-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSend-OMSGroupMembers.ps1
136 lines (105 loc) · 4.53 KB
/
Send-OMSGroupMembers.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
<#
.Synopsis
Sends Group Membership data to OMS
.DESCRIPTION
Gets the membership of the groups specified and sends data as a custom log to OMS
https://gallery.technet.microsoft.com/SCOM-Agent-Management-b96680d5
.EXAMPLE
.\Send-OMSGroupMembers.ps1 -WorkspaceKey 'FEfstXxZl6BL4O55Eo7c85Z0smg8C1dfCp0MzMq/QtSUtELd245DDe+k7Hi++a7cwVwLWElofWy0L67QtrrdZA==' -WorkspaceID 'f13c1e8b-2956-4a35-9f5f-fd671ca8ea2d' -ManagementServer 'ovwscommng1' -GroupFilter 'PowerBI-*' -LogType 'GroupMember' -Verbose
#>
[CmdLetBinding()]
Param(
[string]$ManagementServer,
[string]$GroupFilter,
[string]$WorkspaceKey,
[string]$WorkspaceID,
[string]$LogType
)
# Create the function to create the authorization signature
Function Build-Signature ($WorkspaceID, $WorkspaceKey, $date, $contentLength, $method, $contentType, $resource) {
$xHeaders = "x-ms-date:" + $date
$stringToHash = $method + "`n" + $contentLength + "`n" + $contentType + "`n" + $xHeaders + "`n" + $resource
$bytesToHash = [Text.Encoding]::UTF8.GetBytes($stringToHash)
$keyBytes = [Convert]::FromBase64String($WorkspaceKey)
Write-Verbose "[$(Get-Date -f G)] KeyBytes: $keyBytes "
$sha256 = New-Object System.Security.Cryptography.HMACSHA256
$sha256.Key = $keyBytes
$calculatedHash = $sha256.ComputeHash($bytesToHash)
$encodedHash = [Convert]::ToBase64String($calculatedHash)
$authorization = 'SharedKey {0}:{1}' -f $WorkspaceID, $encodedHash
return $authorization
}
# Create the function to create and post the request
Function Post-LogAnalyticsData($WorkspaceID, $WorkspaceKey, $body, $logType) {
$method = "POST"
$contentType = "application/json"
$resource = "/api/logs"
$rfc1123date = [DateTime]::UtcNow.ToString("r")
$contentLength = $body.Length
$signature = Build-Signature `
-WorkspaceID $WorkspaceID `
-WorkspaceKey $WorkspaceKey `
-date $rfc1123date `
-contentLength $contentLength `
-method $method `
-contentType $contentType `
-resource $resource
$uri = "https://" + $WorkspaceID + ".ods.opinsights.azure.com" + $resource + "?api-version=2016-04-01"
$headers = @{
"Authorization" = $signature;
"Log-Type" = $logType;
"x-ms-date" = $rfc1123date;
"time-generated-field" = $TimeStampField;
}
$response = Invoke-WebRequest -Uri $uri -Method $method -ContentType $contentType -Headers $headers -Body $body -UseBasicParsing
Write-Verbose "[$(Get-Date -f G)] Uri: $uri "
return $response.StatusCode
Write-Verbose "[$(Get-Date -f G)] StatusCode: $(response.statuscode)"
}
Import-Module operationsmanager -Verbose:$false
if (!(Get-SCOMManagementGroupConnection)) {
Write-Verbose "[$(Get-Date -f G)] Connecting to $ManagementServer"
New-SCOMManagementGroupConnection -ComputerName $ManagementServer -Verbose:$false
if ($?) {
Write-Verbose "[$(Get-Date -f G)] Connected to $ManagementServer"
}
else {
Write-Verbose "[$(Get-Date -f G)] Could not connect to $ManagementServer. Error: $($Error[0].Exception.Message)"
}
}
else {
Write-Verbose "[$(Get-Date -f G)] Already connected to $ManagementServer"
}
Write-Verbose "[$(Get-Date -f G)] Getting Groups"
$Groups = Get-SCOMGroup -DisplayName 'PowerBI-*'
Write-Verbose "[$(Get-Date -f G)] Filter Returned $($Groups.Count) Groups."
$Objects = foreach ($Group in $Groups) {
if ($Group.Count -eq 0) {
Write-Verbose "[$(Get-Date -f G)] $($Groups.DisplayName) has 0 members. Skipping..."
}
else {
Write-Verbose "[$(Get-Date -f G)] Working on $($Groups.DisplayName)."
$Group | Get-SCOMClassInstance | ForEach-Object {
[PSCustomObject]@{
GroupName = $Group.DisplayName
ServerName = $_.DisplayName
}
}
}
}
$result = $Objects | ForEach-Object {
$ServerName = $_ | Select-Object -ExpandProperty ServerName
$GroupName = $_ | Select-Object -ExpandProperty GroupName
@"
{
"ServerName" : "$ServerName",
"GroupName" : "$GroupName"
}
"@
}
$json = "[" + ($result -Join ",`n") + "]"
Write-Verbose "[$(Get-Date -f G)] The json built: $json"
# You can use an optional field to specify the timestamp from the data. If the time field is not specified, Azure Monitor assumes the time is the message ingestion time
$TimeStampField = ""
# Submit the data to the API endpoint
Post-LogAnalyticsData -WorkspaceID $WorkspaceID -WorkspaceKey $WorkspaceKey -body ([System.Text.Encoding]::UTF8.GetBytes($json)) -logType $logType