OpsMgr: Updating the Owner field of active alerts in OpsMgr 2007

News This question came up in the forums recently. You could update this field with a custom PowerShell script run on a schedule. Samples of how to update alert fields in PowerShell can be found in many places, including http://poshcode.org/582 and  http://www.maartendamen.com/?p=40. These examples both update the custom fields of the alert. The field that needed an update in this example is Owner field. To do this simply requires understanding which method to call.

Retrieving Alerts

The first step is to retrieve the alert (or alerts) you wish to update. For example, you retrieve the alert based on your criteria. In this example, I chose to retrieve a specific alert by ID in this sample:

$alert = get-alert -id ‘b363356a-d824-4697-afdd-41fb052750b7’

You could retrieve alerts using  any number of different criteria, such as these shown below.

get-alert -criteria ‘ResolutionState = ”0” AND IsMonitorAlert = ”False”’

get-alert -criteria ‘ResolutionState = ”0” AND Severity = ”2” AND IsMonitorAlert = ”False”’

Note: Be sure to use the –criteria option rather than WHERE clauses…more on this in a moment.

Setting the Owner Field

Then set the owner field to whatever you like using the Set_Owner method. Put the owners name between the quotes. You could even retrieve a value from an external source like a CMDB or Active Directory and insert it here.

$alert.set_owner(“george”)

If you wanted to set this to actual values out of AD, you’ll simply need to make the call to AD to find the info you wish, assign that to variable (e.g. $NewOwner=’Domain\User’) and then you the Set_Owner method as shown above. If you use the free Quest ActiveRoles extension for PowerShell, you can look up user info in a single line of code!

Scalability

The main thing to be very wary of in using the Command Shell for something like this is scalability. If your environment has thousands or even tens of thousands of alerts, you can easily cause performance issues in a management group with inefficient queries. You need leverage the built in criteria of the Command Shell cmdlets rather than using WHERE clauses (e.g. – get-alert | where  {$_.Name –like ‘myalert*’}). For more on why this is and how to avoid scalability issues, see the articles below from Marco Shaw and Craig Pero.

OpsMgr: Command Shell tips and tricks when using a criteria with a monitoring class

Why YOU should care about using CRITERIA when using SCOM cmdLets

Other PowerShell Samples

You can also find many PowerShell script examples for System Center and Windows management at PowerShell Scripts for System Center (Master Collection)

Follow System Center Central via Twitter and RSS

Twitter_icon rss_big_default_300x300

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.