To use the full potential of SCOM, it has to be customized first - besides devices to be monitored, there are also services and processes you would probably want to monitor.
There are numerous (almost limitless) options regarding the matter (SCOM uses so called Management Packs, which can be downloaded separately, but there are a few that are installed by default), I'll just try to cover the basics in the following article to give you a better idea of how SCOM functions.
In short, these are the steps (I'll demonstrate how to check if notepad.exe is running in this example):
- open you Operations Manager Console, go to the "Authoring" pane on the left, if you don't see any Management Packs listed yet, just double-click the "Authoring" item to expand it
- under "Management Pack Templates" you should now have an item named "Process Monitoring" - select it, then right-click on it and select "Add Monitoring Wizard"
- after the Wizard has opened, pick "Process Monitoring" again and click "Next"
- enter (possibly logical) name of your newly created monitoring procedure (a description is optional) and choose the Management Pack (for educational purposes a Default Man. Pack will be just fine); proceed to the next window:
- choose whether you'd like to check how the process is running or if it is running (at all) - in this example I'll use the second option - then enter the name of the process as below:
- you won't be able to proceed until the Targeted group has been selected - click on three dots to expand the option, then on "Search" and select "All Windows Computers"
- for this configuration, one can't pick the resource ranges (or criteria) and counters, therefore just click "Next" on two windows following
- when you get to the "Summary" part of the wizard, click on "Create" and wait for a couple of moments - if everything went well, you should see a newly created Process Monitoring item (as pictured below)
- at the end, to check if it's really functioning, just run Notepad on any device previously added to your monitoring inventory and leave it running for at least 5 minutes (default value for this type of alert) - you should have an alert shown soon: