : SYSTEM
HeartbeatInterval : 120
ProxyingEnabled : True
ManagementGroupId : 00000000-0000-0000-0000-000000000000
Hey,
Thanks for looking into this. I’ll have a deeper look at this and if I can come up with something to enhance the code I will submit it via github.
Thanks.
Hi Martin
We are trying to automate the SCOM alters by writing the script to resolve the alerts and closing them. But the thing is when i fetch the alerts from the SCOM, data is huge and it will take more time. Is there a way to restrict the no of alerts to fetch in API. Please help me it would be helpful.
Hi Harish. I haven’t implemented any function to limit the # returned. I may look in to that. Just by curiosity, how many alerts are we talking, and how long does it take?
Max 200 alerts at one poll.We are scheduling this script at half an hour interval to fetch and create a ITSM ticket for end to end integration.
SCOM 2016 UR3 on WIndows 2012 R2
Webdav is enable. Have you ever tested with SCOM 2016 on Windows 2012 R SErver and IIS 8.5?
That might be your problem. check the link if it makes sense. No sorry, only 2012 R2 os and scom and 2016 scom/os, but your combination should work, as it is the put command that seems to be the issue
Finally it works.
After make some configuration change in IIS and use -Credential instead -UseDefaultCredentials.
Thanks you
Hung
Perfect. Glad you sorted it out
Put server in Mainteance works but put/update an Alert doesn’t work. Do you have an example for updating an alert?
Hi Hung Le,
What languange are you calling the API with, is it working through swagger?
Using PowerShell:
Invoke-RestMethod -Uri 'https://ApiServer/API/Alerts?Id=2d35ff56-687f-48d0-b03c-0b9cb5354a37&ResolutionState=255' -UseDefaultCredentials -Method Put
will update the alert (in this case close it)
Hi Martin,
when i run follow command with powershell:
Invoke-RestMethod -Uri ‘http://localhost:8888/API/Alerts?Id=128d68a5-fcf5-4358-bced-a43dc5e3a124&ResolutionState=255’ -UseDefaultCredentials -Method Put
i got follow error:
Invoke-RestMethod :
IIS 8.5 Detailed Error – 405.0 – Method Not Allowed
HTTP Error 405.0 – Method Not Allowed
The page you are looking for cannot be displayed because an invalid method (HTTP verb) is being used.
Something wrong with IIS on Windows 2012 R2?
Strange. I don’t manage to replicate this my self. Scom 2012 and server 2012?
Do you have webDav enabled?
https://forums.asp.net/t/1949993.aspx?PUT+and+DELETE+methods+not+working+on+IIS
SCOM 2016 and Windows 2012 R2
Thank you for bringing SCOM in to the 21st century
Of course 😉 if you are attending Experts Live in Berlin next week, I will have a short demo of it as well.
Useful and fun stuff 🙂 Great job!
Thank you Tommy. Let me know if you experience any issues. Glad you find it useful.