Dec 04 2021 10:53 AM - edited Dec 04 2021 10:55 AM
After upgrading several Management Packs at the same time, the whole Alert Monitoring got flooded with Critical Alerts and I feel like a fool because there might be a better way to do this without alerting the whole global company. So i need your help :)
As you can see in the screenshot, while upgrading the MPs, they also generated new Run As Profiles (check date of modification) (Todays Date is the 12th December 2021) => 12/4/2021
So what do I wanted to do? Just copy the same RunAsAccounts configuration as it is on the other ones. The issue i am facing here is, that these Accounts have "A selected class, group, or object:" configured BUT i cannot differentiate here if it is a class, group, or object which was chosen on the previous ones. No matter in which section i am searching, it is giving me a result. So how I can differentiate or does it not make any difference?!
Some other additional questions i am having here while we speak about this context/topic:
- How can i prevent such an situation happening again?
- I found many RunAsProfiles without any RunAsAccounts configured inside. What does that mean? Does it mean, that the monitoring for which we would need these Profiles/Accounts do not run OR does it maybe mean, that there is no need for a Profile/Account for that specific monitoring which is linked/depending on these Profiles/Accounts?! What is the best practice and how can i "cleanup" this mess?
- I just started working in this company recently and the SCOM Expert has left before i started. So whats the best method to discover/explore this area without causing issues or destoying some configurations?!?
Thanks a lot for helping me. Definitely appreciate each and every contribution to my current situation :)
Cheers!