A Windows service and console utility that monitors critical Configuration Manager (SCCM) events through WMI and writes rich diagnostics for administrators.
SCCMInfo connects to the ROOT\\SMS namespace of the current SCCM site, subscribes
to the creation of key objects (such as SMS_DeploymentInfo and
SMS_CombinedDeviceResources), enriches the captured payloads, and records them to
both a structured console table and persistent logs. The tool can run
interactively for diagnostics or be installed as a Windows service for continuous
monitoring.
- Automatic detection of the local management point and SCCM site code.
- Subscription to SCCM WMI events with pluggable enrichers that append contextual data before logging.
- Console output rendered with Spectre.Console for quick situational awareness during interactive sessions.
- Persistent logging to
ProcessInfoLog.txtalongside the executable and, when permitted, to the Windows Application event log. - Optional Windows service mode for unattended monitoring.
| Path | Description |
|---|---|
SCCMInfo/ |
Source code for the console application and Windows service. |
LICENSE.txt |
Project license. |
- Windows 10/11 or Windows Server with access to Configuration Manager infrastructure.
- .NET Framework 4.8 with Visual Studio 2019+ or the corresponding Build Tools.
- Local administrator rights and permissions to access WMI namespaces
ROOT\\SMSandROOT\\ccm. - Access to the SMS Provider (locally or remotely) and permission to write to the Windows Application event log.
Restore NuGet packages before compiling (e.g., nuget restore SCCMInfo.sln).
- Open
SCCMInfo.slnin Visual Studio 2019 or later. - Choose the desired configuration (
DebugorRelease). - Build the solution via Build → Build Solution.
Use the Developer Command Prompt for VS or an environment with MSBuild:
nuget restore SCCMInfo.sln
msbuild SCCMInfo.sln /t:Build /p:Configuration=ReleaseThe compiled binaries are produced in SCCMInfo/bin/<Configuration>.
- Ensure the SCCM client is installed and that the machine can reach the target
ROOT\\ccmandROOT\\SMSnamespaces. - Run
SCCMInfo.exewithout parameters to start interactive monitoring. WMI events are displayed in the console and written toProcessInfoLog.txtalongside the executable. - Review console output to verify enrichers are augmenting the captured instances as expected.
- Open an elevated PowerShell or Command Prompt window.
- Install the service:
The installation registers a service named
SCCMInfo.exe --install
SCCMInfoand starts it automatically. - Manage the service as needed:
- Start:
sc start SCCMInfo - Stop:
sc stop SCCMInfo - Remove after stopping:
sc delete SCCMInfo
- Start:
- To validate service behavior without installing, execute:
This launches the service handlers in-process for debugging scenarios.
SCCMInfo.exe --service
SCCMInfo records activity to multiple sinks:
ProcessInfoLog.txt— stored next toSCCMInfo.exe, containing detailed event payloads and errors.- Windows Application log — mirrors key messages with event IDs 2001 and 2002
under the source name
SCCMInfo(created automatically if missing). - Console output — presents Spectre.Console tables and verbose status updates when running interactively.
- Confirm the executing account has permission to query the SCCM WMI namespaces and to create event log sources.
- If remote SMS Provider access fails, run SCCMInfo under a domain account with appropriate rights or establish a trusted connection.
- Check
ProcessInfoLog.txtfor unhandled exceptions and enrichers that fail to attach additional context. - When running as a service, ensure the log file directory is writable by the service account (Local System by default).
Distributed under the terms of LICENSE.txt.