Garry

Windows 2008 Event Log

Garry — Wed, 10 Sep 2008 08:51:45 GMT

I was creating a new rule for Windows 2008 and needed to find the parameters for the event so that I could filter the rule.

I would normally use Log Parser to find the parameters that I need to filter on but a even quicker way with Windows 2008 is to look at the details tab and then the details under the EventData section these will be the parameters that you can configure for the alert.

Also one thing to check under the system section is the value that you should set as the source when creating the rule

As you can see in this example it is Microsoft-Windows-Security-Auditing but if you look at the general view the source is Microsoft Windows security so if you filter on Microsoft Windows security the rule will not work correctly.

Also have a read of http://blogs.technet.com/momteam/archive/2008/02/01/authoring-event-rules-in-opsmgr.aspx for more information on this.

Opsmanjam

Garry — Mon, 18 Aug 2008 09:09:00 GMT

Have a look at this site: http://www.opsmanjam.com/default.aspx. On this site you will find unofficial management packs, management pack authoring tutorials and guidance, featured articles on everything OpsManager 2007, command shell scripts, and more. The people behind it are from Microsoft.

New MOM 2005 Hotfix for SNMP

Garry — Mon, 08 May 2006 10:55:00 GMT

Microsoft Operations Manager 2005 may stop processing incoming SNMP traps after receiving many traps in a short time

http://www.kbalertz.com/914835/Microsoft.Operations.Manager.processing.incoming.traps.after.receiving.traps.short.aspx

What Would you like to know?

Garry — Thu, 04 May 2006 18:56:00 GMT

Hi I am new to this blogging stuff so would like to ask the question what would you like to hear about?

I work in a team that will soon support over 500 Dc’s (Currently 270 as we are in a middle of a roll out) across the globe over some of the worse links you could ever imagine. This has helped to give me a good understanding AD and also how to get it replicating over pieces of wet string. As well as AD I have deployed MOM from a central location in the UK to manage this environment. The team is very small and one of the goals was to ensure that MOM did not flood us with alerts that where not valid. We have achieved this and now have a very stable MOM implementation that does not give lots of false alarms.

On this site I want to create articles and blog casts on any subject that interests you. I don’t know everything but what I don’t know I really enjoy learning and I would like then the oppertuity to share with you what I have learnt.

I also want to learn from you as well as AD and MOM are big subjects and the more people we have sharing knowledge the more we will all learn.

Drop me a email or leave a comment and I will do my best to help

Top Three Mistakes Made When Setting up Exchange MP

Garry — Thu, 04 May 2006 18:55:00 GMT

Check this page for the top three mistakes made when setting up Exchange MP

http://www.microsoft.com/technet/prodtechnol/exchange/2003/empconfig.mspx

HP MP MOM Help Reduce False Alerts

Garry — Thu, 04 May 2006 18:32:00 GMT

One issue we where seeing is lots of critical alerts from the HP MP. The insight logs where clear but in the eventlog you see a event 1192. This was causing us a high number of alerts. After doing some research I found this:

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=PSD_EX040107_CW01

The other solution is

The "approved" workaround for this problem involves a change on the server. Open the "HP Management Agents" control panel, and on the Services tab, move "SCSI information" from "Active Agents" to "Inactive Agents." This will stop monitoring of the SCSI subsystem on the server. But I prefer the agent upgrade.

Windows Security Event Descriptions

Garry — Thu, 04 May 2006 18:28:00 GMT

These links will help you identify what the different Security Event ID's mean. These are good guides for developing your own MOM Secuirty MP.

Windows Security Event Descriptions (Part 1 of 2)

http://support.microsoft.com/?kbid=299475

Windows Security Event Descriptions (Part 2 of 2)

http://support.microsoft.com/kb/301677/EN-US/

Best Active Directory Book I have used

Garry — Thu, 04 May 2006 18:24:00 GMT

Inside Active Directory: A System Administrator's Guide, 2nd Edition

By Sakari Kouti, Mika Seitsonen, Mika Seitsonen.
Published by Addison Wesley Professional.

Microsofts 10 Highest-Rated Webcasts

Garry — Thu, 04 May 2006 11:22:00 GMT

Microsofts 10 Highest-Rated Webcasts

•

MSDN Webcast: Mobile Web Development with ASP.NET 2.0 (Part 5 of 5): Extensibility (Level 200)

Customer Rating:

Intended for: Developer

Learn how you can extend functionality by building custom mobile controls and mobile user controls, and implement your own control designers and device adapters. During this webcast we discuss how to derive controls from existing controls, create composite controls, and build controls from scratch.

•

TechNet Webcast: Implementing Multifactor Authentication Using Smart Cards (Level 200)

Customer Rating: