tirsdag 12. juni 2012

SCOM Reporting - High availability?


When moving RMS role to new MS, how to move Reporting references....

So reporting redundancy has been a pain point in SCOM 2007, and as to my knowledge it hasn’t been changed that much in 2012 either. It’s not like it’s a problem within SCOM rather the limitations lie in on how SRS works and gets configured. In this post I shall descibe a customer scenario where we had this Challenge With SCOM 2007, but during the near future I shall also be posting a workaround for SCOM 2012 as the same solution cannot be used due to removal of RMS role.

             So back in the SCOM 2007 days, you normally installed reporting and were asked to provide  information regarding the RMS, when you specified this it sort of became hardcoded in the reporting server. In case of RMS failure or move, you have to manually promote a MS to take over the RMS role and at the same time this information had to be updated in the reporting server. You started to get alerts stating Reporting failures. I have seen a couple of blogs describing setting up reporting in cluster, but out goal was to find a simple solution which was simple, efficient and easy to implement, despite technical level.

                So in order to do make this happen I used the DNS manipulation approach. I added a dummy a record with the RMS’s ip address. This actually did three things which make our lives easier afterwards.

                So in my DNS management console it looks a bit like this.


The idea is that if the RMS has to be changed, we just perform a simple change in the DNS console, and this takes care of the rest.  The reporting alias is registered at following locations


Located under HKLM\Software\Microsoft\Microsoft Operations manager\3.0\Reporting\DefaultSDKServiceMachine

And in the reporting configuration file


Now, with all this in place, you just have to change A host record to new ip and your good to go! Ths datawarehouse deployment error Messages should og away. If you want to se an immediate effect, you can run a ipconfig /flushdns on SRS server and just restart reporting.
This post describes how to install it on a New installed Reporting server, but the same approach can also be used on a Reporting server that needs to be made "easier to manage" in case of RMS movement.


This blog has been moved to https://zeglory.com/ssl-monitoring-using-scom-with-powershell-and-dot-net-net-sealed-mp/ The mentioned MP is available to download along with description. Please visit!



lørdag 28. april 2012

SSL monitoring using SCOM and powershell (with .net)

Monitoring SSL certificates using SCOM and PS(.net)

My first blog entry so forgive the formalness, and spelling mistakes =P

So I was visiting a regular customer of mine who was repeating an old story like many of you have heared before, it goes like, our SSL on a web site had expired and we had to experience downtime along with many unhappy customers.
          While we were talking a question came up, is'nt is possible to monitor SSL certificates using SCOM? And my first response was yeah sure its possible. Hmmmm.... thats odd... why havent you told us about it and why were'nt did'nt we get any alerts before we started to have problems. And I was sitting there nicking like crazy and thinking why did'nt I do this?


So this started the whole procedure where I started to look at SCOM being a monitoring device for SSL sertificates. Now I see a lot of you guys going BOoooooring.... your going to serve us some shitty idea where you used synthetic transactions or URL monitoring right? NNNNNNoOooo I am not. Lets define the criteria for the requirement before we proceed.

Requirement:

                We want to be able to monitor SSL certificates remotely and get informed 15-20 days prior to certificate expiration so that the certificates can be renewed and redestributed before the current certificates expire. We also want to get rid of the XL page where we enter all our certificate information and maintain manually. 
                 Additional requirements? Hmmm we already have SCOM so it would be great to reuse it to generate alerts and notifications.


So now that the criteria has been defined lets get started with the proposed solution shall we?

Solution:

              So the idea was to create a Powershell(PS) script which monitors certificates, creates alerts if the certificate is about to expire and if it is expired. The PS script does not creates the alerts, it just creates events in event log which are then caught by SCOM which is responsible for the alert generation.

This blog has been moved to https://zeglory.com/ssl-monitoring-using-scom-with-powershell-and-dot-net-net-sealed-mp/ The mentioned MP is available to download along with description. Please visit!

SCOM elements:

                From SCOM perspective there are to requirements, first one is obvious. You need a working SCOM environment. And the other one is that the RMS or in SCOM 2012, the MS must be able to contact the destination server/client hosting the website over http/https. I shall assume at this point that we are not talking about ports and firewall configuration as you guys already are experts in these fields.
                By the way, I created a management pack in the authoring console, where a defined a couple of rules and monitors. I shall be uploading the managment pack as well, but as for now I am just describing the solution and providing the PS script. So, on the Mgmt server, a folder structure is created on the root of system drive. Here a simple CSV file is created which contains site address/URL, port number. Here both URL and ip address can be used, the script also checks the syntax or might rather call it formatting in the CSV file. If there are errors present an alert with line number and data present is shown in the Alert.

As you can see in the script below, I have just choosen some random events starting from 65001 as I never have seen them being used by any application or a bright programmer. You can choose your own, as far as the Filepath and eventSource are concerned they can be also changed as you wish.
The PS script is run as a scheduled task on the Mgmt server. I have added it in the mgmt pack, but it can also be created as a regular scheduled task. The mgmt pack also checks that the script has been run atleast once during the last 24 hours. Feel free to do any changes/improvements in the script and to comment.

This blog has been moved to https://zeglory.com/ssl-monitoring-using-scom-with-powershell-and-dot-net-net-sealed-mp/ The mentioned MP is available to download along with description. Please visit!

PS script:

So the script looks something like this

#Define constants
$Filepath = "C:\serverlist\MonitoredServers.csv"
$EventSource = "Certificate_Monitoring"

# EventID definition:
# EventID 65001 = CSV file not found - Warning (2)
# EventID 65002 = CSV file is empty - Warning (2)
# EventID 65003 = CSV file contains errors (1)
# EventID 65010 = Could not connect to host or find host
# EventID 65020 = Certificate Expired
# EventID 65021 = Certificate about to expire
# EventID 65022 = Certificate OK
# EventID 65030 = Last runtime for this script
#******************************************************************************

function checkCsvFile ##Checks for existence of CSV file
{
Param()

if (!(Test-Path -path $Filepath))
 {
 $msg = "File not found: " + $Filepath
  $bcheckCsvFile = $false
 createEventlogObj 2 $msg 65001     #CSV File not found!
  }
 else
 {
 $bcheckCsvFile = $true
 }
  return $bcheckCsvFile
}# function readFromCsv ends here
function createEventlogObj     ##Creates and instance of eventlog and writes to logfiles    
{
param ($inputEventType,$OutputMessage,$EventID) #Can be 1 for error and 2 for warning and 3 for information!
#EventSource
#Should take a parameter which assigns Information(3),warning(2) or error(1)
$EventLog=new-object System.Diagnostics.EventLog("Application")
$EventLog.Source= "Script"
$Information=[System.Diagnostics.EventLogEntryType]::Information
$Warning=[System.Diagnostics.EventLogEntryType]::Warning
$Error=[System.Diagnostics.EventLogEntryType]::Error

if ($inputEventType -eq 1)
    {
    #$OutputMessage
    $Severity = $Error
    $EventLog.WriteEntry($OutputMessage,$Severity,$EventID)
    }
   
    elseif($inputEventType -eq 2)
    {
    $Severity = $Warning
    $EventLog.WriteEntry($OutputMessage,$Severity,$EventID)
    }
    elseif($inputEventType -eq 3)
    {
    $Severity = $Information
    $EventLog.WriteEntry($OutputMessage,$Severity,$EventID)
    }
.........................


     
#****************************Script ends***********************************

I shall be adding a couple of pictures showing how this script is used in production as well as the MP whcih creates alerts in SCOM. I just need to figure out how to post them. Still my first blog post remember?

MP available at:
This blog has been moved to https://zeglory.com/ssl-monitoring-using-scom-with-powershell-and-dot-net-net-sealed-mp/ The mentioned MP is available to download along with description. Please visit!

 So here comes the pictures are promised........

The above picture shows the location of files which can be changed in PS script.


Above picture shows contents of the CSV file



Above picture shows alerts that are generated in SCOM console


Above picture shows events that are generated in Application log



I see that People still are visiting this blog and finding it usefull. I do not have the XML file available but I have some screenshots that describe the process for creating the MP. You can also create the MP in SCOM Authoring section, however, I would strongly recommend you installing the SCOM Authoring console. Reason being quite simple, when you create anything within SCOM console and use the Authoring pane, you are creating Objects based on other Objects which inherit Properties of their parent Objects. This is not necessarily what you want or intend to do. Creating the rules in a dedicated management pack, you can start With a base Object and limit the targeting. Anyways, here comes the Write up.
Depending on where you start, I am asuming you are going to the Authoring console, We will be creating Rules and Monitors. Remember the mail difference, a monitor only alerts when there are state changes while the rule will generate an alert each time the rule runs.








Hope this helps someone. And really sorry that the Source files never was shared… Things happened in the meanwhile, I got married, got kids and all the stuff you know :) But now at least you have the Write up. Drop a comment if you have questions, I will try to follow up.

This blog has been moved to https://zeglory.com/ssl-monitoring-using-scom-with-powershell-and-dot-net-net-sealed-mp/ The mentioned MP is available to download along with description. Please visit!