Skip to main content

Microsoft SCOM (Service Center Operations Manager) integration

This integration ingests notifications from Microsoft Service Center Operations Manager (SCOM) and maps them to APEX AIOps Incident Management events automatically.

Before you begin

This integration was validated with Service Center Operations Manager 2019 on July 29, 2024.

Before you start to set up your integration, make sure

  • You have an active SCOM account.

  • You have the necessary permissions to create alerts and notifications channels in SCOM.

  • SCOM can make requests to external endpoints over port 443. This is the default.

  • You have downloaded the Send Alerts to Moogsoft script.

    NOTE: Right-click the link and select "Save Link As" from the menu to download the file. Save the file as sendAlertsToMoogsoft.ps1.

  • You have created an API key and have access to a copy of it.

Create a new integration in Incident Management

  1. Log in to your Incident Management instance.

  2. Choose Integrations > Ingestion Services > Microsoft SCOM.

  3. Click Add New Integration.

  4. The UI displays the integration in a new page. Click Save.

The new integration includes a custom endpoint, a set of default mappings to convert Microsoft SCOM data to Incident Management events, and a deduplication key to group similar events into alerts. You can now set up Microsoft SCOM to send data to this endpoint, as described in the following section.

(Optional) Once your endpoint starts receiving data from Microsoft SCOM, you can customize how the integration maps and deduplicates this data. To learn more about mapping and deduplication, read Use mapping types in custom integrations and Deduplicate events to reduce noise.

Edit the Send Alerts to Moogsoft script

To prepare the Send Alerts to Moogsoft Script, do the following.

  1. Using a text editor (like Notepad), open the sendAlertsToMoogsoft.ps1 script file you downloaded (see previous section for download information).

  2. Replace $ApiURL with the Endpoint URL located under Integrations > Ingestion Services > Microsoft SCOM> <your-integration-name>.

  3. Replace $ApiKey with your API key.

  4. Save the script file to C:\Moogsoft.

Set up notifications in SCOM

To set up a new notification in SCOM, do the following:

  1. Log in to SCOM.

  2. Go to the Administration section.

  3. Go to Notifications > Channels.

  4. Click New > Command.

  5. For Channel Name, enter Moogsoft Notification and then click Next.

  6. Enter the following values:

    1. Full path of command file: C:\Windows\System32\windowspowershell\v1.0\powershell.exe

    2. Command line parameters::

      "c:\Moogsoft\sendAlertsToMoogsoft.ps1" '$Data[Default='Not Present']/Context/DataItem/ManagedEntityPath$ \ $Data[Default='Not Present']/Context/DataItem/ManagedEntityDisplayName$' '$Data/Context/DataItem/AlertName$' '$Data[Default='Not Present']/Context/DataItem/AlertDescription$' '$Data[Default='Not Present']/Context/DataItem/Severity$' '$Data[Default='Not Present']/Context/DataItem/Category$' '$Data[Default='Not Present']/Context/DataItem/LastModifiedLocal$' '$Data[Default='Not Present']/Context/DataItem/AlertId$' '$Data[Default='Not Present']/Context/DataItem/ResolutionStateName$'

    3. Startup folder for the command line: C:\Windows\System32\windowspowershell\v1.0\

  7. Click Finish, then click Close.

Set up subscriber in SCOM

  1. Go to the Administration section.

  2. Go to Notifications > Subscribers.

  3. Click New.

  4. For Subscriber Name, enter "Moogsoft Subscriber" and click Next.

  5. Set the schedule according to your requirements and click Next.

  6. Click Add.

  7. On the Describe the Subscriber Address page, provide the name as "Moogsoft subscriber address" and click Next.

  8. On the Provide the Channel and Delivery Address page, do the following:

    1. In Channel Type, select "Command" as the method of notification.

    2. In Command Channel, select the name of the command channel ("Moogsoft Notification") that was created in the previous section.

    3. Click Next.

  9. On the Schedule Notifications page, do the following:

    1. Select either "Always send notifications," or "Notify only during the specified times."

    2. (Optional) If you selected "Notify only during the specified times," click Add and create a date range.

    3. Click Finish.

  10. Click Finish, then click Close.

Set up subscriptions in SCOM

To set up a new subscription in SCOM, do the following:

  1. Go to the Administration section.

  2. Click Subscriptions.

  3. Click New.

  4. For Subscription Name, enter Moogsoft Notification and then click Next.

  5. Set Scope based on your business use case and then click Next.

  6. Set Criteria based on your business use case and then click Next.

  7. Under the Subscribers section, click Add and add the subscriber you created earlier ("Moogsoft Subscriber"). Then click Next.

  8. In the Channels section, click Add.

  9. Select Moogsoft Notification from the list of available channels.

  10. Click Add, then click OK.

  11. Select "Alert Aging" according to your business use case, then click Next.

  12. On the Summary page, check "Enable this notification subscription."

  13. Click Finish, then click Close.

You have now configured Service Center Operations Manager (SCOM) to notify Incident Management when new alerts are created.

In this section: