Installing Azure Monitor Log Analytics Agents with Powershell

After my previous article about the wonders of the new Azure Update Management Extension for SCVMM 2019, some of you might have been thinking that it was all well and good that VMM now automates the installation and configuration of the Azure Monitor Log Analytics Agent (MMA) for you when deploying new VMs, but what about all those existing servers out there?

Well unfortunately out of the box, Microsoft doesn’t provide a single installer UI that can target multiple machines, unless you’ve also got SCOM deployed and have configured it’s OMS integration as well.

Nevertheless, Powershell is to the rescue! With a little bit of Googling, I was able to find a rather nice script created by John Savill, but it too was limited to being run interactively on a single machine at a time.

So I decided to take things into my own hands and craft a Powershell function that can target as many servers as I want, with some added flexibility as to whether I want to download a fresh installed or use an existing copy saved on a share.

The resulting script is a little long to read over, but it does the trick!

function Install-OMSAgents {
    <#
        .Synopsis
        Used to install OMS Agents
        .Description
        Used to install OMS Agents locally and remotely. It will download the required installer by
        default, but you can also specify a path to the installer if you don't have internet access
        for all machines you wish to install it on, or want to save bandwidth.
        .Parameter ComputerName
        Array of Computer Names to install the OMS agent on.
        .Parameter WorkspaceID
        Azure Log Analytics Workspace ID.
        .Parameter WorkspaceKey
        Azure Log Analytics Workspace Key.
        .Parameter OMSDownloadPath
        Specify the directory on each machine to download the installer to.
        .Parameter InstallerPath
        Specify a local or UNC path to the MMA installer if you don't want to download it automatically.
        Requires all servers you want to be able to install the Agent on to have access to the share hosting
        the installer.
        .Parameter OverrideExisting
        Triggers overriding existing workspaces on machines with the agent already installed.
        .Example
        Install-OMSAgents -ComputerName Server01 -WorkspaceID xxxxxx -WorkspaceKey xxxxx
        This will default to downloading and installing the Microsoft Monitoring Agent
        on Server01 from the internet, and configure it to point to the specified
        Azure Log Analytics Workspace
        .Example
        Install-OMSAgents -ComputerName 'Server01','Server02' -InstallerPath \\nas01\share01\MMASetup-AMD64.exe -WorkspaceID xxx -WorkspaceKey xxx
        This will install on Server01 and Server02 using the installer found on NAS01.
        .Notes
        Big shout out to John Savill (@ntfaqguy) for the original script I used
        to create this function, it can be found on his website
        https://savilltech.com/2018/01/21/deploying-the-oms-agent-automatically/
        ---------------------------------------------------------------
        Version: 1.0.0
        Maintained By: Ben Thomas (@NZ_BenThomas)
        Last Updated: 2019-05-20
        ---------------------------------------------------------------
        CHANGELOG:
            1.0.0
                - Initial version
                - Updated @ntfaqguy's script to a function
                - Added support for remotely running against multiple machines
                - Added parameters to specify a central installer rather than
                downloading the agent on every machine.
                - Added a switch for overridding existing Agent installs with
                new workspace details.
        .Link
        https://bcthomas.com
    #>
    [cmdletbinding(DefaultParameterSetName = 'Download')]
    param(
        [string[]]$ComputerName = 'Localhost',
        [parameter(Mandatory)]
        [string]$WorkspaceID,
        [parameter(Mandatory)]
        [string]$WorkspaceKey,
        [parameter(ParameterSetName = 'Download')]
        [string]$OMSDownloadPath = 'C:\Temp',
        [parameter(Mandatory, ParameterSetName = 'Offline')]
        [string]$InstallerPath,
        [switch]$OverrideExisting
    )
    begin {
        #region: Helper Functions
        function Get-InstalledSoftware {
            param(
                [string]$ComputerName = 'localhost',
                [string]$ProductName = '*'
            )

            $UninstallKey = ”SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall”
            $reg = [microsoft.win32.registrykey]::OpenRemoteBaseKey(‘LocalMachine’, $ComputerName)
            $regkey = $reg.OpenSubKey($UninstallKey)
            $subkeys = $regkey.GetSubKeyNames()

            foreach ($key in $subkeys) {
                $thisKey = $UninstallKey + ”\\” + $key
                $thisSubKey = $reg.OpenSubKey($thisKey)
                $DisplayName = $($thisSubKey.GetValue(“DisplayName”))
                if ($DisplayName -ilike $ProductName) {
                    [pscustomobject][ordered]@{
                        ComputerName    = $ComputerName
                        ProductName     = $($thisSubKey.GetValue(“DisplayName”))
                        DisplayVersion  = $($thisSubKey.GetValue(“DisplayVersion”))
                        InstallLocation = $($thisSubKey.GetValue(“InstallLocation”))
                        Publisher       = $($thisSubKey.GetValue(“Publisher”))
                    }
                }
            }
        }
        #endregion

        Write-Verbose "Establish Sessions to target machines"
        $Sessions = @{ }
        $ExcludedComputers = @()
        $OverrideComputers = @()
        $Results = @()
        foreach ($Computer in $ComputerName) {
            try {
                $NewSession = New-PSSession -ComputerName $Computer -Name $Computer -ErrorAction Stop
                Write-verbose "Checking if OMS Agent is installed on $Computer"
                $MMAObj = Get-InstalledSoftware -ProductName 'Microsoft Monitoring Agent' -ComputerName $Computer
                if ($MMAObj -and ( -not $OverrideExisting) ) {
                    throw "Agent is already installed"
                }
                elseif ($MMAObj -and $OverrideExisting) {
                    Write-Warning "Agent found on $Computer, the existing settings on this`nMachine will be overridden."
                    $OverrideComputers += $Computer
                }
                else {
                    Write-Verbose "No Agent found, install scheduled."
                }
                $Sessions.Add($Computer, $NewSession)
            }
            catch {
                Write-Warning "An error occured and $Computer will be excluded.`nError Details: $($PSItem.ToString())"
                $ExcludedComputers += $Computer
                Continue
            }
        }
    }
    Process {
        Foreach ($Computer in $ComputerName) {
            if ($Computer -iin $ExcludedComputers) {
                Write-Warning "Skipping $Computer as it's excluded"
            }
            else {
                try {
                    $Install = $true
                    if ($Computer -iin $OverrideComputers) {
                        $Install = $false
                    }
                    if ($PSCmdlet.ParameterSetName -eq 'Download') {
                        # Download the required installer onto the remove machine
                        Write-Verbose "Downloading MMASetup-AMD64.exe to $Computer $OMSDownloadPath"
                        $InstallerPath = Invoke-Command -session $Sessions[$computer] `
                            -ArgumentList $OMSDownloadPath, $Install `
                            -ErrorAction Stop `
                            -ScriptBlock {

                            param(
                                $OMSDownloadPath,
                                $Install
                            )

                            $OMS64bitDownloadURL = "https://go.microsoft.com/fwlink/?LinkId=828603"
                            $OMSDownloadFileName = "MMASetup-AMD64.exe"
                            $OMSDownloadFullPath = "$OMSDownloadPath\$OMSDownloadFileName"

                            if ($Install) {
                                #Create temporary folder if it does not exist
                                if (-not (Test-Path -Path $OMSDownloadPath)) {
                                    New-Item -Path $OMSDownloadPath -ItemType Directory | Out-Null
                                }

                                Write-host "$env:computername - Downloading the agent..."
                                #Download to the temporary folder
                                Invoke-WebRequest -Uri $OMS64bitDownloadURL -OutFile $OMSDownloadFullPath | Out-Null
                            }
                            "$OMSDownloadFullPath"
                        }
                    }
                    $Workspaces = Invoke-Command -Session $Sessions[$Computer] `
                        -ArgumentList $InstallerPath, $WorkspaceID, $WorkspaceKey, $OverrideExisting, $Install `
                        -ErrorAction Stop `
                        -ScriptBlock {

                        Param(
                            $InstallerPath,
                            $WorkspaceID,
                            $WorkspaceKey,
                            $OverrideExisting,
                            $Install
                        )

                        Write-host "$env:computername - Installing the agent..."
                        if ((-Not (Test-Path -Path $InstallerPath)) -and $Install ) {
                            throw "$ComputerName cannot access $InstallerPath"
                        }
                        elseif ($Install) {
                            #Install the agent
                            $ArgumentList = '/C:"setup.exe /qn ADD_OPINSIGHTS_WORKSPACE=0 AcceptEndUserLicenseAgreement=1"'
                            Start-Process $InstallerPath -ArgumentList $ArgumentList -ErrorAction Stop -Wait | Out-Null
                        }

                        #Check if the CSE workspace is already configured
                        $AgentCfg = New-Object -ComObject AgentConfigManager.MgmtSvcCfg
                        $OMSWorkspaces = $AgentCfg.GetCloudWorkspaces()

                        $CSEWorkspaceFound = $false
                        foreach ($OMSWorkspace in $OMSWorkspaces) {
                            if ($OMSWorkspace.workspaceId -eq $WorkspaceID) {
                                $CSEWorkspaceFound = $true
                            }
                            elseif ($OverrideExisting) {
                                $AgentCfg.RemoveCloudWorkspace($OMSWorkspace.workspaceId)
                                $AgentCfg.ReloadConfiguration()
                            }
                        }

                        if (!$CSEWorkspaceFound) {
                            Write-host "$env:computername - Adding CSE OMS Workspace..."
                            $AgentCfg.AddCloudWorkspace($WorkspaceID, $WorkspaceKey)
                            Restart-Service HealthService
                        }
                        else {
                            Write-Warning "CSE OMS Workspace already configured"
                        }

                        # Get all configured OMS Workspaces
                        sleep 5
                        $AgentCfg.GetCloudWorkspaces()
                    }

                    $Results += [pscustomobject][ordered]@{
                        ComputerName = $Computer
                        AgentID      = $Workspaces.AgentID
                        WorkspaceID  = $Workspaces.WorkspaceID
                        Status       = $Workspaces.ConnectionStatusText
                    }
                }
                catch {
                    Write-Warning "Installation failed on $Computer`nRan into an issue: $($PSItem.ToString())"
                    Continue
                }
            }
        }
    }
    End {
        foreach ($connection in $Sessions.Keys) {
            $Sessions[$connection] | Remove-PSSession -Confirm:$false
        }
        $Results
    }
}

I will continue to maintain the function in my Github repo, however, this initial cut should get others going!

Hopefully, this helps you accelerate your adoption of some of the great Azure Hybrid scenarios available today.