none
SCOM monitoring for pending restart state related to Windows Updates RRS feed

  • Question

  • Hi,

    I looked a good PowerShell / VBS script solution for monitoring of SCOM clients (Servers) which have state "pending restart" related to Windows Updates.

    The "solution" which I found did not work well and correct. 

    Is there any "simple" script to realize it in SCOM.

    Please consider that this script should consider all Windows Server versions Windows Server 2008/202/2016/2019.

    Best regards

    Birdal

    Tuesday, October 1, 2019 6:40 AM

Answers

  • Hi,

    For this purpose I create a powershell monitor which checks in the registry. Here is the script: 

    # Any Arguments specified will be sent to the script as a single string.

    # If you need to send multiple values, delimit them with a space, semicolon or other separator and then use split.

    param([string]$Arguments)

     

    $ScomAPI = New-Object -comObject "MOM.ScriptAPI"

    $PropertyBag = $ScomAPI.CreatePropertyBag()

     

    # Example of use below, in this case return the length of the string passed in and we'll set health state based on that.

    # Since the health state comparison is string based in this template we'll need to create a state value and return it.

    # Ensure you return a unique value per health state (e.g. a service status), or a unique combination of values.

     

    $reg = Get-Item -Path "Registry::HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired" -ErrorAction SilentlyContinue

    if ($reg)

    {

    $PropertyBag.AddValue("Reboot","YES")

    }

    else

    {

    $PropertyBag.AddValue("Reboot","NO")

    }

               

    # Send output to SCOM

    $PropertyBag

    Just create it and target it to Windows Computer.

    Best regards,

    Bert

    • Marked as answer by _Birdal Friday, November 8, 2019 1:30 PM
    Wednesday, October 9, 2019 1:01 PM
  • Hi Stoyan,

    I list you the solutionbelow:

    1) Create "Unit Monitor" > Scripting > PowerShell based > PowerShell Script Two State Monitor"

    2) Script body

    # Any Arguments specified will be sent to the script as a single string.
    
    # If you need to send multiple values, delimit them with a space, semicolon or other separator and then use split.
    
    param([string]$Arguments)
    
     
    
    $ScomAPI = New-Object -comObject "MOM.ScriptAPI"
    
    $PropertyBag = $ScomAPI.CreatePropertyBag()
    
     
    
    # Example of use below, in this case return the length of the string passed in and we'll set health state based on that.
    
    # Since the health state comparison is string based in this template we'll need to create a state value and return it.
    
    # Ensure you return a unique value per health state (e.g. a service status), or a unique combination of values.
    
     
    
    $reg = Get-Item -Path "Registry::HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired" -ErrorAction SilentlyContinue
    
    if ($reg)
    
    {
    
    $PropertyBag.AddValue("Reboot","YES")
    
    }
    
    else
    
    {
    
    $PropertyBag.AddValue("Reboot","NO")
    
    }
    
               
    
    # Send output to SCOM
    
    $PropertyBag

    3) Monitor States

    Health:

    Property[@Name='Reboot']     equals     "NO"

    Critical:

    Property[@Name='Reboot']     equals     "YES"

    4) Alert

    Your system  $Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/DNSName$ has a pending reboot status because of Windows Update / Auto Update

    I don't know ho I can get in Alert message the server last reboot time?!

    Best regards

    Birdal

    Friday, November 8, 2019 1:39 PM

All replies

  • Hi Birdal

     

    After researching, I find one MP and one PowerShell script may meet your request. You can read them as reference:

    Monitoring Windows Updates and Pending Restarts on the servers using PowerShell

    https://gallery.technet.microsoft.com/scriptcenter/Windows-Updates-and-684c355c

     

    Server Pending Restart Monitoring - New SCOM Management Pack

    https://gallery.technet.microsoft.com/Server-Pending-Restart-New-2457a729

     

    Hope it can help.

     

    Best regards.

    Crystal


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, October 1, 2019 8:34 AM
  • Hi,

    This should help you out:
    Server Pending Restart Monitoring - New SCOM Management Pack

    Best regards,
    Leon


    Blog: https://thesystemcenterblog.com LinkedIn:

    • Proposed as answer by Eric G-S Tuesday, October 1, 2019 9:35 AM
    Tuesday, October 1, 2019 8:36 AM
  • Hi Crystal,

    >>>> "Server Pending Restart Monitoring - New SCOM Management Pack"

    That is what I applied. It doesn't work. I think it coniders only SCCM environment with "Configuration Manager". But we have no this environment, but only SCOM.

    >>> "Monitoring Windows Updates and Pending Restarts on the servers using PowerShell"

    This script considers that all computers are in the text file. That is NOT what we want. I don't want also play / try / play with this script.

    Best regards

    Birdal

    Wednesday, October 2, 2019 10:52 AM
  • Hi Leon,

    my answer the same as I wrote to Crystal here.

    That is what I applied. It doesn't work. I think it coniders only SCCM environment with "Configuration Manager". But we have no this environment, but only SCOM.

    Best regards

    Birdal

    Wednesday, October 2, 2019 10:54 AM
  • Thanks for the information Birdal.

    Since you want to check some older operating systems I'm not sure if PowerShell is capable of everything but it still might. I think the best way to get this would be using either PowerShell or WMI.

    You could take a look at these links:

    Use PowerShell to Find Servers that Need a Reboot

    Determine Pending Reboot Status—PowerShell Style! Part 1

    Determine Pending Reboot Status—PowerShell Style! Part 2



    Blog: https://thesystemcenterblog.com LinkedIn:

    Wednesday, October 2, 2019 11:02 AM
  • Hi Birdal,

    How's everything going? I would like to confirm that are the articles Leon provide helpful? Or Is there anything else we can help? if yes, feel free to let us know.

    Best regards.

    Crystal


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, October 7, 2019 1:42 AM
  • Hi Leon,

    no listed scripts run well. One or more errors is there.

    Best regards

    Birdal

    Monday, October 7, 2019 11:28 AM
  • Hi Crystal,

    not really. There are some errors during running scripts.

    I will list one of them here and ask then why does not work.

    Best regards

    Birdal

    Monday, October 7, 2019 11:30 AM
  • Hi Leon,

    actually I am looking for only SCOM monitor MP which lists me all Active Directory servers (not clients) who has need to be rebooted after "Windows Updates", and alert these.

    Best regars

    Birdal

    Monday, October 7, 2019 11:35 AM
  • The Server Pending Restart Monitoring - New SCOM Management Pack targets the Windows Server Operating System class, no clients, and it also works for environments without SCCM (tested myself).

    The management pack offers multiple condition detections as stated in the management pack guide:
    Server Pending Restart MP Guide.pdf


    Blog: https://thesystemcenterblog.com LinkedIn:

    Monday, October 7, 2019 4:39 PM
  • Here's an example from my lab:

    Windows 10 Enterprise client monitored by SCOM 2019:

    Windows Server 2019 Standard server monitored by SCOM 2019:

    SCOM 2019 - Windows Computer view:

    As we can see there is a warning for our Windows Server 2019 server.

    Let's check the warning:

    This is the settings for the "Server Pending Restart Monitor":



    Blog: https://thesystemcenterblog.com LinkedIn:

    Monday, October 7, 2019 5:06 PM
  • Hi Birdal,

    Thanks for your update. I find Leon has provided the MP and the test in his environment. You can try this to see if it is helpful.

    Thanks and have a nice day!

    Best regards.

    Crystal


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, October 8, 2019 4:43 AM
  • Hi Leon,

    Yes, I had had applied this MP and activated only "Windows Update" and "Domain Join" options. As target is choosen als "Windows Server Operating System"

    Although some servers have the registry key related to reboot requires (Windows Updates), the MP did not alerted these. MP checks every 24 hours these registry keys.

    Best regards

    Birdal

    Tuesday, October 8, 2019 2:02 PM
  • Could you provide which registry key?

    You might also want to configure the check more often.

    Edit: I tested this in another lab and it works as expected, I only enabled the WinUAUCheck and I set the intervals to every 30 minutes, alarms were raised immediately after 30 minutes.


    Blog: https://thesystemcenterblog.com LinkedIn:


    • Edited by Leon Laude Tuesday, October 8, 2019 8:57 PM
    Tuesday, October 8, 2019 2:21 PM
  • Hi Leon,

    >>>> "You might also want to configure the check more often."

    But this can cause a network load in a big environment?!

    Best regards

    Birdal

    Wednesday, October 9, 2019 12:58 PM
  • Hi,

    For this purpose I create a powershell monitor which checks in the registry. Here is the script: 

    # Any Arguments specified will be sent to the script as a single string.

    # If you need to send multiple values, delimit them with a space, semicolon or other separator and then use split.

    param([string]$Arguments)

     

    $ScomAPI = New-Object -comObject "MOM.ScriptAPI"

    $PropertyBag = $ScomAPI.CreatePropertyBag()

     

    # Example of use below, in this case return the length of the string passed in and we'll set health state based on that.

    # Since the health state comparison is string based in this template we'll need to create a state value and return it.

    # Ensure you return a unique value per health state (e.g. a service status), or a unique combination of values.

     

    $reg = Get-Item -Path "Registry::HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired" -ErrorAction SilentlyContinue

    if ($reg)

    {

    $PropertyBag.AddValue("Reboot","YES")

    }

    else

    {

    $PropertyBag.AddValue("Reboot","NO")

    }

               

    # Send output to SCOM

    $PropertyBag

    Just create it and target it to Windows Computer.

    Best regards,

    Bert

    • Marked as answer by _Birdal Friday, November 8, 2019 1:30 PM
    Wednesday, October 9, 2019 1:01 PM
  • No need to have the interval that often, but once a day is pretty long, if you have a test environment you can try there with a shorter interval, just to test that it works.


    Blog: https://thesystemcenterblog.com LinkedIn:

    Wednesday, October 9, 2019 1:08 PM
  • Hi Leon,

    OK, I can try it often in an test environment in the next days.

    Best regars

    Birdal

    Wednesday, October 9, 2019 2:08 PM
  • Hi Leon,

    OK, I can try it often in an test environment in the next days.

    Best regars

    Birdal

    Hi Birdal,

    did you test this? Thanks in advance for your feedback!

    Regards,


    (Please take a moment to "Vote as Helpful" and/or "Mark as Answer" where applicable. This helps the community, keeps the forums tidy, and recognizes useful contributions. Thanks!) Blog: https://blog.pohn.ch/ Twitter: @StoyanChalakov

    Wednesday, October 23, 2019 7:59 AM
    Moderator
  • Hi Stoyan,

    no, I had had unfortunately no time. I am full of tasks :-(

    I will give feedback when I tested.

    Best regards

    Birdal

    Wednesday, October 23, 2019 8:10 AM
  • Hi Stoyan,

    no, I had had unfortunately no time. I am full of tasks :-(

    I will give feedback when I tested.

    Best regards

    Birdal

    Hi Birdal,

    totally understand this. Take your time.

    Regards,


    (Please take a moment to "Vote as Helpful" and/or "Mark as Answer" where applicable. This helps the community, keeps the forums tidy, and recognizes useful contributions. Thanks!) Blog: https://blog.pohn.ch/ Twitter: @StoyanChalakov

    Wednesday, October 23, 2019 8:17 AM
    Moderator
  • Hi Bert,

    Thank you very much! I tested it now. It works well.

    But I want also some other information should be listed in alert. For example, how can I list in alerting the "Last Reboot Time" of the computer which has REBOOT  == YES status?

     Best regards

    Birdal



    • Edited by _Birdal Wednesday, October 23, 2019 1:27 PM
    Wednesday, October 23, 2019 1:26 PM
  • Hi Birdal,

    may I ask what the exact solution was? In regards to your question, need to check it out. Will get back to you.

    Thanks for updating the thread!

    Regards,


    (Please take a moment to "Vote as Helpful" and/or "Mark as Answer" where applicable. This helps the community, keeps the forums tidy, and recognizes useful contributions. Thanks!) Blog: https://blog.pohn.ch/ Twitter: @StoyanChalakov

    Thursday, November 7, 2019 12:05 PM
    Moderator
  • Hi Stoyan,

    I list you the solutionbelow:

    1) Create "Unit Monitor" > Scripting > PowerShell based > PowerShell Script Two State Monitor"

    2) Script body

    # Any Arguments specified will be sent to the script as a single string.
    
    # If you need to send multiple values, delimit them with a space, semicolon or other separator and then use split.
    
    param([string]$Arguments)
    
     
    
    $ScomAPI = New-Object -comObject "MOM.ScriptAPI"
    
    $PropertyBag = $ScomAPI.CreatePropertyBag()
    
     
    
    # Example of use below, in this case return the length of the string passed in and we'll set health state based on that.
    
    # Since the health state comparison is string based in this template we'll need to create a state value and return it.
    
    # Ensure you return a unique value per health state (e.g. a service status), or a unique combination of values.
    
     
    
    $reg = Get-Item -Path "Registry::HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired" -ErrorAction SilentlyContinue
    
    if ($reg)
    
    {
    
    $PropertyBag.AddValue("Reboot","YES")
    
    }
    
    else
    
    {
    
    $PropertyBag.AddValue("Reboot","NO")
    
    }
    
               
    
    # Send output to SCOM
    
    $PropertyBag

    3) Monitor States

    Health:

    Property[@Name='Reboot']     equals     "NO"

    Critical:

    Property[@Name='Reboot']     equals     "YES"

    4) Alert

    Your system  $Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/DNSName$ has a pending reboot status because of Windows Update / Auto Update

    I don't know ho I can get in Alert message the server last reboot time?!

    Best regards

    Birdal

    Friday, November 8, 2019 1:39 PM