SCOM – Quick Tip: Exchange Queue Length Monitor

By | November 12, 2019


I’m currently busy at several customers setting up SCOM infrastructures. At one of those customers there were complaints by users that email messages were queued. When looking at the queues on the exchange servers they were actually HUGE.

Due to the fact Exchange was already monitored in SCOM I thought we would have seen this but that was not the case. In the Exchange Management pack there is NO monitor to check the actual queue length although there are rules which collect the queue lengths. I think this is not OK as it is really important to be notified when messages get queued in Exchange.

Therefore I created a custom Powershell monitor to check this. I created the monitor using the SquaredUp Powershell management pack, this management pack adds Powershell support everywhere throughout SCOM (where you would expect that by default :)) The management pack can be downloaded here:

This is the powershell script itself:

# Any Arguments specified will be sent to the script as a single string.
# If you need to send multiple values, delimit them with a space, semicolon or other separator and then use split.

$ScomAPI = New-Object -comObject “MOM.ScriptAPI”
$PropertyBag = $ScomAPI.CreatePropertyBag()

# Example of use below, in this case return the length of the string passed in and we’ll set health state based on that.
# Since the health state comparison is string based in this template we’ll need to create a state value and return it.
# Ensure you return a unique value per health state (e.g. a service status), or a unique combination of values.

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn;

$queue = ((Get-Queue | Select-Object @{ n = “MessageCount”; e = { [int]($_.MessageCount) } }).MessageCount | measure-object -sum).sum


if($queue -gt 500) {

# Send output to SCOM

The monitor will become critical when the messagecount exceeds 500 messages, this can be increased or decreased if needed by changing “$queue -gt 500” accordingly.

This monitor has helped my customer to prevent this issue from happening again.

Hope this helps!

Best regards,


SCOM – HTML Report: Certificate Expiration

By | November 12, 2019


Today I want to give an answer to the question I often get at customers: “We want an overview of all certificates in our environment (on Windows Servers) that are expiring within X amount of days”.

This approach is based on this management pack:

The management pack discovers certificates on all servers (in specific stores if you will) and adds monitors to detect expiration, validity, etc. It also adds some views in the Monitoring pane of the SCOM console.

I wanted to provide a (daily) report to the customer to show them the list of certificates expiring within X amount of days. Therefore I created a custom group in SCOM where I put in all “critical” certificates with for example a specific CA. Afterwards I created a powershell script which uses the members of the group to create a report and mail it to the different stakeholders.

The report looks like this:

As you can see the report shows in a glance when certificates will expire and on what server they are located. As this is fully custom all layout, colours etc. can be set at will.

Mostly I choose to use red, orange and yellow to highlight the urgency in which the certificates need to be replaced.

Also keep in mind that after replacing the certificates in eg. IIS, they need to be deleted from the server(s) as well because they will keep on being discovered by SCOM if they stay on the server(s).

If you are interested in the script, please drop a comment below and I’ll be happy to assist.

Hope this helps!

Best regards,