After opening the OpsMgr PS console, we can get started. Setting the alert to closed (ResolutionState =255) should be trivial. We mustn’t forget to update the alert after we set the state. The interesting part is that we need to get our collection of alerts with as little impact as possible.
I could just do:
$colAgents = get-alert
but that would crush my database and take forever. To narrow this down a bit, I am going to select by source (as basically all of these came from the same source.)
We could run a get-alert | where {SOMETHING} but that would have to return all the alerts and then parse them which would be very heavy. The SCOM cmdlets have a –criteria to do the filtering in the db, lets use that.
Source seems to translate, at an object level, to MonitoringObjectDisplayName so I set my criteria, do the query and loop through the results like so:
$criteria = “ResolutionState = 0 AND MonitoringObjectDisplayName = ‘SERVERNAME’”
$colSysLogAlerts = get-alert -criteria $criteria
foreach($Alert in $colSysLogAlerts) {
$Alert.ResolutionState = 255
write-host “Closing $($Alert.id)”
$Alert.Update("Closed by Powershell")
}
Powershell to the rescue indeed.