O R G A N I C / F E R T I L I Z E R: sccm: dcm (desired configuration management) logs

Aug 25, 2010

sccm: dcm (desired configuration management) logs

just something to capture dcm logs and their purpose.

name

  purpose

discovery.log

  functions of discovery (wql select statements, registry lookup, etc)

dcmagent.log

  overall dcm agent activity

ciagent.log

  activity for managing ci baselines (downloading, accessing, etc)

sdmagent.log

  activity for managing configuration items (downloading, accessing, etc)

sdmdiscagent.log

  overall discovery activity (not helpful)

smsclrhost.log

  references loading the sdmdiscagent.xml (not helpful)

eventlogforwarder.log

  activity regarding non-compliant items that are flagged to log an event (for monitoring use)

i marked the one in red that has the most value.  the others, while useful for showing activity in case you want to know if dcm is even working or not, has very little use outside of that.  i found that discovery.log has most of the magic.  for example, this is a snippet of log entry which indicates the exact query issued to the system:

DiscoveryProvider:Discovery Function query('select Version from cim_datafile where name = "c:\\windows\\vmmreg32.dll"','root\cimv2'): Object count final: 1. 

as you can see, now it's easy to use wbemtest, powershell, wmic, etc to run the query against the system directly to see how it works.  the dcm model verification tool, while cool, doesn't show you this level of detail.