sturdyerde · IT Solutions Team Lead / Microsoft PowerShell MVP · ✭✭✭✭✭

After deploying the agent to a server, you would still need to create component monitors (typically as part of an application monitoring template) that define which processes, services, etc you want to monitor on the node. Each of your component monitors is where the SAM licenses would come into play, unless you are using…

This sounds like an action that would need to use 'run external program' to run a SWISAPI script that sets the custom property on a group.

When one of these fires, take a look at your Alerts page in Orion, find this alert on the page, and check the "Alert Name" column. That will tell you which alert triggered the message and may give you a clue about what the condition was. You can also look at the Events page in Orion, search/filter for the name of the VM…

Join the club. Granular permissions or even role-based permissions...the most requested feature after the dark theme. (But GraySock has mostly solved that for us!) 

It would be so great to see this FR come to fruition. I thought there was already one or two related features already submitted, and found these: https://thwack.solarwinds.com/t5/SAM-Feature-Requests/Allow-any-response-field-to-be-monitored-in-the-API-Poller/idi-p/588410…

Well that didn't last long! The headphones are already out of stock. I'm curious, does anybody know why the Thwack store seems to be OOS so quickly? Is there a limit on how much they are able to keep in stock?

That sounds correct. The classic and modern functionality cannot be combined on the same pages.

You will use SAM licenses to monitor your cluster.

You can put these users in a group and then use a custom menu bar to hide the Settings menu for that group. https://OrionServer/Orion/Admin/EditMenuBar.aspx

If you have a 2-node cluster, then there will be 3 nodes that you need to discover in Orion: * Node 1: monitor everything except the shared disk resource. Be sure to monitor the Windows Failover Clustering Service and compute resources. * Node 2: monitor everything except the shared disk resource. Be sure to monitor the…

Well done!

Well done!

That's the best workaround I've been able to find, but it still feels a bit like cobbling the monitor together. The statistic message value saves our bacon for now.

Can we hope to ever be able to evaluate non-number results in custom script monitors?

You are probably on the right track about certificate binding. The default configuration for the PowerShell virtual directory does not use SSL. (Additional steps are required to make that work, but don't worry too much because remote PowerShell still uses WinRM, which is ALWAYS encrypted.) I've seen Exchange CUs bork SSL…

Some of us are using SaaS like OpsGenie or PagerDuty to route alerts to mobile devices, along with other benefits such as on-call rotation management. 

Thanks for the info, @"tony.johnson". That's interesting. Is work being done on a fix that retains the ability to stay signed in? Are AD accounts with integrated Windows authentication also affected by this?

Monitoring clusters usually works well if you follow this high-level approach: * Discover and monitor each node of the cluster * On each node, click 'List Resources' and deselect the disks * Discover and monitor the cluster name object (computer account of the cluster) * On the CNO, click 'List Resources' and deselect the…

You won't need to use a custom script to monitor this if you enable the AppInsight for Exchange Server application monitoring template. (By the way, this Exchange DAG is being replaced and I would NOT recommend DB sizes this large if you can help it!)

Is your component monitor set to run locally or remote? Are you assigning credentials? You could add some error handling to make Statistic.CertCount equal '-1' or '999' and put the actual error message into Message.CertCount. This will also allow you to alert (and debug) if the monitor is unable to get valid results.

In your component monitor configuration, put the Orion variable in the Script Arguments text box. Then in your script body, reference these variables in the order that you entered them as $args[0] (increment from there if using more than one). Here's an example where I am using custom properties from a node to query that…

Let me know how this goes. We're currently considering a move to ISeC from Ivanti's older [shudder] EMSS product. I have managed to "sync" our servers' patch group assignments (and GUID) from EMSS to custom properties in Orion, but haven't had time to automate the full flow. I can only hope/expect that ISeC's API and…

Any chance your Exchange Servers or the AppInsight for Exchange application is in an unmanaged state and not getting the most recent information? Which version of Orion SAM?

Have you checked your AD replication health? Have you ever reassigned or forced a FSMO role change? Have you ever retired a former FSMO role holder and had to do a metadata cleanup, or are all of the alerting DCs still active (just not the actual FSMO holders?) Does the command `netdom query fsmo` report what you would…

The note says that your credentials must have 'Local admin' privileges. Have you checked that? The full list of requirements are laid out in the KB article Manually configure an Exchange server for AppInsight for Exchange. It may be that your credentials are still missing the 'View-Only Organization Management' role…

In your PowerShell script component monitor settings, check the box to run the script remotely. You're getting this error because the script is running locally on the Orion server.

Are you using WMI with WinRM or WMI over RPC? I wonder if the upgrade switched your component monitors to WinRM without having the endpoint (or possibly firewalls) configured to respond.

I can't think of a more important feature request, nor a more often requested one...other than dark mode, of course!

I haven't tried this yet myself, but could you create a dynamic group based on name filters and then apply the limitation to that group? That would theoretically absolve you of most maintenance of the list itself. 

What method are you using to alert on denied and issued certificates?