On demand registry discovery

I got onto this when I was doing the Tenable (add link) management pack. I wanted to be able to run the Tenable agent discovery on demand, instead of having to wait for the schedule.

This turned out to be pretty tricky and I'm still not sure how it works.

The ability to do this isn't very common with the intershizzle returning little, so I ended up looking at an old IIS mp (version 7.0.10249.2 for Windows Server 2012) and found a registry discovery that used a separate data source.

The discovery is called Microsoft.Windows.InternetInformationServices.6.2.ServerRole.Discovery.Rule and it uses a data source called Microsoft.Windows.Server.IIS.6.2.Discovery.DataSource, which in turn uses a data source called Microsoft.Windows.Server.IIS.6.2.RoleCheck.DataSource.

Anyway it works a treat. To use it you need to run the Trigger On Demand Discovery task which is available here:

Agents

Operations Manager > Agent Details > Agent Health State > Agent State.

Gateways

Operations Manager > Management Servers State > Gateway Management Server State.

Management Servers

Operations Manager > Management Servers State > Management Server State.

Overrides

You then need to enter two overrides:

TargetInstanceID

This is an instance id of the class that the discovery targets, not an instance of the discovered class. For example:

Get-SCOMClass -name Microsoft.SystemCenter.HealthService | Get-SCOMClassInstance | where {$_.displayname -eq 'dc1.lab.com'} | ft id

Note: My discovery targets the Microsoft.SystemCenter.HealthService class.

DiscoveryId

This is the discovery id of the discovery. For example:

Get-SCOMDiscovery -Name Tenable.Nessus.Discovery.Agent | ft id

If the task executed successfully it returns SUCCESS in the task output and you will see discovery data change.