Microsoft SCOM (Service Center Operations Manager) integration

You can configure the Service Center Operations Manager (SCOM) webhook to post notifications to the Moogsoft Cloud Events API when events of interest occur.

Before you begin

This integration was validated with Service Center Operations Manager on January 12, 2021.

Before you start to set up your integration, make sure:

You have an active SCOM account.
You have the necessary permissions to create alerts and notifications channels in SCOM.
SCOM can make requests to external endpoints over port 443. This is the default.

You have downloaded the Send Alerts to Moogsoft script.

NOTE: Right-click the link and select "Save Link As" from the menu to download the file. Save the file as sendAlertsToMoogsoft.ps1.

If you have trouble downloading, save the following code to a file called sendAlertsToMoogsoft.ps1.

Param ([String]$AlertSource,
        [ String ]$AlertName,
        [ String ] $AlertDescription,
        [ String ] $Severity,
        [ String ] $Category,
        [ String ] $LastModifiedLocal,
        [ String ] $AlertId,
    [String] $Resolution)
$ApiURL = 'https://api.test.moogsoft.cloud/express/v1/integrations/events'
$ApiKey = '<my API Key>'
$alertName = "$AlertName"
$source ="$AlertSource"
$description = "$AlertDescription"
$severity = "$Severity"
$category = "$Category"
$localTime = "$LastModifiedLocal"
$check = "$AlertId"
$resolution = "$Resolution"
# If alert is closed set severity to clear
if ( $resolution -eq "Closed" ) { $severity = "0" }
# SCOM to Moogsoft Express severity conversion
$severity_map = @{
        "0" = "clear"
        "1" = "major"
        "2" = "critical"
        "5" = "critical"
    }
# Build content for the post
$content_JSON = @{
    "source" = $source
    "check" = $check
    "description" = $description
    "severity" = $severity_map[$severity]
    "modified" = $localTime
    "service" = @("scom")
     "type" = $resolution
     "class" = $category
     "manager" = $alertName
} | ConvertTo-Json
$params = @{
    Uri         = $ApiURL
    Headers     = @{ 'apiKey' = $ApiKey }
    Method      = 'POST'
    Body        = $content_JSON
    ContentType = 'application/json'
}
Invoke-WebRequest @params

You have created an API key and have access to a copy of it.
You have copied the Events Endpoint URL from Integrations > Ingestion Services > Events API in Moogsoft Cloud.

Edit the Send Alerts to Moogsoft script

To prepare the Send Alerts to Moogsoft Script, do the following.

Using a text editor (like Notepad), open the sendAlertsToMoogsoft.ps1 script file you downloaded (see previous section for download information).
Replace $ApiURL with the Events Endpoint URL under Integrations > Ingestion Services > Events API.
Replace $ApiKey with your API key.
Save the script file to C:\Moogsoft.

Set up notifications in SCOM

To set up a new notification in SCOM, do the following:

Log in to SCOM.
Go to the Administration section.
Go to Notifications > Channels.
Click New > Command.
For Channel Name, enter Moogsoft Notification and then click Next.

Enter the following values:

Full path of command file: C:\Windows\System32\windowspowershell\v1.0\powershell.exe

Command line parameters::

"c:\Moogsoft\sendAlertsToMoogsoft.ps1" '$Data[Default='Not Present']/Context/DataItem/ManagedEntityPath$\$Data[Default='Not Present']/Context/DataItem/ManagedEntityDisplayName$' '$Data/Context/DataItem/AlertName$' '$Data[Default='Not Present']/Context/DataItem/AlertDescription$' '$Data[Default='Not Present']/Context/DataItem/Severity$' '$Data[Default='Not Present']/Context/DataItem/Category$' '$Data[Default='Not Present']/Context/DataItem/LastModifiedLocal$' '$Data[Default='Not Present']/Context/DataItem/AlertId$' '$Data[Default='Not Present']/Context/DataItem/ResolutionStateName$'

Startup folder for the command line: C:\Windows\System32\windowspowershell\v1.0\

Click Finish.

Set up subscriptions in SCOM

To set up a new subscription in SCOM, do the following:

Go to the Administration section.
Click Subscriptions.
Click New.
For Subscription Name, enter Moogsoft Notification and then click Next.
Set Scope based on your business use case and then click Next.
Set Criteria based on your business use case and then click Next.
Under the Subscribers section, click Add and add at least one subscriber to the subscription (required). Then click Next.
In the Channels section, click Add.
Select Moogsoft Notification from the list of available channels.
Click Add.

You have now configured Service Center Operations Manager (SCOM) to notify Moogsoft Cloud when new alerts are created.

In this section:

Microsoft SCOM (Service Center Operations Manager) integration

Before you begin

Edit the Send Alerts to Moogsoft script

Set up notifications in SCOM

Set up subscriptions in SCOM

Search results