Our Technical Consultants in the Core Infrastructure team at OCSL, are continually looking to drive value out of Microsoft licensing and deliver infrastructure that pushes digital to its full potential. Here on of our Lead Consultants discusses some of the best practices for monitoring changes within Management Packs.
I have recently been working on an internal project and thought it would be useful to provide some sort of change monitoring of Management Packs to provide tighter control and visibility of changes in a production environment.
This is important as a minor change to any management pack can have a negative effect on some or all agents. For example, if somebody writes a script rule targeting the wrong class, imports the management pack and walks away to lunch, the management pack is distributed to all agents. The SCOM operators are then bombarded with alerts and start to troubleshoot, not knowing that this was because of a recent change. This costs the business by wasting unnecessary time trying to resolve it, and could take hours because sometimes the simplest of checks get overlooked.
With this management pack you could easily identify changes using the inbuilt views and also extend the notification and management of these alerts by configuring a subscription to notify SCOM administrators/operators.
This management pack is built up of the following:
The installation of this Management Pack is fairly straight forward. As with any management pack always test, test, and test before importing into your production environment. Please see the below steps:
- Create overrides management pack
- Import downloaded management pack
- Enable all of the following rules or just the ones that you want. (Ensure you enable only for a specific object of class as you only want this to run on one management server only).
- Run management pack monitor script
- Collect Number of Overrides
- Override alert rule
Once installed successfully a new folder should appear with 4 views like the below screenshot. You should start to receive alerts when management packs have been modified or installed and performance metrics and alerts for any overrides take place within the system.