Operations Manager - Get Company Knowledge using PowerShell and Operations Manager SDK

When I was asked by a customer to provide the Company Knowledge associated to an alert, as part of an alert forwarding process, I was a little surprise that it wasn't as obvious as I thought it would be using the Operations Manager PowerShell cmdlets.  So, I started to search for a solution.  I've seen some blog post out there which export the MPs or do some other tricks that requires external dependencies, but couldn't find a way to retrieve the Company Knowledge associated to an alert from Operations Manager using a simple PowerShell script, so here what I came up with using the SDK.

The sample below is interesting and quite useful as it uses PowerShell and the Operations Manager SDK assemblies.  It provides an easy way to gather info that are not available using the Operations Manager cmdlets (as far as I know!) without querying the DB directly.

One thing to know id Product and Company knowledge are both defined as KnowledgeArticle in a Management Pack and they both reference the same Rule or monitor ID.  So the XML definition is exactly the same.  So how do you determine which one is which?

  1. Product knowledge must be in the same MP as the Rule/Monitor
  2. Company knowledge only applies to Rule/Monitor that are in a selead MP.  Therefore have to be saved in a different MP.

Here a snippet of the code that gathers Knowledge Articles for all New Alerts.

# Load Operations Manager SDK assemblies (Installed with the Operations Manager console)
$assembly1 = [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.Core")
$assembly2 = [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.EnterpriseManagement.OperationsManager")

# Connect to Management Server (Use Credentials from user calling the script)   $mg = New-Object Microsoft.EnterpriseManagement.ManagementGroup("MyServer")

# Define Criteria for All New Alerts  (Should provide the alert ID instead, but just to demo, all active alerts...)
$Criteria = New-Object Microsoft.EnterpriseManagement.Monitoring.MonitoringAlertCriteria("ResolutionState = 0")

# Return all Alerts matching the criteria $AllNewAlerts = $mg.GetMonitoringAlerts($Criteria)

foreach($NewAlert in $AllNewAlerts)
{
  # For a Rule $AlertRule = $mg.GetMonitoringRule(($NewAlert.MonitoringRuleId))
   # For a Monitor
  $AlertRule = $mg.GetMonitor(($NewAlert.MonitoringRuleId))
   # Retrieve all knowledge Articles associated to the rule/monitor (Product and Company)
  $KnowledgeArticles = $mg.GetMonitoringKnowledgeArticles(($AlertRule.Id))

   # Determine if Product or Company Knowledge.  The basic idea is if it is in the same MP, it is Product, if not it's Company (Company knowledge can only be in a separate MP, therefore can only apply to rule/monitor from a sealed MP
   …
}

I included a sample code that includes check and validation, also transform the MAML format of the knowledgeArticles content to text (removing all tags).  Download sample source code here.

This posting is provided "AS IS" with no warranties and confers no rights.

Comments

  • Anonymous
    February 09, 2016
    Hi Denis,

    Thanks for posting this. I've downloaded your sample code and run a test against our SCOM environment (2012 R2) for both rule and monitor based alerts, but in both cases I'm not getting any returned knowledge. The output of the script is a simple list of alert details; severity, priority, name, time raised. I made sure to choose alert examples for which I previously confirmed the existence of product knowledge. The only alteration I made to your script was to set the FQDN of our management server as the $ManagementServer variable value. Any idea why this wouldn't be producing the expected result?

    Regards and thanks
  • Anonymous
    May 11, 2016
    The comment has been removed
  • Anonymous
    August 23, 2016
    The comment has been removed