Derdack

Targeted Alert Notifications – Anywhere Actions

Derdack
  • Use Cases
    • Overview
    • Enterprise IT Alerting
    • IT Managed Services
    • Mobile Alerting in Manufacuring
    • Critical Operations Alerting in Banking & Financial
    • Field Service Dispatching in Energy & Utilities
    • Use Cases in other Industries
  • Products
    • Overview
    • Enterprise Alert®
      • Overview
      • Alert Notifications
      • On-call Duty Scheduling
      • Collaboration
      • Anywhere Remediation
      • Incident Mgmt. App
      • Integrations
      • Technical Support
      • Online Knowledge Base
      • Derdack FAQ
    • SIGNL4® Cloud
    • References & More
  • How to Buy
    • Overview
    • Pricing and Quotes
    • Find a local Partner
    • Azure Marketplace
  • About Derdack
    • About
    • Careers
    • Partner Program
    • Strategic Partners
    • Derdack Podcast
    • Contact Derdack
  • News & Blog
  • Request Demo
    • de de
  • News & Blog

    • Home
    • News & Blog
    • News
    • SCOM Knowledge Base

    SCOM Knowledge Base

    • January 10, 2017
    • NewsTechnical
    SCOM Knowledge Base

    With SCOM alerts, it’s sometimes helpful to be able to view SCOM Knowledge Base (KB) articles in order to help resolve the issue detected by SCOM. But finding those articles quickly can sometimes be a pain. In order to help with this, here’s a script that will allow you to receive the KB articles for specific alerts utilizing Enterprise Alert’s Remote Action capability.

    In order for this to work, you will need the Application Programming Toolkit and Remote Remediation Add-ons for Enterprise Alert.

    The script uses the SCOM SDK to query a specific alert ID, transforms Microsoft’s MAML format into text, and forwards this on via email to Enterprise Alert where an alert policy is triggered. This policy will then send a push notification, with the KB article text, to the executor of the remote action.

    So let’s look at how to set this up.

    First, add the ExportSimple.ps1 Script file (attached at bottom of page) to your preferred directory on the Enterprise Alert Server.

    Then, add a new Remote Action to Enterprise Alert

    SCOM Export Knowledge

    Note: Since the Enterprise Alert Scripting Host only supports JavaScript and VBScript, you have to execute the PowerShell Script via the predefined “Execute Powershell” JavaScript, which is included by default.

    The easiest way to implement the script is to create a copy of the “ExecutePowershell” script and add the path, as well as the required parameters. You can find the script files under “System Scripting Host” in Enterprise Alert. Create the mentioned copy, open the Code editor by clicking and add the path parameter like in the figure below:

    SCOM Alert ID

    After adding the required code, you can select the modified script as “Action To Execute.” You can then complete the email address by adding the dynamic content “Executor” to the domain of the user account, as below:

    SCOM Executor

    Save the Remote Action and then bring up (or create) the alert policy you want to add it to.

    SCOM Policy

    Create or edit a policy which gets triggered by SCOM events:

    Be sure that the alert is going out to the Mobile App (ie, as Push Notification)

    Configure the policy in that way that you add the AlertID of SCOM to the outgoing message:

    SCOM stress test - Alert ID

    Add the previously configured Remote Action as “Recommended Remote Action”:

    SCOM stress test - Actions

    Click “Edit mapping.” In the dialog box, add “AlertID” as Dynamic Content for the parameter alertID:

    SCOM Alert ID - Executor

    KB Policy

    Now, to get the required Knowledgebase article to your phone, you need to add another policy that sends the received text of the script back to the executor of the remote action.

    Create a new policy that triggers on the incoming message of the script. In the example, I’ve chosen as a Condition: “Subject equals KBTest.” I’ve then set the Destination as “Originator Address” with an “Event Parameter Type” set to Custom Address.

    With this configuration, you ensure that the executor of the Remote Action gets the KB article text.

    SCOM KBPush - Destination

    The last step is to add the Text of the incoming message as Dynamic Content into the General Alert Message:

    SCOM KB Push

    Mobile App

    If everything is configured properly, you are ready to receive the SCOM Alerts on your mobile device and get notified when a new alert is triggered. You can then execute the new Remote Action and receive the associated Knowledgebase article. The workflow is as follows:

    SCOM Mobile App

    SCOM Executive

    SCRIPT

    param([string]$alertID, [string]$executer)
    
    <#**************************************************************************
    
    Author: Jens Klinger; Derdack GmbH
    Date: November 2016
    
    Code is based on the following articles and scripts:
    
    
    Operations Manager – Get Company Knowledge using PowerShell and Operations Manager SDK
    http://apexinfotech.co.uk/P1/?cat=2 http://tetris38.blogspot.de/2013/04/opsmgr-2007-r2-powershell-script-to.html Prerequisites: Operations Manager SDK Assemblies (Installed with OpsMgr Console) Enterprise Alert® Application Programming Toolkit and Remote Remediation Addon Enterprise Alert® Scripting Host needs access rights to SCOM Console Tested on Windows Server 2012 R2, Enterprise Alert 2016 6.2.3., Derdack An-droid App 1.1.5, SCOM 2012 Feel free to refactor and modify for your concerns. **************************************************************************#> # Function to convert Knowledgebase Article from MAML Format to Text********************************** function ConvertMAML-ToText { param([System.String] $maml) $maml = $maml.Trim() if ($maml.Length -gt 1) { #Remove Section Tag $maml = $maml -Replace '(<maml:section xmlns:maml="http://schemas.mi-crosoft.com/maml/2004/10">|</maml:section>)','' # Replace TITLE tag by Cariage return, line feed $maml = $maml.Replace('<maml:title>',"`r`n") $maml = $maml.Replace('</maml:title>',"`r`n") Replace PARA tag by Cariage return, line feed $maml = $maml.Replace('<maml:para>',"") $maml = $maml.Replace('</maml:para>',"`r`n") $maml = $maml.Replace('<maml:para />',"`r`n") Replace LIST tag $maml = $maml.Replace('<maml:list>',"") $maml = $maml.Replace('</maml:list>',"") # Replace LISTITEM tag $maml = $maml.Replace('<maml:listItem>',"* ") $maml = $maml.Replace('</maml:listItem>',"") # Replace LINKTEXT tag $maml = $maml.Replace('<maml:linkText>',"") $maml = $maml.Replace('</maml:linkText>',"") # Replace NAVIGATIONLINK tag $maml = $maml.Replace('<maml:navigationLink>',"") $maml = $maml.Replace('</maml:navigationLink>',"") # Remove any additional Tag while ($maml.Contains('<') -eq $True) { $tagStart = $maml.Indexof('<') $tagEnd = $maml.Indexof('>') if ($tagend -gt $tagStart) { $tag = $maml.Substring($tagstart, $tagEnd - $tagstart + 1) If($tag.Contains('<maml:uri href="') -eq $True) { # Discard tag, but keep URL link $maml = $maml.Replace('<maml:uri href="'," (") $maml = $maml.Replace('" />',") ") $maml = $maml.Replace('"/>',") ") } else { # Discard Tag $maml = $maml.Replace($tag,'') } # tag contain URI } # tagEnd Greater then tagStart else { # No Closing Tag ??? Delete starting tag then to avoid infinite loop $maml = $maml.Replace('<','') } } # While return $maml } else { return "" } } # Function to export Knowledgebase Articles for a specific new alert********************************** function GetAlertKnowledge { [System.String]$messageBody = "" $alert = "" $alertRule = "" $messageBody = "" $knowledgeArticle = "" <# Modify the query variable to change criteria and/or retrieve specific Company/Product Knowledge Check the following link for the query syntax of the MonitoringAlert-Criteria method: https://msdn.microsoft.com/en-us/library/microsoft.enterprisemanage-ment.monitoring.monitoringalertcriteria.aspx #> $query = "Id = '" + $alertID + "'" $criteria = New-Object Microsoft.EnterpriseManagement.Monitoring.Moni-toringAlertCriteria($query) $alert = $mg.GetMonitoringAlerts($criteria) $foundRule = $True # Retrieve the associated Rule or Monitor Try {$alertRule = $mg.GetMonitoringRule($alert.MonitoringRuleId) } Catch { Try {$alertRule = $mg.GetMonitor($alert.MonitoringRuleId) } Catch {$foundRule = $False Write-Host "No matching rule/monitor found!"} } # Retrieve the Knowledgebase Article associated to an specific ID/Moni-tor/Rule If($foundRule = $True) {$knowledgeArticle = $mg.GetMonitoringKnowledgeArti-cles($alertRule.id).Mamlcontent $knowledgeArticle = ConvertMAML-ToText($knowledgeArticle) $knowledgeArticle = $knowledgeArticle.toString() $messageBody = $messageBody + $knowledgeArticle +"`r`n" $messageBody SMTP Client to send an email to Enterprise Alert $smtp = New-Object Net.Mail.SmtpClient("127.0.0.1") Send(FROM, TO, SUBJECT, BODY) $smtp.Send($executer, "EnterpriseAlert@EA.com", "KBTest", $message- Body) } } # Main function************************************************************************ *************** function Main { Write-Host "Establishing connection" # Load SCOM SDK Assemblies $assembly1 = [System.Reflection.Assembly]::LoadWithPartialName("Mi-crosoft.EnterpriseManagement.Core") $assembly2 = [System.Reflection.Assembly]::LoadWithPartialName("Mi-crosoft.EnterpriseManagement.OperationsManager") Try { # FQDN of Management Server (Enterprise Alert Scripting Host Service re-quires Access Rights!) $mg = New-Object Microsoft.EnterpriseManagement.Management-Group(“scom2012.derdack-support.local”) Write-Host "Connected successfully" # Get Knowledgebase Article GetAlertKnowledge Write-Host "Sending data"} Catch {Write-Host "Connection failed, missing access rights or wrong ID!" } }

     

    Tagged

    Anywhere ResolutionAnywhere ResponseIT OperationsKnowledge BaseMobile App

    Share

    Related Posts

    Enterprise Alert 9.4.1 comes with fixes and the revised version of the sentinel connector app

    February 1, 2023

    Critical System Alerts via SIGNL4

    December 29, 2022

    Enterprise Alert 9.4 Update introduces Remote Actions for hybrid scenarios and proxy support for MS Teams

    October 25, 2022

    Upgrade your shopfloor alerting with Derdack

    September 8, 2022

    About

    DERDACK products combine automated alert notification workflows, 24/7 duty scheduling, ad-hoc collaboration and anywhere IT troubleshooting – reducing unexpected IT downtimes at large enterprises and organizations by 60%.

    Most popular

    • Derdack Company Take your ITIL incident management to the next level with Enterprise Alert
    • Mobile alert notifications for HP Service Manager (HPSM)
    • How to forward alerts to Microsoft Teams
    • Oncall Scheduling On-Call Schedule Management with Auto-Rotation
    • checking-mobile Enhancing SCOM alert notifications
    • Announcing Enterprise Alert 2019
    • Even, Alert, Incident, Notification Definition of Event, Alert, Incident and Notification
    • who-is-on-call-sharepoint Add a live “Who is On-Call” Dashboard into Sharepoint and other Tools

    Categories

    • Business (37)
    • Cloud Services (5)
    • Consultancy (1)
    • Customers (18)
    • Energy & Utilities (7)
    • Events (23)
    • Financial & Banking (4)
    • IT Ops (19)
    • Manufacturing (8)
    • News (48)
    • Schools (1)
    • Software (9)
    • Staffing (1)
    • Support (4)
    • Technical (141)
    • Transport & Logistics (5)

    Tags

    alert alert notifications Anywhere Resolution Anywhere Response Azure azure BMC customer reference Database derdack enterprise alert Enterprise Alert Enterprise Alert 2016 Enterprise Alert 2019 Gartner HPE HPE ITSM incident Incident Management Incident resolution incident response Industrie 4.0 Integration IT Alerting IT Operations Maintenance microsoft mobile Mobile App monitoring OMS on-call on-call schedule Operational Alerting rapid response release Remote Action REST API SCOM security SolarWinds NPM System Center update User Group voice

    Follow us

    • Twitter
    • Facebook
    • LinkedIn
    • XING
    • YouTube
    • Vimeo
    • Home
    • News & Blog
    • News
    • SCOM Knowledge Base

    CONTACT US:
    Intl: +49 331 29878-0

    US: +1 (202) 470-0885
    UK: +44 (20) 88167095
    CH: +41 (31) 5391990

    CONTACT VIA EMAIL:
    info@derdack.com

    OFFICES:
    US & Europe

    NEWSLETTER:
    Sign up here

    CAREER:
    Latest job offers

    EVENTS

    • No Upcoming Events
    • Who we help
    • Products
    • How to Buy
    • About Derdack
    • News & Blog
    • Free Trial
    • Twitter
    • LinkedIn
    • XING
    • YouTube
    • Vimeo

     © 2022 Derdack – Imprint, Privacy policy

    • Use Cases
      • Overview
      • Enterprise IT Alerting
      • IT Managed Services
      • Mobile Alerting in Manufacuring
      • Critical Operations Alerting in Banking & Financial
      • Field Service Dispatching in Energy & Utilities
      • Use Cases in other Industries
    • Products
      • Overview
      • Enterprise Alert®
        • Overview
        • Alert Notifications
        • On-call Duty Scheduling
        • Collaboration
        • Anywhere Remediation
        • Incident Mgmt. App
        • Integrations
        • Technical Support
        • Online Knowledge Base
        • Derdack FAQ
      • SIGNL4® Cloud
      • References & More
    • How to Buy
      • Overview
      • Pricing and Quotes
      • Find a local Partner
      • Azure Marketplace
    • About Derdack
      • About
      • Careers
      • Partner Program
      • Strategic Partners
      • Derdack Podcast
      • Contact Derdack
    • News & Blog
    • Request Demo
    Manage Cookie Consent
    We use cookies to optimize our website and our service.
    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    Manage options Manage services Manage vendors Read more about these purposes
    View preferences
    {title} {title} {title}