Why tracking of Enterprise Alert user profiles?

As an administrator, you want to enable your users and not restrict them wherever possible. But this means you will have to keep track of your users. In the end, you are responsible if some critical alert is not properly escalated. But not just Users interfere with the proper functionality of your system also external systems can affect the reliability, making you again responsible if things go unnoticed, like changes on the active directory that result in losing some or all phone numbers from your user profiles.
So, you need to keep track of any changes to Users on their Profiles. Now doing so manually might work in small environments but once you get beyond say 20 users this becomes cumbersome.

This is where this solution comes in. With the described script you can keep track of the above-described issues. And get targeted notification for the user profile that has issues as well as a dedicated notification for the exact issue.

How it works

The solution we like to illustrate here works through a combination of the SQL Server Agent to handle the scheduling and execution of a task, a PowerShell script to check the user profiles, a REST endpoint within Enterprise Alert to get the information about a problem, and Policies to analyze the issue and send out the appropriate alert to an administrator.

1. Create a new Rest Endpoint in Enterprise Alert as described in our Integration article (https://www.derdack.com/portfolio_item/webhook-rest-api-mobile-app-text-push-voice-scheduling/)
2. Open the SQL Studio and connect to your Database go to the SQL Server Agent and start if not already started.
   
3. Create a new Job by right-clicking on Jobs under SQL Server Agent
   
4. Name the new Job appropriately like “User Monitoring” and provide a description
   
5. Create a new step within the Job, give it a name, select PowerShell as the Type and paste in the PowerShell Script.
   • Go to our GitHub(https://github.com/Derdack/User-Monitoring) and copy the Script Code and insert it.
     
   • Make sure to replace the place holders in the Connection String and in the URL with actual values.
   • Optional: Adapt the SQL query to match your needs
6. Go to Schedules and create a new schedule the setup below will trigger daily at 5 pm
   
7. In Enterprise Alert create new policies to matching the conditions sets below to cover the 3 use cases.
   
   
   

Summary

As already mentioned in the instructions you can adapt the query to your liking by including and excluding conditions. Making this just the starting point. You can for example also make this query tenant-specific by extending the Query. Or you do not use this query for your users at all but use it for monitoring automatically triggered remote actions.

Please let us know if you got inspired by this post and share your ideas with us. Also, let us know if you came up with an idea but do not know exactly where to look. You can get us under support@derdack.com.