Jaa


Using PowerShell to create Event log events to validate SCOM Rules

In our test lab, we have several custom business applications that we create System Center Operations Manager rules in order to alert on any errors thrown by the application(s). When we create the SCOM rules, we want to validate that the rules function correctly and the SCOM alerts are successfully generated.

To mimic an application error, in order to validate the SCOM rules, we typically leverage PowerShell scripts to create faux events. We then validate that the events are picked up by SCOM and an alert is generated.

The script must be run as administrator and assuming that the ExecutionPolicy is set in such a way to allow the script to run.

## Script Variables
$Log = "System"
$Source = "TestWebSource"
$Message = "The web service is not responding"
$ID = "911"
$AlertType = "Error"
$ComputerName = "."
$RawData = ""

##Register the source
New-eventlog -logname $Log -ComputerName $ComputerName -Source $Source -ErrorVariable Err -ErrorAction SilentlyContinue

##Write to the system log
Write-eventlog -logname $Log -ComputerName $ComputerName -Source $Source -Message $Message -id $ID -EntryType $AlertType

Note: I’m using PowerShell in this post, but you can also use Eventcreate.exe https://technet.microsoft.com/en-us/library/bb490899.aspx for similar results.