Category: Azure

How to deploy OMS Agent on Linux

There are multiple ways how to deploy the OMS agent on your Linux server. In my post,  I am going to make use of GitHub and do a quick install on a Linux server.

In my environment, I am deploying the OMS Linux (Preview) agent (version 1.1.0-124) on a 64-bit Ubuntu server, version 14.04.4. Your Ubuntu server will of course need an Internet connection (directly or via Proxy). At the time of this post, the following Linux Operating systems are currently supported, and I am deploying the Linux agent version 1.1.0-124.

*image/source, Technet.Microsoft.com

Let’s get started…

Copy and save your OMS Workspace ID and Primary Key, as your OMS agent will need these to authenticate against. These can be found within your OMS Settings > Connected Sources:

4a

Within your Ubuntu shell/terminal, you will need to execute the following three commands in order to download and install the OMS Agent. First we will download the latest OMS Agent from GitHub.

1

  • Followed by,
    • sha256sum ./omsagent-1.1.0-124.universal.x64.sh

2

  • Finally,
    • sudo sh ./omsagent-1.1.0-124.universal.x64.sh –upgrade -w <WORKSPACE ID> -s <WORKSPACE PRIMARY KEY>

3

If all goes well, you should now have an added server to your Connected Sources. Yay!

4b

Very quickly, I can see my Ubuntu server is already transmitting data to OMS.

5

Like Windows servers, we can now start collecting data from the Syslog, collecting performance metrics in Near Real Time, and if your Linux box is deployed with Nagios and/or Zabbix, we can link this data into OMS too!

For additional information on configuring Linux Performance Counters, please visit the following page, HERE.

Lastly, don’t forget to add some important syslog OMS Data Log Collection, here is what I have configured:

6

Cheers!

Advertisements

Monitoring VMware (ESX/ESXi) with OMS

We all know monitoring Hyper-V and/or SCVMM with OMS is rather straight forward, and native. However, what about VMware (ESX/ESXi)?

In my VMware environment, I am using ESXi Host version 5.5 and vCenter version 6.0.

The following post is to help you monitor your ESX/ESXi environment with OMS.

  • First, you will need to enable the ESXi Shell, or SSH on your ESXi host, see HERE how
  • Next, you will need to configure the syslog(s) on your ESXi host, see HERE how

My ESXi server’s IP 10.10.10.30, and I will be forwarding the syslog(s) to my vCenter Windows Server IP 10.10.10.34. To be safe, I am going to configure both port 514 UDP and TCP .

ConfiguringSyslogOnESXiviaSSH

  • Remember to disable the firewall(s) on your vCenter Windows server
  • Now on your vCenter Windows Server, you will need to deploy the OMS Agent (Microsoft Monitoring Agent), see HERE how
    • Once your vCenter server is communicating with OMS, we can move on to the next step
  • Within OMS, if you haven’t already, you will need to enable “Custom Logs“; Settings > Preview Features > Enabled Custom Logs

EnableCustomLogs

  • Next, set up the following syslog file as your custom log on your vCenter server. In my case, my ESXi hostname is ‘RaviESXi’ and its IP is 10.10.10.30.
  • Followed by importing your syslog into OMS for the first time (see below for instructions)

C:\ProgramData\VMware\vCenterServer\data\vmsyslogcollector\yourESXiHostnameHere\syslog.log

For me, that path translates to, “C:\ProgramData\VMware\vCenterServer\data\vmsyslogcollector\RaviESXi\syslog.log

In my example, I then created an OMS custom log named “VMwareWin” for ESXi syslog. (By default, _CL suffix will be automatically added, which will result as, “VMwareWin_CL”) If you are unfamiliar with OMS’ Custom Logs, see HERE.

Once you have completed this step, it make take some time for your data to start showing up in OMS. Give it an hour or so…

  • Now we can start creating some custom fields within OMS. For example, ESXi Hostname, vmkernel, hostd, etc. See HERE about OMS’ custom fields in log analytics.
    • If you have done everything correctly, you should have custom logs and custom fields similar to this:

CreatingCustomLogs(2)

CreatingCustomFields

  • Now  you can start creating some dashboards with some custom queries!

For example, here’s one query I tested with and thought was worthy for its own dashboard:

All events and number of occurrences:

Type=VMwareWin_CL | measure count() by VMwareProp_CFDashboard1Example

Of course the number of queries and dashboards is endless at this point. Feel free to let me know your thoughts and some queries/dashboards you have come up with!

Lastly, don’t forget to add some important syslog OMS Data Log Collection, here is what I have configured:

6

Cheers!

Deploying OMS Agent for On-Premise Server(s)

This post is intended for monitoring Windows based servers with OMS. For starters I am going to assume the following prerequisites have been met (see below). In addition I am going to assume you are not using SCOM 2012R2 (UR6 or better) at the moment. Okay, so let’s begin!

  1. Azure Environment Setup — Check
  2. Azure Operational Insights Created — Check (see post here)
  3. OMS Workspace Created — Check (see post here)
  4. Monitor On-Premise Servers — See below

 

For my demo, I am using a Windows 2012R2 server, so I will be making use of the x64 agent. Download the agent on your machine, and begin the installer. Take note (copy the Workspace ID and Key(s)) as you will need them later.

1

  • Start/Launch the agent installer

2

  • We will be connecting to Azure (not SCOM)

3

  • The Workspace ID and Workspace Key can be retrieved from your OMS settings page.

4

5

6

Once the agent install is complete, we can view the OMS/Azure configuration properties within the agent configuration, as seen below:

7

  • If we go back to our OMS portal, we can now see we have another server we are now monitoring in OMS 🙂

8

  • At this point we are not really capturing much data, so let’s configure some log data capturing. For now, I just setup Windows event logs, looking for Event IDs 6006 and 6008.

9

  • About 3 hours later (for me at least) I started to see data being collected. As we bring more agents into OMS and/or couple our on-prem SCOM environment, we will start to see a wealth of data. (Remember 500Mb of data is free, anything more you will need to upgrade your Azure subscription)

10

Cheers!

 

How to Create an OMS Workspace

For starters I am going to assume you have an Azure account, with some type of subscription.

  • Login to your Azure portal and scroll down to Operational Insights

1

  • Create a Workspace

2

  • Once Azure has accepted the Workspace name, and activated the service, you can now start deploying OMS agents, and/or linking your On-Premise SCOM/OperationsManager 2012r2 (UR6 or higher) environment

3 4

5

Cheers!

Azure Site Recovery (ASR) – Windows 2016 (TP4)

In the event you are running a lab/demo for Azure ASR (Azure Site Recovery) and want to use the latest and greatest Windows 2016… STOP! Turns out Windows Server 2016 – Technical Preview 4 (TP4) is not supported at this time. So, hopefully you read this and don’t waste your time, like me. 🙂 Note, Windows Server 2012 R2 is supported, and works just fine (obviously). I will (soon) be posting a complete Azure ASR setup for Windows Server 2012R2 (VMs) on VMware ESX 6.0.

Of course the ASR Wizard did not indicate any issues at the time of running the installer, but definitely got this error nearing completion.

7 - Install OnPrem Components Wizard (3) 7 - Install OnPrem Components Wizard (Error)

Creating certificates for Azure authorization

So let’s say you want monitor your Azure environment using your on-premises SCOM, you would think all you need is an Azure environment and an Azure Management Pack and SCOM. Well for the most part that is true, but to authenticate Azure and SCOM, you will require a certificated based authentication to bind the two environments. For starters, you will need the tools below, and can follow the steps I have outlined below.

Prerequisites

  1. Azure subscription
  2. Azure (SCOM) Management Pack
  3. Local SCOM environment (with Internet access)
  4. Windows 8.1 SDK or Visual Studio

I used my Windows 8.1 machine, therefore I needed the Windows 8 SDK. If you do not already have the SDK, it can be downloaded from HERE. Once you have installed the SDK, we will then need to create the certificate.

I used PowerShell, but you could probably use Command Prompt just as well. Please note, run as Administrator.

First browse to the SDK directory, “C:\Program Files (x86)\Windows Kits\8.1\bin\x86

1

Then, using the following code below, this will create a self-signed certificate. Please note, your certificate name should match in both places here.

makecert -sky exchange -r -n "CN=yourCERTnameHERE" -pe -a sha1 -len 2048 -ss My "yourCERTnameHERE.cer"

2

Now, I don’t know what all these switches meant so I did look it up. Also, I used the links below as reference:

If the step above, you should have got “Succeeded”.

Next, we will generate the PFX with a private key. Use the code below in squence, again in Administrator mode, PowerShell or Command Prompt.

$MyPwd = ConvertTo-SecureString -String "yourPASSWORDhere" -Force –AsPlainText

$AzureCert = Get-ChildItem -Path Cert:\CurrentUser\My | where {$_.Subject -match "yourCERTnameHERE”}

Export-PfxCertificate -FilePath C:\yourCERTnameHERE.pfx -Password $MyPwd -Cert $AzureCert

 

3

If all went well, you can now import your PFX certificate. Go into the Certificate Store (launch MMC services, add the Certificate snap-in, run as Local Computer), and right click on Personal > Certificates > Import. Browse to your *.pfx certificate and import. You will be required for the Private Key (password to complete).

If all went well you should now be able to see the certificate within your Certificate Store, under Personal.

6

Now, Azure will want a *.cer based certificate, so we will now need to export our *.pfx certificate from the Certificate Store. This is pretty straight forward, export on the certificate, and save as a *.cer file.

Once you have export the PFX as a CER file, you can now go back to Azure, and import/upload the certificate we have just created!

7