Overview of the .NET 2.0 fix that was shipped in UR3

We have been investigating this issue actively and this fix has not solved the issue completely. We are actively working to resolve the issue and release a hotfix soon.

Workarounds:

• SCOM 2016 Agent can be replaced with SCOM 2012 R2 Agent, it’s forward-compatible with SCOM 2016 Server and APM feature will continue to work with the older bits
• SCOM 2016 Agent can be reinstalled with NOAPM=1 switch in msiexec.exe setup command line, APM feature will be excluded from setup

Additional issues along with the workaround

SharePoint Central Administration site stops working when SCOM 2016 Agent is installed onto the server

• Although SCOM 2016 Agent installs APM component in the disabled state by default, it adds a registry setting to load inactive APM into IIS Application pools
• If APM is not yet configured for this server, those application pools will only have APM loaded in inactive state without any monitoring
• The issue has been reported that inactive APM may crash SharePoint Central Administration v4 application pool and prevent this application from starting

Workarounds:

• If APM feature is required on that server: downgrade SCOM Agent to 2012 R2 and continue monitoring;
• If APM feature is not required on that server: keep SCOM 2016 Agent and re-install it with “NOAPM=1” in the setup command line

Web Site crashes during startup when SCOM 2016 Agent is installed onto the server

• Although SCOM 2016 Agent installs APM component in the disabled state by default, it adds a registry setting to load inactive APM into IIS Application pools.
• If APM is not yet configured for this server, those application pools will only have APM loaded in inactive state without any monitoring.
• If application pool account has no access to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\System Center Operations Manager\12\APMAgent registry key, inactive APM won’t be able to read that key and this application pool process may crash.

Workaround:

• Add “Read” access permission for the application pool account to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\System Center Operations Manager\12\APMAgent

Have you ever tried to use Distributed Applications in Operations Manager, but got frustrated with the manual process of creating the diagrams? They can be difficult to create and harder to maintain in modern, dynamic systems.

Wouldn’t it be great if those diagrams could be built and maintained for you automatically? With the public preview of the new Service Map management pack, that reality is here.

Service Map is an Azure service automatically discovers application components on Windows and Linux systems and maps the communication between services. You can create diagrams for individual servers or complex maps of groups of servers representing your business services.

With this new integration, you can take the dynamic maps that Service Map creates and have them automatically create and maintain your Distributed Application Diagrams in Operations Manager. As your business services change, your diagrams will change along with them. Now, you can set up dashboards showing the health of your services and trust that the underlying Distributed Applications represent the real-world infrastructures, even as they change.

For more information, look at the online documentation or download the management pack and try it out for yourself.

We’d love your feedback on this new feature. Feel free to send me an email at david.irwin@microsoft.com.

– David Irwin

In SCOM 2016, when the support for Nano was introduced, a regression caused issue in functioning of the WMI health monitor. This issue was hit only when

• WinRM was configured to use https only
• The Service Principal Name was registered to set http/servername to a user account

The issue has been fixed, the protocol used by the script that was causing the failure has been modified to use the DCOM protocol as in SCOM 2012 R2. We have released the inbox MP package here.

Installation Steps- Import the .msi package on to the SCOM 2016 machine and install the files. If the MPs already exists, they will be upgraded with the latest files.
The package has 2 inbox MPs, their names and versions are given below

• Microsoft.SystemCenter.2007.mp – 7.2.11907.0
• Microsoft.SystemCenter.Internal.mp 7.0.8437.10

Following is the work around for installing SC 2016 OM console and SC 2016 SM console on the same server:

1. Install SC 2016 OM console and then install SC 2016 SM console on the same server
2. Add system environment variable DEVPATH which contains folder path of the Microsoft.EnterpriseManagement.Core.dll with the value “C:\Program Files\Microsoft System Center 2016\Operations Manager\Console\SDK Binaries”
3. Add following highlighted entry in the config file (C:\Program Files\Microsoft System Center 2016\Operations Manager\Console\Microsoft.EnterpriseManagement.Monitoring.Console.exe.config)

                              <configuration>

                              ….

                             <runtime>

                            <developmentMode developerInstallation=”true” />

                            </runtime>

                            ….

                           </configuration>

  With above modifications both the consoles will co-exist on the same server.

As System Center gets ready for frequent and continuous releases, – see announcement​ here. We the System Center Operations Manager (SCOM) product team would love to hear your inputs on this change. And we would also like to hear from you on other improvements that we should focus on.

Please respond to the survey @https://aka.ms/scomsurvey. Your survey response will help us plan and prioritize features for the new release model.

If you have any trouble at all responding to the survey, please feel free to contact us at adgoda@microsoft.com.

We are listening to customers’ requests on User Voice. The issues reported on DHCP MP have been rectified and we have released a new version of the MP. You can download the Microsoft System Center Management Pack for Windows Server DHCP 2016 here and DHCP 2012 R2 MP here. The MP has below fixes

• DHCP Failover Server Relationship Discovery was failing as the Scope ID length max limit was 4000. The Scope ID length limit has been increased to 65536.
• Alert description for “DHCP IPv4 Runtime Service Bound to Static IP Address Monitor”, “DHCP Dependent Service Health Monitor”,”DHCP Database Integrity Monitor” have been updated, users can comprehend and troubleshoot the situation better with such information.
• To reduce the alert noise created with multiple alerts of same type, the alert rules “DHCP Back Up Database Warning”, “DHCP IPv4 Runtime DNS Registration Rule”,  “DHCP IPv4 Runtime Users Group Configuration Rule” and “DHCP Database Integrity Warning Rule” are suppressed so that only the alert count increases and not generate new alerts
• “Collect ALL DHCP Server Performance Data” rule has been fixed to ingest right data in the registry key, thus indicating the correct health state of the entity
• “DHCP Performance Health Monitor” which was always in not-monitored state has been rectified to correctly show the health state of the entity it monitors
• “DHCP Server 2012 R2 Super Scope Addresses Available Percentage Monitor” that was failing to change state on critical alerts, has been fixed to show the appropriate state so the users do not miss out on critical state

When creating a maintenance schedule, selecting more than 216 target objects (these can be any specific entity instances or groups) might result in the Operations Console to disconnect with the following error:
“The client has been disconnected from the server. Please call ManagementGroup.Reconnect() to reestablish the connection.”

You can use the following alternate option to put large number of objects in maintenance mode using a single maintenance schedule:

• Create a single group or multiple groups with all the objects you would like to put in maintenance schedule
• Create a maintenance schedule with these groups (number of groups should be less than 216)

Compliance organizations (like PCI) are mandating that customers use TLS 1.2 for all encrypted communications and disable all other protocols in their environments. SSL and early TLS are not considered strong cryptography and cannot be used as a security control after June 30, 2016. Microsoft has added official support for TLS1.2 security protocols in System Center 2016. This protocol is now supported in the following products

• System Center Operations Manager (SCOM)
• System Center Virtual Machine Manager (SCVMM)
• System Center Data Protection Manager (SCDPM)
• System Center Orchestrator (SCO)
• Service Management Automation (SMA)
• Service Provider Foundation (SPF)
• System Center Service Manager (SM)

The 3-step process of enabling TLS1.2 involves:

1. Installing the updates for Windows Server Security, .NET 4.6, SQL Server & System Center 2016 UR4. For System Center Virtual Machine Manage (SCVMM), Service Management Automation (SMA) and Service Provider Foundation (SPF), make sure that you upgrade to Update Rollup 3for System Center 2016. For SMA also update the SMA 2016 MP from here.
2. Changing the configuration settings to enable TLS1.2 in the Windows Environment and System Center across all components.
3. Making additional System Center component specific settings.

You can find more details in the System Center 2016 TLS1.2 Configuration article.

The following is a special guest blog from Squared Up

As part of our continuing commitment to the SCOM community we’re excited to announce a new PowerShell Monitoring Management Pack, freely available to the community, available to download from our site and open-sourced via GitHub.

Firstly, a big thanks to Microsoft Premier Field Engineer Wei H Lim for the inspiration behind the management pack and to the SCOM Product Team for encouraging this community effort.

We think this new management pack has incredible potential, are proud to make it openly available to the community and hope you’re as excited by this news as we are.

The PowerShell Monitoring MP adds support for PowerShell everywhere that you would expect to see it within the SCOM console’s authoring pane (ie. everywhere there is currently VBScript).

This means that custom two- and three-state monitors, custom performance and event collection rules and even custom agent tasks can all make use of PowerShell scripting, all through standard wizards in the SCOM console.

Because the MP isn’t just limited to custom monitors, you can get awesome results from the MP quickly and easily. For example, if you or your colleagues have useful PowerShell scripts that can pull back some handy troubleshooting data, or take a simple remediation action for a known problem, then, hey-presto, thanks to this MP you can quickly wrap that up as a SCOM agent task and push it out to your IT operations teams in just a few clicks.

To us, SCOM is and always has been a platform and, thanks to its management pack architecture, extensibility has always been at the heart of the power and potential of SCOM. But extending SCOM doesn’t need to be limited to simply what you can monitor, it includes how you monitor with SCOM.

So, we thought we’d harness the power of the community to help take SCOM to the next level. We’re delighted with the results and so are the many hundreds of users already well underway with the PowerShell Monitoring MP.

To help show you around the MP and what you can achieve with it, we ran a technical deep-dive webinar and the replay of that, together with access to the MP itself, is available via our website now.

We’re also pleased to say that this isn’t the last you’ll hear us in terms of harnessing the power of the community to help everyone do more with SCOM and to further extend its capabilities in line with the latest best-practices, techniques, and technologies; there’s lots more to come so why not join the community today and stay up to date with all the latest developments.

The following is a special guest blog from Savision

Modern enterprise IT infrastructures are becoming increasingly difficult to manage as the deployment of new services and applications continues to grow.  Applications tend to rely on many other services and applications to function, which often span many server and network components.  In order to fully understand the performance and availability of any particular application, a complete picture of all dependent services and applications is needed.  Without this picture, troubleshooting and root cause analysis are long, tedious, and typically involve many manual steps and processes.

Using Service Map

Service Map is an Azure management solution that automatically discovers and builds a common reference map of dependencies across servers, processes, and third-party services in real-time.  Using Service Map, IT organizations have access to the complete picture of application and system dependencies across Windows and Linux, whether running in an on-premises, pure cloud, or hybrid environment.

In addition to application and system dependencies, Service Map is also able to leverage other management solutions such as Log Analytics, Change Tracking, Update Management, and Security, providing a truly comprehensive view, all in the context of your service or application.

Discovered dependencies and contextual performance metrics from Service Map in Azure

Integration with System Center Operations Manager

Many organizations who are planning to or are already using Service Map may also have System Center Operations Manager (SCOM) deployed on-premises.  SCOM provides the most comprehensive cross-platform data center monitoring for operating systems, applications, and hypervisors.  For organizations who already rely on SCOM for critical IT operations, having visibility into the application and system dependencies discovered by Service Map is an essential feature. Thankfully, Microsoft has provided an integration between SCOM and Service Map, which automatically creates distributed application (DA) diagrams in SCOM based on the dynamic dependency maps in Service Map.  The Azure team has published a detailed article on how to setup the integration between SCOM and Service Map here.

This integration enables organizations that rely on SCOM to have a complete picture of all application and system dependencies in their IT infrastructure.  However, there are still more questions to be answered.  What if exceptions need to be made to the dependencies that are discovered?  There are cases where explicit inclusions or exclusions need to be made to the dependencies that are discovered.  What if service-level tracking is needed for these discovered applications and services?  How does an organization visualize all of these discovered services and applications in a single, dynamic, easy-to-understand dashboard?  This is where the integration with Savision Live Maps comes in.

Introducing Savision Live Maps

Savision Live Maps empowers organizations to create compelling visualizations and dashboards based on any information collected and stored by SCOM.  From executive-level service and application overviews, to detailed technical dashboards for critical IT infrastructure, any visualization or dashboard that can be imagined can be made a reality with Live Maps.  SCOM provides a role-based access control (RBAC) system to control what users are able to do and see within SCOM.  Live Maps provides full support for this RBAC model ensuring that users only see the visualizations and dashboards that they are entitled to see.

As mentioned in the previous section, Service Map can create DA diagrams right within SCOM detailing the application and system dependencies that have been discovered.  Live Maps is able to import any DA within SCOM and transform that flat model into a rich ITIL-based business service model.  This model provides many benefits above and beyond what is provided with native SCOM DA’s.  Better still, Live Maps automatically keeps this model up to date, so as Service Map discovers new dependencies, they are dynamically updated and shown in the business service models provided by Live Maps.

You can read more about how Live Maps dynamically updates SCOM DA’s in the following blog article:

https://www.savision.com/resources/blogs/new-features-in-live-maps-dynamically-updating-services/

Import Distributed Application Wizard from Savision Live Maps Authoring Console

Live Maps’ business service model provides different health perspectives for each service: end-user, application, and infrastructure.  This provides another level of visibility, ensuring that issues that impact end-users are highlighted for immediate attention and timely resolution.  Service-level tracking is a great capability offered by SCOM, however it can be difficult to configure and maintain.  Live Maps automatically creates service level agreements (SLA) for all business service models, and provides an intuitive user experience for configuring these SLA’s.  Organizations are able to easily define a goal for each business service and then view the real-time SLA and operational health of all business services from a single dynamic dashboard.

Services Overview from Savision Live Maps

In addition to the rich business service model provide by Live Maps, inclusions and exclusions can also be easily defined by Live Maps.  This allows organizations to make custom changes to what is discovered by Service Map.  These changes are intelligently applied to the model, so that new changes discovered by Service Map are respected, while also ensuring the inclusions and exclusions that have been defined are enforced.  IT organizations are highly-dynamic, so Live Maps doesn’t just provide manual inclusions and exclusions, but rather a rich rule system is available, allowing organizations to define complex rules to ensure the inclusions and exclusions they need can be achieved.

Conclusion

Through his article, you’ve seen how Service Map can discover application and system dependencies, and overlay other useful information from other Azure management solutions to provide a complete picture of discovered services and applications.  You’ve also seen how Service Map can feed this information back into SCOM, and how Live Maps can further enrich this model by providing end-user visibility, SLA monitoring, and executive-level overview dashboards.  We encourage you to check out Service Map to learn more about how your critical services and applications are interconnected.  Finally, to obtain visibility into this valuable information from within your SCOM environment, we encourage you to also request an evaluation of Live Maps and achieve 100% coverage of your business services, delivered via dynamic executive-level service and application dashboards.

You can easily explore the power of Live Maps through our online demo here, or request a free trial key using this link:

https://www.savision.com/trial

You can also watch a webinar that Savision recently released which focuses on the integration between Service Map and SCOM.  You can view the on-demand webinar here:

https://www.savision.com/resources/online-session-not-scomplicated-oms/

Visual Studio Authoring Extension(VSAE) is now updated to be compatible with Visual Studio(VS) 2017. VSAE is the most commonly used authoring extension by the Management Pack(MP) development community. The MP developers want to use it with the latest Visual Studio for the benefits that they get. The new VSAE(version 1.3.0.0) can be downloaded from here. For this extension to work as expected, the entire package of Visual Studio (including modeling SDK) must be pre-installed. You can verify if the extension is installed successfully by navigating to the Extensions and Updates section in Tools Menu.  

With this extension, user can create a Management Pack project, choose from one of the MP templates provided and author or edit an MP.  

If any queries, please write to us at SCOM user voice. 

The below PowerShell script can be used to automatically close old SCOM alerts. This script looks for active alerts along with the time when alert was created (alert age). If the alert age is greater than the specified number of days ($alertsTobeClosedBefore) then the script will close the alert for you. This script can help clean up some environments with lot of old alerts which are still active.

Script:

$alertsTobeClosedBefore = 5

$currentDate = Get-Date

Get-SCOMAlert | Where-Object {(($_.ResolutionState -ne 255) -and (($currentDate – $_.TimeRaised).TotalDays -ge $alertsTobeClosedBefore))} |Resolve-SCOMAlert

Update and Recommendation feature was introduced in SCOM 2016  for Microsoft owned Management Packs  . This feature was introduced to alleviate the challenges involved in discovering the appropriate Management Packs for various workloads running in the customer’s environment from different websites on the internet and staying up to date with the latest versions of the Management Packs.

With this feature, the customer is able to automatically discover various workloads(for which the Management Pack exists) running in their environment that is managed by the SCOM server and it would recommend appropriate Management Packs (including the latest version or missing Management Packs) that can be imported to monitor the workloads. This feature is enabled for 110+ Microsoft workloads, for which the customers can easily download and import the Management Packs without having to search those on the internet at all.

We are extending this feature to support Management Packs authored and offered by several external technologies and consulting partners of SCOM. Partners have extended their support by signing up with SCOM team to onboard their Management Packs to ease the Management Pack discovery problem solved by this feature. With the partner support, this feature is now able to recommend Management Packs for both Microsoft and non-Microsoft workloads.

In the Operations Manager 1801 release, we are starting with onboarding Management Packs  from the following external partners:

1. Calcomp – CHS Suite
2. Comtrade – Nutanix, F5 BIG-IP
3. Infront Consulting – RightFax, SC Orchestrator, McAfee, and Isilon
4. NiCE – IBM Domino, Oracle, and DB2
5. Opslogix – BlackBerry, IBM MQ, Oracle, Swift, and VMware
6. Savision – ActiveDirectory, Exchange 2013, Exchange_2010, DynamicsCRM, SharePoint 2013, SkypeForBusiness 2015, SystemCenterConfigurationManager 2012, DHCP, DNS, RemoteDesktopServices, and Lync Server 2013

The UI experience of the Update and Recommendation feature in the Operations Manager console is enhanced to indicate the company that owns the Management Pack as shown in the screenshot below. For non-Microsoft workloads, Get MP action will navigate the user to the Partner website with the MP details .

Please share your feedback on User Voice. If you are an Management Pack partner and want to onboard your Management Packs, please write to us at mpgfeed@microsoft.com.

About 

This series of blogs intends to introduce the new SCOM Web Console released in System Center Operations Manager 1801. For details on implementation and other parameters please refer to the detailed documentation. This blog is designed to be a bit more informal and describes the different features by associating them to use cases.
The series is divided into different parts and it is recommended to read them in order for better understanding. 

After going through this series of blogs a user would: 

• Get a fair idea about the new SCOM Web Console and the different features added to it 
• Understand the new dashboard capability 
• Understand the different widgets and their customizations 
• Learn about the different dashboard and widget actions 

• Learn about the drilldown feature and how it can be used to investigate issues 
• Get a walkthrough on how to create a custom web application on SCOM REST APIs 

This series consists of the following other blogs:

• New SCOM Web Console – Blog series (Post 2/5): The all new Dashboards
• New SCOM Web Console – Blog series (Post 3/5): The new HTML5 Widgets
• New SCOM Web Console – Blog series (Post 4/5): The all new Drilldown experience
• New SCOM Web Console – Blog series (Post 5/5): Sample Custom Dashboard walkthrough

What’s new in SCOM 1801 Web Console? 

The SCOM 1801 release marks the inception of a faster, modern, flexible and more reliable HTML based Web Console. The Web Console has been given a complete reboot to ensure that it fulfills modern day monitoring needs (and yes, it is now completely free from Silverlight!). 
This is another step towards our continuous commitment to the SCOM community and we would like to give a big thanks to all our customers who voted this as the top most requested feature in SCOM User Voice. We are really excited about this new Web Console and we strongly believe that you’d just fall in love with it!  

Still using Silverlight? Don’t worry, we’ve got that covered too! The Silverlight dashboards are available in a new URL:
http://<Your_Web_Server_Name>/Dashboard 

Authentication 

The new SCOM Web Console brings back the network authentication! This is what you’d see when you visit the Web Console for the first time:
 

Choose your preferred login option and you are in, welcome to the new SCOM Web Console! 

 Recommended Next: New SCOM Web Console – Blog series (Post 2/5): The all new Dashboards

About

This blog aims at introducing the all new HTML5 based dashboard functionality added to SCOM 1801 release. For details on implementation and other parameters please refer to the detailed documentation.
After going through this blog, a user would:

• Understand the new dashboard capability
• Learn about the different dashboard actions

The all new Dashboards

The SCOM 1801  Web Console introduces the all new, fully customizable, dashboards. These dashboards are built and fine-tuned keeping in mind the huge volume of IT monitoring data. This ensures that you get next to real-time monitoring information without compromising on performance.
The dashboards, being built in HTML5, support a wide range of modern browsers including Internet Explorer, Microsoft Edge, Google Chrome and Mozilla Firefox.

Below is a screenshot of a sample dashboard:

As portrayed in the above screenshot, a dashboard is comprised of multiple widgets. These widgets can be completely configured for data, display and positioning within the dashboard in a manner that best suits your needs.
Currently the dashboard supports the following widgets:

• Alert Widget
• State Widget
• Performance Widget
• Topology Widget
• Tile Widget
• Custom Widget

Dashboard Actions

The dashboard supports the following actions:

Creating a dashboard

You can create a new dashboard by selecting the “+ New Dashboard” option in the navigation tree as shown below:

This would popup a right pane as follows:

Wish to add this dashboard in a new MP? Don’t worry, you needn’t go back to the SCOM console. Just hit the “+” next to the MP list and you’d get a section allowing you to create a new MP and add this dashboard to it.

It really is that simple!

Deleting a dashboard

To delete a dashboard simply hit the “Delete Dashboard” button on top and when prompted hit “Yes”

Editing a dashboard

The edit operation allows the user to edit the name of the dashboard as well as the layout of the widgets added to it.
Once you hit the edit action, the dashboard name becomes an editable field.

Also, all the widgets can now be dragged and resized. This is really useful when you want to club together the widgets targeted to similar objects/groups.

Once you are done, hit “Save Changes” and your layout is saved!

Adding a Widget

When you create a new dashboard it is empty and has no widgets. You can click on the “+ Add Widget” action on top of the dashboard that would lead to the right pane popping up as shown below:

There are lots of widgets that are shipped in box. All of them are discussed in detail in the next part.

Viewing in Full Screen

Wish to only view the dashboard in a big screen like a projector? That’s now possible!
Hit the “View in Full Screen” link on top of the dashboard and you’d get a full screen view of the dashboard.

Exporting Dashboards

Dashboard once created can easily be exported. To export a dashboard, the user simply needs to export the management pack in which the dashboard is stored. If you drilldown into the exported management pack, you’d observe that the dashboard is defined as a view. So for ex. If a dashboard is created as shown below:

Then the generated MP would look like this (note below just a snippet from the MP is taken to avoid clutter):

Note the TypeID of the view. This is a new TypeID introduced for HTML dashboards. Rest of the structure of the MP is pretty similar to any other view.

Recommended Next: New SCOM Web Console – Blog series (Post 3/5): The new HTML5 Widgets

About

This blog aims at introducing the all new HTML5 based widgets added as part of the new dashboards with  . For details on implementation and other parameters please refer to the detailed documentation.
After going through this blog a user would:

• Understand what are all the new widgets
• Learn about the different widget actions

It is highly recommended to read the previous blog in this series for better understanding.

The new HTML5 Widgets

There are a total of 6 widgets that are shipped with SCOM 1801 :

• Alert Widget
• State Widget
• Performance Widget
• Topology Widget
• Tile Widget
• Custom Widget

These widgets are designed to be fast and robust. It’s quick to load, unlike Silverlight. The widgets support a high level of customization to ensure that they can be used effectively by one and all.
One important thing to note is that the data refresh for these widgets happens in the background at the defined interval (or you can do a force refresh). This way you always have some data to work on while the new chunk is being fetched in the background. Thus, the widgets and the dashboard in general feels a lot more responsive.

Widgets are stored in the management packs as views. Below is a snippet from a management pack containing a “Tile widget”

Note the TypeID. This is a new TypeID introduced for HTML widgets.

Types of Widgets

Alert Widget

This widget displays the list of alerts for a given criteria. Refer to the authoring parameters section below to learn more about the customizations that can be done.

Authoring Parameters

When you start off with the authoring for alert widgets you’d see something like this:

As clear from above there are 4 sections at high level:
Scope

In this section you can define the groups/objects to which this widget is to be targeted. For ex. If you enter “All Windows Computers” then this widget would show the alerts targeted to “All Windows Computers”.

Criteria

Here you can filter alerts based on their severity, priority, resolution state and age.
Take note of the age parameter. At times you might get better performance out of this widget if you select a suitable value for the age parameter.

Display

Here you can select what all columns you wish to see in the widget. Additionally you may select a column with which you wish to group the alerts.

Completion

Finally you give the widget a name and description and you’re done!

Optionally you may specify the refresh interval (minimum value 1 minute) in which the widget would refresh its data.

Actions

Alert widget supports the following actions:

Setting resolution state

You can select one or more alerts and select this action. Once selected it’d open the right pane where you set the state and give an optional comment.

Exporting to Excel

The data shown in the widget can be exported in excel format. This helps when you wish to do any custom analysis on the data by leveraging the power of Excel.

Personalization

Widgets can be personalized for each user. Each user can select the column they wish to see and the grouping they wish to apply. In other words “Personalization” is like the “Display” section shown in authoring.
Note: The selection made in “Personalization” would always overwrite the selection made in the “Display” section. Also note that personalization data is stored in the browser in the current system and thus if you switch browsers or machine
then you’d have to re-personalize the widgets.

Edit & Delete Widget
As the name suggests you can edit and delete this widget from a dashboard. Note: This action is permanent and all the users having access to these dashboards would be affected by it.

State Widget

The state widget displays the health state information about the targeted entities satisfying a particular criterion. Refer to the authoring parameters section below to learn more about the customizations that can be done on this widget.

Authoring Parameters

When you start off with the authoring for state widgets you’d see something like this:

As clear from above there are 4 sections at high level:
Scope

In this section you can define the groups/objects to which this widget is to be targeted. For ex. If you enter “All Windows Computers” then this widget would show the health state information targeted to “All Windows Computers”.
There is another required parameter, class.
You also have the option here to get the health state of the group or the entities contained in that group which are the individual objects.

Criteria

Here you can set the filter to see the entities only in particular health states.

Display & Completion

Display and completion section of the state widget is similar to that of Alert Widget except for one difference. The display columns for the state widget are defined as per the “class” selected in the Scope section whereas the alert widget has fixed display columns.

Actions

State widget supports the following actions:

All of these are exactly similar to what has been defined for alert widget above.

Performance Widget

The performance widget displays the information about the different counters associated with the entity. Refer to the authoring parameters section below to learn more about the customizations that can be done on this widget.

Authoring Parameters

When you start off with the authoring for performance widgets you’d see something like this:

As clear from above there are 5 sections at high level:
Scope

In this section you can define the groups/objects to which this widget is to be targeted. For ex. If you enter “All Windows Computers” then this widget would show the health state information targeted to “All Windows Computers”.

Metrics

Here you can select the object, counter and instance triplet whose data would be displayed in the widget.

Criteria

Here you can specify the age of data that you are interested in.

Display

This section is important. If you wish to visualize the widget with a graph then the above act as legend columns. If you wish to only see these columns then you can check “Visualize objects by performance”. Then you’d only see the table without the graph.

Completion

This section is similar to Alert widget.

Actions

Performance widget supports the following actions:

All of these are exactly similar to what has been defined for alert widget above except for “Set Vertical Axis”. With this action you can specify a range and the graph is scoped to that. This is useful when you are trying to drilldown on particular events. This is how it looks like:

Topology Widget

Have a Visio or other image of your IT topology? Wish there was a way to map the health states to these entities? Then topology widget is what you are looking for. Refer to the authoring parameters section below to learn more about the customizations that can be done on this widget.

Authoring Parameters

As clear from above there are 3 sections at high level:
Scope

This is exactly similar as State Widget.

Display

This is the section where you upload and select your IT topology image:

Completion

Similar to State Widget.

Actions

When a topology widget is created, you’d see all the health icons placed at the top left corner. Drag the icons and place them at relevant places on the image and hit save once you are done. Below image shows an example of how  it works.

Apart from this, the topology widget supports the standard edit and delete widget actions.

Tile Widget

Need a quick way to investigate the health of an entity and the current alerts generated on it? Tile widget is the answer for you. This is the smallest widget (size wise) in the dashboard. Below is a sample tile widget:

As can be seen clearly, the current health state of “All Windows Computers” group is Warning state. This is because the availability monitor is in warning state resulting in the health rollup.

Authoring Parameters

The authoring for tile widget is very straightforward and is like a subset of “Alert Widget” as can be seen in the image below:

Actions

Apart from edit and delete widget the user can launch the health explorer for the target entity from topology widget. Isn’t that cool?

Use the health explorer to dig down further on the health state of the entity and its monitors

Custom Widget

SCOM 1801 release marks the inception of REST based APIs to fetch SCOM data thus giving birth to custom widget. With custom widget, you could bring in any custom html code and it’d get rendered as a widget which could then reside with other widgets in the dashboard. This brings in a whole new strength to the dashboards since the power to manipulate and render the data is completely up to you. For sample scripts to talk to REST APIs, please visit the official documentation here.

Below is a diagram to show how custom widget works:

For details about SCOM REST APIs visit here <<Insert link to SCOM REST APIs>>. Below is a screenshot showing custom widget in action:

Authoring Parameters

The authoring of custom widget is straightforward and requires just an HTML source code. Note if you have any JavaScript (which you most probably would have) you’ll have to insert it inline with the HTML code. Below is a screenshot taken while authoring custom widget with a basic HTML code:

Below is an image taken from the detailed documentation:

Can you figure out which are the custom widgets above? If your answer is no, then that’s exactly how we intended it to be! The custom widget simply blends with other widgets in the dashboard and once created acts no differently from the other widgets. Well, if your answer was yes then we’ve got to give it to you, you are really insightful

Actions

Custom widget supports the basic edit and delete widget actions. But this in no way limits you to innovate! You can define and design custom actions for your custom widgets which could then reside in the widget container. The limit here is just your imagination!

Recommended Next: New SCOM Web Console – Blog series (Post 4/5): The all new Drilldown experience

About

This blog aims at introducing the all new drilldown experience added as part of the new dashboard with SCOM 1801 release.  For details on implementation and other parameters please refer to the
After going through this blog a user would:

• Understand what the new drilldown feature is.
• Get a brief understanding of how drilldown feature can be used for better monitoring.

The all new Drilldown experience

The new SCOM dashboards come with the drilldown feature which, as the name suggests, allows you to drilldown into a problem and get more insights about the situation. This is helpful in root causing the issue and in identifying what all components are affected by the problem. There are five type of drilldown pages:

1. Alert page
2. SCOM Group/Object page
3. SCOM Class page
4. Rule Page
5. Monitor Page

These pages are dashboards of their own comprising of different widgets. The widgets present in these dashboards take up the context at runtime and scope their data to the current target entity. For ex. take a look at the below URL for alert drilldown page:
http://<server_name>/OperationsManager/#/monitoring/drilldown/alert/023e5e00-e9e9-4d81-8135-052bf935062f/dashboard/d0d82ac8-215b-3b77-7a3b-8bef450796e3?mpId=da187e72-b9d7-9e16-d098-3b0a624dc38c&show_full_screen_link=false&hide_header=true

The highlighted section tells the Alert drilldown page to display data in all widgets targeted to this alert. This makes sharing the drilldown pages within the organization super easy. All you need to do is share the URL and people can start off from there.

How to drilldown?

Well, the next obvious question is how to use the drilldown feature? The answer to that is simple. Some of the widgets discussed in 2. The all new HTML5 widgets and their actions allow you to click a row/entity from the data. Once you make your selection the drilldown page is launched. For ex. consider the state widget below:

Now when you click on any of the row above the Group/Object drilldown page is launched. That page then has widgets displaying all sorts of relevant data targeted to the selected row from the state widget.

Which drilldown page leads to where?

The starting point of drilldown could be either a row from the alert widget, a row from the state widget or a health icon from the topology widget. The user can then navigate to the other drilldown pages by clicking on items present in the widgets of the current drilldown page. Below diagram shows the path a user can navigate during drilldown.

For ex: from a State widget the user can drilldown and land at the SCOM Group/Object drilldown page and from there they can click one of the unhealthy monitors and land up in the Monitor Drilldown page.

Drilldown pages deep dive

Alert drilldown page

The alert drilldown page contains detailed information about the alert. Below is a screenshot of how the alert drilldown page looks like:

As clear from the above screenshot the alert drilldown page has 6 widgets. These represent the following data from left to right and top to bottom:

1. Alert description: Here you will get detailed description for the alert like the workflow name, instance name etc.
2. Alert context: All the context information for this alert would be displayed here
3. Company knowledge: Any added company knowledge for the underlying rule or monitor for this alert would be displayed here. Read the text in the company knowledge widget above, you may discover a cool new feature . Yes, you read it right, now SCOM supports adding HTML based company knowledge right from the Web Console.
   Just hit the ellipses icon (…) and you shall see a “Edit Company Knowledge” action. Fill in the company knowledge in the editor that shows up, choose the MP and hit save!
   Below are just some screenshots showing the flow:
   • Select the action
     
   • Enter the company knowledge
     
   • Choose MP (or create new one) and save
     
4. Product knowledge: Here you will see the product knowledge added for the corresponding rule or monitor.
5. Rule Properties: Would display the properties of the rule that generated this alert. It is blank in the above screenshot since this alert came from a monitor.
6. History: Would show the history of changes to the resolution state of the alert.

Use cases

Scenario 1: Adding company knowledge without the burden of desktop console and Word

Many a times there are alerts which come up frequently in an environment. You might want to add information for your fellow operators to help them save time. But you don’t have access to Operations Console and an active Word deployment. This is where the Company knowledge widget in alert drilldown comes in handy. Just click the alert and once the “Alert drilldown page” opens up start editing the company knowledge without having to depend on Word or Operations Console.

SCOM Group/Object drilldown page

The SCOM Group/Object drilldown page shows detailed information about a SCOM Group/Object. Below is a screenshot of a sample SCOM Group/Object drilldown page:

As is evident from above the SCOM Object/Group page consists of 2 dashboards. The first one is the object information dashboard. This dashboard consists of 5 widgets:

1. Object relationship and properties widget: This widget shows all the related objects to the current object along with their properties to the right. You can select any of the items from this diagram and the properties on the right would get updated. Notice the small health state icons on top of each entity. This would help you figure out if there are any related entities which are at the crucial stage too!
2. Warning and critical alerts generated on this object
3. The unhealthy monitors targeted on the current object. This is a really useful widget and can effectively tell you about the root cause for the critical or warning health state of the entity.
4. Performance metrics: This widget is like a “Object By Performance Widget” and displays all the performance metrics related information for the current target object.
5. Classes widget: All the classes the current entity belongs to is displayed in this widget.

The second one is the Performance dashboard. This dashboard shows one performance widget each for every performance object of the current entity. Below is an example:

User cases

This section tries to narrate a few possible scenarios which you might face regularly and where drilldown can really come in handy.

Scenario 1: A server in the environment is reporting a critical health state

In this case the user can click that server in the state widget and can launch the SCOM Group/Object drilldown page. Here you will find lots of valuable information which’d help you root cause and figure out the issue.
What all can you do to investigate the issue?

• Check the related objects widget and see if some underlying entity is critical. For example, the hard drive might on the server may be critical (say because of less space) and thus the health of the server rolled up to be critical. Now you know you need to check the hard drive. This way you can keep drilling down and get to the root cause of the issue
• Check the currently active alerts generated on this server. There would most probably be an alert sitting there clearly calling out the problem.
• Check the unhealthy monitors widget if it contains any entries.
• Check the performance metrics and see if there is any unusual behavior or spikes.

You are highly likely to discover the root problem with the above-mentioned steps. If not, then keep drilling down wherever you find anything suspicious.

Scenario 2: A server is reporting delays and unexpected behavior

Now is a good time to check for the performance data collected from the server. Simply select the server from a state widget and then once the “SCOM Group/Object drilldown page” opens, select the 2^nd tab “Performance”. Here you’d see all the performance data collected from the server and you most probably should see a spike or abnormal behavior.

SCOM Class drilldown page

The SCOM Class drilldown page gives information about a SCOM class. Below is a sample screenshot of how the SCOM class page looks like:

This drilldown page has 3 widgets:

1. Class properties widget displaying all the properties of the class
2. Rule widget: Showing information about all the rules targeted to this class
3. Monitor widget: Showing information about all the monitors targeted to this class

Use Cases

Scenario 1: Figuring out all targeted rules and monitors of a class

Not only that you can then even go ahead and look up those rules/monitors and even modify their company knowledge.

Rule drilldown page

The Rule drilldown page shows detailed information about a SCOM Rule. Below is a sample screenshot:

The Rule drilldown page has 4 widgets.

1. The rule properties widget displaying all the properties of the rule.
2. A rule configuration widget displaying the configuration of the rule as present in the management pack
3. A company knowledge widget where the user can see the company knowledge for this rule. Users can also edit the company knowledge here if they have sufficient permission.
4. A product knowledge widget where the user can see the product knowledge for the rule.

Use Cases

Scenario 1: You want to check the rule properties and/or modify the company knowledge

Monitor drilldown page

The Monitor drilldown page shows detailed information about a SCOM Monitor. Below is a sample screenshot:

The Monitor drilldown page has 3 widgets.

1. The monitor properties widget displaying all the properties of the monitor.
2. A company knowledge widget where the user can see the company knowledge for this monitor. Users can also edit the company knowledge here if they have sufficient permission.
3. A product knowledge widget where the user can see the product knowledge for the monitor.

Use Cases

Scenario 1: You want to check the monitor properties and/or modify the company knowledge

Recommended Next: New SCOM Web Console – Blog series (Post 5/5): Sample Custom Dashboard walkthrough

About

SCOM 1801 marks the release of REST APIs for SCOM SDK. Using these APIs a user can create any custom client application of their own. This blog aims at walking the user through a scenario where a complete standalone application is developed and deployed using the SCOM REST APIs. This application can even be brought inside the Web Console using Custom Widget and can be made to reside next to any of the widgets shipped by SCOM.

It is highly recommended to go through the other previous blogs in the series to better understand the content provided here.

What does the sample comprise of?

The sample is a JavaScript based application that is communicating with SCOM SDK and displaying data to the user who can take further action on the same. We have also tried to stretch the limit of custom widget here by not only limiting it to be used as a widget but rather as a standalone application in itself. This application could then be rendered as a dashboard or a widget, we leave the choice to you. The sample comprises of two major sections:

• Overview Dashboard
• Search Dashboard

Overview Dashboard

This is a view designed to give a quick overview about the current monitoring state. It can act as a starting page using which you can proceed with further actions. Below is a screenshot of how the Overview Dashboard looks like:

As displayed in the image above the Overview Dashboard has two major sections:

• Active Alerts
• Health States

Active Alerts

This section shows the active alerts for the past 7 days in three categories namely critical, warning and informational alerts. If you are interested, you may dive into the individual alerts by clicking “View Details”. For example if you click on “View Details” under critical alerts, you’d see a view like:

Need more information? You got it!
Each of these rows are clickable and would take you to our very own drilldown pages  (refer to blog 4/5 for more details on drilldown).

Once an alert above is clicked, it launches the following drilldown page:

As you can see, there is a lot more detail about the alert here which would help you in further investigating the issue.

Health States

For a given target class and given target object group you’d see the health states in three buckets namely unhealthy, in maintenance mode and healthy. The target class and target group field can be modified and the health state information displayed below would modify as per the new input. By default this view shows health state information about the “Windows Computer” SCOM class.
Similar to alert you can see the details of the entity by clicking “View Details”:

And yes, you guessed it right. We have drilldown pages for these entities as well! Here’s how they look like:

There is a bunch of information about the entity here like related objects (their health states and properties), the alerts targeted to this entity, performance metrics and the classes this entity belongs to. Most of the entries shown above can be drilled down further giving a more detailed view. Again, going over all the details is out of scope for this blog and we’d strongly recommend going over through the detailed documentation.

Search Dashboard

Know what you are looking for but hate to go over multiple pages and views in the current desktop or web console? Then this search section is designed just for you!
Here you can search for any active alert (for the last 7 days), SCOM object, SCOM group, SCOM class, rule or any monitor. The search is asynchronous and quite fast. It’d help you choose the starting point using which you can further drilldown. Below is a screenshot of how search looks like (say you search for the term “health”):

And that’s not it! Remember drilldown? From all of these search results you can jump to their drilldown pages and proceed with any action you may wish!
Below are a couple of screenshots portraying what you can expect after clicking these results (you have already seen the alert and object drilldown pages above when we were at Overview Dashboard):

Clicking a rule:

Clicking a monitor:

Well this is just the beginning! The intention of walking you over this sample application was to show you the power custom widget and in turn, the SCOM REST APIs provide. With a few lines of code, one can achieve functionality which would otherwise have taken a lot more steps.
Feel free to go through the SCOM REST API documentation and create your own user stories and your own custom widgets!

Deployment

There are multiple ways you can deploy the sample dashboard discussed in this blog:

1. Importing the management pack
2. Adding it alongside SCOM Web Console as a JavaScript application (with this the application will have its own URL and may or may not be added as a custom widget)
3. Adding the two sections as individual widgets

Note: From now on we will refer to the content available in attached zip file: Custom-Widget

Importing the management pack

A management pack containing the two individual sections (overview and search) are available under “Custom Widget\Management Pack\”

Import this management pack and you should see two dashboards overview and search having the two sections respectively.

Adding it alongside SCOM Web Console as a JavaScript application

1. Go to the directory where SCOM 1801 Web Console is installed. Ex. C:\Program Files\Microsoft System Center\Operations Manager\WebConsole\Dashboard\
2. Create a folder named “custom”. Note that you may choose any folder name, this is just an example
3. Copy the contents placed under “Custom Widget\Source Code\“
4. Go to SCOM Web Console
5. Create a dashboard
6. Click Add Widget and select Custom Widget from the dropdown.
7. When asked for source code enter the following:
   <iframe src=”http://your_server_name/OperationsManager/custom ” style=”width: 100%; height: 100%”></iframe>
   Here replace your_server_name with your Web Server
8. Hit save and you are done!

Adding the two sections as individual widgets

1. Go to SCOM Web Console
2. Create a dashboard
3. Click Add Widget and select Custom Widget from the dropdown.
4. When asked for source code pick the contents of any one file from under “Custom Widget\Individual Sections\“
5. Hit save
6. Repeat 4 and 5 for the other one or repeat 2-5 if you wish to add these in separate dashboards

Documentation

Discussing the technical approach of how the sample widget presented here works is out of scope of this blog. The code has been documented thoroughly and documentation has been generated using JSDoc. The documentation can be found under “Custom Widget\Source Code\docs\”

Start with index.html and that would guide you through all the code.

How SCOM REST APIs can be used

Refer to “Custom Widget\Source Code\dist\js\helpers\data-helper.js” for an example of how SCOM REST APIs can be used.

For more details on SCOM REST APIs, please refer https://docs.microsoft.com/en-gb/rest/operationsmanager/

References

For the sample app discussed above, the following 3^rd part libraries were used:

1. jQuery: <script src=”https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js”></script>
2. jQuery UI: <script src=”https://code.jquery.com/ui/1.12.1/jquery-ui.js”></script>
3. MetisMenu: <script src=”https://cdnjs.cloudflare.com/ajax/libs/metisMenu/2.7.1/metisMenu.min.js”></script>
4. Bootstrap: <script src=”https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js”></script>
5. jQuery DataTables: <script src=”https://cdn.datatables.net/1.10.16/js/jquery.dataTables.min.js”></script>
6. Bootstrap DataTables: <script src=”https://cdn.datatables.net/1.10.16/js/dataTables.bootstrap.min.js”></script>
7. Responsive DataTables: <script src=”https://cdn.datatables.net/responsive/2.2.0/js/dataTables.responsive.min.js”></script>

System Center Operations Manager 1801 has enhanced log file monitoring capabilities for Linux Servers.

• Operations Manager now supports Fluentd, an Open source Data collector.
• Customers can also leverage Fluentd capabilities and plugins published by the Fluentd community to get enhanced customizable log file monitoring.
• The existing OMI based monitoring for currently supported Linux workloads will continue to work as it is today. 

With this release we have added support for the following log file monitoring capabilities

• Support for wildcard characters in log file name and path.
• Support for new match patterns for customizable log search like simple match, exclusive match, correlated match, repeated correlation and exclusive correlation. We have released 6 new filter plugins for customizable log search.
• Support for generic Fluentd plugins published by the fluentd community. System Center Operations Manager 1801 would include a convertor plugin which would convert the fluentd data from generic plugins to the format specific for SCOM log file monitoring.

Architecture

Below are few architectural changes in the SCOM Management server and the SCOM Linux agent to support Fluentd.

The new Linux SCOM agent would include a Fluentd agent (as shown in the above picture (1)).

Users would define the log file names, match pattern and the event to be generated on pattern match along with the event description in the Fluentd Configuration file.

On match of a log record, Fluentd would send the event to the System Center Operations Manager External Datasource service on the SCOM Management Server / Gateway (2).This is a Windows REST based service which would receive the event and send it to a dedicated custom Event log channel Microsoft.Linux.OMED.EventDataSource (3).

User would need to import a management pack (4) which would look for events in this custom event channel and generate alerts accordingly

User Workflow:

On Linux Server:

On SCOM Management Server:

User needs to follow the below steps on the Management Server 

Step 1:

User would need to import the latest Linux Management pack (shipped with the SCOM 1801 binaries) and install the new SCOM agent on the Linux Servers.

Users can install the agent either manually or through discovery wizard (recommended). For detailed steps, refer here.

Step 2:

Author Fluentd configuration file and place it on the Linux Servers

Customers need to author a Fluentd configuration file and can use any of the existing enterprise tools like Chef/Puppet to place the configuration file to the Linux server.

Recommended practice is to copy the configuration into /etc/opt/microsoft/omsagent/scom/conf/omsagent.d directory on all Linux servers and include the configuration file directory as @include directive in the master configuration file /etc/opt/microsoft/omsagent/scom/conf/omsagent.conf

The Fluentd configuration file is where the user should define the input, output and the behavior (match processing) of Fluentd. This is done by defining the following in the configuration file:

Source directive:

Fluentd’s input sources are defined in the source directive using desired input plugins. Users would need to define the log file names along with the file path here in this directive. Wild card characters are support both in file name and path.

Filter directive:

Filter directive is the chained processing pipeline. Users would need to define the match pattern and the events that are to be generated on a match here in this section. We have released the following filter plugins with this release

• filter_scom_simple_match,
• filter_scom_excl_match
• filter_scom_cor_match
• filter_scom_repeated_cor
• filter_scom_excl_correlation
• filter_scom_converter

Match directive:

Users define the output processing in Match directive. We have released “out_scom” match plugin which would send the events generated by Fluentd to the System Center Operations Manager External Datasource service on the SCOM Management Server/Gateway.

For more detailed instructions on how to author a Fluentd configuration file, refer here.

Step 3:

On SCOM Management server: Import Management pack and enable OMED Service

On Management Server User needs to do the following:

1)      Start OMED service (refer here).

2)      Import Management pack for log file monitoring.

User can import the sample Management pack (reference here ), save this as an xml file and import it in SCOM console. This Management pack has a rule that looks for all events from the new data source Microsoft.Linux.OMED.EventDataSource and generates alerts accordingly. The Alert severity and priority are set in the management pack. The Alert description is obtained from the event description which would be defined by the user in the Fluentd configuration file.

If users are interested to generate alerts only for specific events generated, they could author their own custom management pack using VSAE.

Example Scenario:

User would like to monitor the following scenarios

1)      Apache http server URL monitoring

Scenario: Monitor a web URL hosted on Apache http server and generate alerts on SCOM Management server if the URL has any issues.

Log to be monitored: User monitors Apache http server access.log for error code. If the log receives any code other than 200 (success code) an event will be sent to SCOM Management Server.

2)      Authentication failure

Scenario: If a user tries to access a server more than 5 times with an incorrect password, an alert would be sent to the SCOM server alerting an unauthorized user trying to intrude.

Log to be monitored: User monitors Linux Server auth.log for authentication failure error messages. If the messages exceeds 5 times in 10 seconds and event will be sent to SCOM Management server.

Sample Configuration File:

The OMEDService on SCOM Management server would receive an event on match of a log record along with the log record context. User would need to import a management pack on SCOM server which would generate alert when there is an event received from Linux Server.

Events on the SCOM Management Server:

 Generated Alert on the Management Server:

The Alert context will contain the log record which will have more details on the error code received while trying to access the URL.

Other Sample User Scenarios:

For more detailed steps look at the online documentation.

Feedback:

We’d love to hear your feedback on this new feature. Feel free to send your feedback to scxtech@microsoft.com.

In February we announced that System Center, version 1801 was now available.  It’s the first release in our new Semi-Annual Channel and delivers new features and enhancements based on customer feedback. It builds on the capabilities of System Center 2016 and has support for the latest version of Windows Server, version 1709 as well as Windows Server 2016. It includes enhanced Linux monitoring support, more efficient VMware backup, and improved user experience and performance. For more details, read the full announcement..