I noticed today on the momteam TechNet blog that a new, redesigned Active Directory management pack will be released with Windows Server 2016. There are a lot of really cool changes in the management pack, including a major change to replication monitoring and a move from the current event driven model to synthetic monitors. Exciting stuff! I have included a link to the blog post below, which includes link to the preview management pack.
A few weeks ago, Microsoft released the OMS Alerting feature in preview, which includes some really useful features like alert notifications and remediation. We are now able to set up alerts for any saved search query we create in OMS, which gives us the capability to alert on all of our solutions (Security and Audit, Alert Management, custom logs, performance data, etc.). Additionally, we are given the capability to select Azure Automation runbooks during OMS Alert configuration to remediate our alerts both on-premises and in the cloud. Very cool!
In my last post, SCOM + OMS + Azure Automation here, I discussed a custom solution using custom fields, the OMS Search API and Azure Automation to automate remediation tasks. The concepts in this post certainly still apply, but now we have a built in feature which uses webhooks and does not require the OMS Search API logic to be included in our alert remediation runbooks. Let’s check it out…..
