Here we are, hopefully everyone would have seen the unveiling of this management pack on todays SCOMATHON 2022.
For those who have missed it not to worry as you will be able to watch it back, as well as being here where you will now be able to get to download this free community management pack specifically for Microsoft Endpoint Manager.
This will be version 1.0 of the management pack currently. Further releases and updates will be announced soon!
Motivation Behind the Management Pack
Being someone who specializes in both Endpoint Manager & SCOM you tend to build a repour with how you ideally want the monitoring to be and more importantly what you want to be notified on.
Endpoint Manager being a colossal too makes for a lot of areas in where troubleshooting or any kind of investigation is required to take place. And you would have seen various articles blogs even from myself as well as many others which provide great points on how and where to look.
Our motivation is to enable SCOM monitoring to have more of a centralized but more specifically a more granular approach on how we monitor Endpoint Manager
How this MP is different than what is currently out
Here are the areas in which we have achieved so far
Current Branch Version Awareness – The management pack will tell you not just the build version but also what the friendly name of your Configuration Manager version is i.e. Configuration Manager 2111 as seen in Figure 1.1 If your current version is out of date then there is monitoring that will check to see the available updates which are available which it can be upgraded to.
Best Practice Aware – One area which is interesting is just some checkpoint monitoring which covers categories such as Offline Devices detected, collections using “All Systems Collections” and many more.
New Configuration Manager Roles Monitored – So new roles such as the Data Warehouse Point are now included within the monitoring structure now where we can not only discover these but also check the main service which runs this point as seen in Figure 1.2. Another area is the Passive Site Server role where we can have a failover replica. We can now detect if this is in place and provide you with alerting to state that this is outstanding to be done.
Granular Monitoring – Where we have the large count of logs when it comes to the servers whether that be the Primary Site Servers or standalone servers where logs can float to different locations and drives, we now have specific monitors which can locate and read these log files to provide more accurate health statuses with examples such as the Software Update Point sync errors, Management Points which are experiencing HTTP/HTTPS errors.
Endpoint Manager Log Monitoring – This management pack has a mechanism which will create an Event Log file where we can perform our own workflows which check various areas of Configuration Manager and create event logs which then can be turned into alerts to provide more information as seen in Figure 1.3. One example is the Distribution Point monitors where it will check to see if any applications or packages have failed to distribute to any DPs.
Figure 1.1 - Current Branch Version Name Identification
Figure 1.2 - Data Warehouse Point Server Monitoring
Figure 1.3 - Endpoint Manager Event Log Feature and Monitoring
Is this Management Pack in a position to take over the current one
As of right now this community management pack is on a first release to give an idea on how this management pack will work. Being a community management pack this is going to expand quite regularly which we will also welcome ideas and requests of areas which can be monitored.
This would be great to work alongside the current available management pack for Configuration Manager, it can also be used on its own as well but if wanting a more foundational coverage it maybe good to have both in the meantime.
Management Pack Configuration
Below is a table which contains what this management pack has and how it’s currently configured in regards to the monitors and rules setup.
Classes
Class Name
Class Description
Parent Class
Endpoint Manager Server
Parental class for all of the classes below. Will contain the Site Code and Server Name properties
Yes
Endpoint Manager Primary Site Server
Class which contains all of the Endpoint Manager Servers which hold the Primary Site Server Role
No
Endpoint Manager Site Database Server
Class which contains all of the Endpoint Manager Servers which hold the Site Database Role
No
Endpoint Manager Management Point Server
Class which contains all of the Endpoint Manager Servers which hold the Management Point Role
No
Endpoint Manager Distribution Point Server
Class which contains all of the Endpoint Manager Servers which hold the Distribution Point Role
No
Endpoint Manager Software Update Point Server
Class which contains all of the Endpoint Manager Servers which hold the Software Update Point Role
No
Endpoint Manager Data Warehouse Point Server
Class which contains all of the Endpoint Manager Servers which hold the Data Warehouse Point Role
No
Monitors
Monitor Name
Monitor Description
Affected Class
ADR Rule Health Error
Checks across all ADR rules to make sure they have ran succesfully. Any with errors will be flagged in the alert details
Endpoint Manager Primary Site Server
Duplicate Device Error
Checks the environment to see if any duplicate device records have been detected and will be flagged in the alert details.
Endpoint Manager Primary Site Server
Offline Devices Error
Checks to see if any devices have been showing as offline for 30 days or more
Endpoint Manager Primary Site Server
All Systems Limiting Collection Error
Checks to see if any collections are using the "All Systems" collection and will be flagged in the alert details
Endpoint Manager Primary Site Server
SMS Agent Host Service Monitor
Checks if the SMS Agent Host service is running
Endpoint Manager Server
SMS Executive Service Monitor
Checks if the SMS Executive service is running
Endpoint Manager Service
SMS Site Component Manager Service Monitor
Checks if the SMS Component Manager service is running
Endpoint Manager Primary Site Server
SMS Site VSS Writer Service Monitor
Checks if the SMS Site VSS Writer service is running
Endpoint Manager Primary Site Server
Windows Deployment Service Monitor
Checks if the Windows Deployment service is running
Endpoint Manager Distribution Point Server
MP Communication Failed Error
Checks specifically if there are any HTTP or HTTPS errors when communicating with the Management Point
Endpoint Manager Management Point Server
Software Update Point Sync Error
Checks if the latest SUP synchronization has failed on the Endpoint Manager side which can happen via manial trigger or automated even by an ADR rule
Endpoint Manager Software Update Point Server
SCCM Version Out of Date Warning
Checks the version of SCCM running and checks it against the synchronized updates for your environment
Endpoint Manager Primary Site Server
ConfigMgr Update Service Monitor
Checks if the ConfigMgr Update service is running
Endpoint Manager Primary Site Server
Data Warehouse Point Service Monitor
Checks if the Data Warehouse Point service is running
Endpoint Manager Data Warehouse Point Server
SMS Site Backup Service Monitor
Checks to see if the SMS Site Backup service is running
Endpoint Manager Site Database Server
SCCM End of Life Monitor
Checks to see if the current SCCM version is in date where the support date is concerned.
Endpoint Manager Primary Site Server
Rules
Rule Name
Rule Description
Affected Class
Obtain Package Distribution Status
Checks to see if any packages have failed to distribute to any distribution points and creates an event in the Endpoint Manager Event log
Endpoint Manager Primary Site Server
Failed Package Status Detected
Status Detected
Generates an alert based on the event log created from the "Obtain Package Distribution Status" Rule
Endpoint Manager Primary Site Server
Site Failover Enabled Status
Checks to see if the passive site server functionality has been enabled and creates an event in the Endpoint Manager Event Log if it's not enabled
Endpoint Manager Primary Site Server
Site Failover Not Enabled Detected
Generates an alert based on the event log created from the "Site Failover Enabled Status" rule
.png){kind=avatar}
