Category: Azure

OMS – SCOM Assessment Solution

It’s been a few days since I last logged into OMS. Earlier today, as I was browsing through the Solutions Gallery, I had to do a double-check, as I saw a coming soon, SCOM Assessment Solution. Yes, that is right, OMS will soon be releasing a SCOM Assessment Solution!

As a SCOM/System Center consultant, I can’t even count the number of SCOM Health Checks I have done in my past — this is very exciting as maybe I can rely on OMS to do this for me… hmmm.

From the solution description, it will assess “the risk and health of your SCOM environment on a regular basis. It will provide a prioritized list of recommendations tailored to your deployments”….

As it appears today the solution is still, “coming” so hopefully Microsoft/OMS team can roll this out soon!

capture

Advertisements

Azure Automation PowerShell ISE Add-On

Not too long ago, Microsoft released a new PowerShell module add-on for Azure Automation. This is great as it allows us to work locally and connects directly to Azure, connecting us to our existing Runbooks, gather subscription and account information, etc. This is great for anyone that is interested in OMS Hybrid-Runbooks, DSC (Desired State Configuration) and the future! 🙂

Here’s a link to Microsoft’s blog post, HERE.

Cheers!

How to deploy OMS Agent on Linux

There are multiple ways how to deploy the OMS agent on your Linux server. In my post,  I am going to make use of GitHub and do a quick install on a Linux server.

In my environment, I am deploying the OMS Linux (Preview) agent (version 1.1.0-124) on a 64-bit Ubuntu server, version 14.04.4. Your Ubuntu server will of course need an Internet connection (directly or via Proxy). At the time of this post, the following Linux Operating systems are currently supported, and I am deploying the Linux agent version 1.1.0-124.

*image/source, Technet.Microsoft.com

Let’s get started…

Copy and save your OMS Workspace ID and Primary Key, as your OMS agent will need these to authenticate against. These can be found within your OMS Settings > Connected Sources:

4a

Within your Ubuntu shell/terminal, you will need to execute the following three commands in order to download and install the OMS Agent. First we will download the latest OMS Agent from GitHub.

1

  • Followed by,
    • sha256sum ./omsagent-1.1.0-124.universal.x64.sh

2

  • Finally,
    • sudo sh ./omsagent-1.1.0-124.universal.x64.sh –upgrade -w <WORKSPACE ID> -s <WORKSPACE PRIMARY KEY>

3

If all goes well, you should now have an added server to your Connected Sources. Yay!

4b

Very quickly, I can see my Ubuntu server is already transmitting data to OMS.

5

Like Windows servers, we can now start collecting data from the Syslog, collecting performance metrics in Near Real Time, and if your Linux box is deployed with Nagios and/or Zabbix, we can link this data into OMS too!

For additional information on configuring Linux Performance Counters, please visit the following page, HERE.

Lastly, don’t forget to add some important syslog OMS Data Log Collection, here is what I have configured:

6

Cheers!

Monitoring VMware (ESX/ESXi) with OMS

We all know monitoring Hyper-V and/or SCVMM with OMS is rather straight forward, and native. However, what about VMware (ESX/ESXi)?

In my VMware environment, I am using ESXi Host version 5.5 and vCenter version 6.0.

The following post is to help you monitor your ESX/ESXi environment with OMS.

  • First, you will need to enable the ESXi Shell, or SSH on your ESXi host, see HERE how
  • Next, you will need to configure the syslog(s) on your ESXi host, see HERE how

My ESXi server’s IP 10.10.10.30, and I will be forwarding the syslog(s) to my vCenter Windows Server IP 10.10.10.34. To be safe, I am going to configure both port 514 UDP and TCP .

ConfiguringSyslogOnESXiviaSSH

  • Remember to disable the firewall(s) on your vCenter Windows server
  • Now on your vCenter Windows Server, you will need to deploy the OMS Agent (Microsoft Monitoring Agent), see HERE how
    • Once your vCenter server is communicating with OMS, we can move on to the next step
  • Within OMS, if you haven’t already, you will need to enable “Custom Logs“; Settings > Preview Features > Enabled Custom Logs

EnableCustomLogs

  • Next, set up the following syslog file as your custom log on your vCenter server. In my case, my ESXi hostname is ‘RaviESXi’ and its IP is 10.10.10.30.
  • Followed by importing your syslog into OMS for the first time (see below for instructions)

C:\ProgramData\VMware\vCenterServer\data\vmsyslogcollector\yourESXiHostnameHere\syslog.log

For me, that path translates to, “C:\ProgramData\VMware\vCenterServer\data\vmsyslogcollector\RaviESXi\syslog.log

In my example, I then created an OMS custom log named “VMwareWin” for ESXi syslog. (By default, _CL suffix will be automatically added, which will result as, “VMwareWin_CL”) If you are unfamiliar with OMS’ Custom Logs, see HERE.

Once you have completed this step, it make take some time for your data to start showing up in OMS. Give it an hour or so…

  • Now we can start creating some custom fields within OMS. For example, ESXi Hostname, vmkernel, hostd, etc. See HERE about OMS’ custom fields in log analytics.
    • If you have done everything correctly, you should have custom logs and custom fields similar to this:

CreatingCustomLogs(2)

CreatingCustomFields

  • Now  you can start creating some dashboards with some custom queries!

For example, here’s one query I tested with and thought was worthy for its own dashboard:

All events and number of occurrences:

Type=VMwareWin_CL | measure count() by VMwareProp_CFDashboard1Example

Of course the number of queries and dashboards is endless at this point. Feel free to let me know your thoughts and some queries/dashboards you have come up with!

Lastly, don’t forget to add some important syslog OMS Data Log Collection, here is what I have configured:

6

Cheers!

Deploying OMS Agent for On-Premise Server(s)

This post is intended for monitoring Windows based servers with OMS. For starters I am going to assume the following prerequisites have been met (see below). In addition I am going to assume you are not using SCOM 2012R2 (UR6 or better) at the moment. Okay, so let’s begin!

  1. Azure Environment Setup — Check
  2. Azure Operational Insights Created — Check (see post here)
  3. OMS Workspace Created — Check (see post here)
  4. Monitor On-Premise Servers — See below

 

For my demo, I am using a Windows 2012R2 server, so I will be making use of the x64 agent. Download the agent on your machine, and begin the installer. Take note (copy the Workspace ID and Key(s)) as you will need them later.

1

  • Start/Launch the agent installer

2

  • We will be connecting to Azure (not SCOM)

3

  • The Workspace ID and Workspace Key can be retrieved from your OMS settings page.

4

5

6

Once the agent install is complete, we can view the OMS/Azure configuration properties within the agent configuration, as seen below:

7

  • If we go back to our OMS portal, we can now see we have another server we are now monitoring in OMS 🙂

8

  • At this point we are not really capturing much data, so let’s configure some log data capturing. For now, I just setup Windows event logs, looking for Event IDs 6006 and 6008.

9

  • About 3 hours later (for me at least) I started to see data being collected. As we bring more agents into OMS and/or couple our on-prem SCOM environment, we will start to see a wealth of data. (Remember 500Mb of data is free, anything more you will need to upgrade your Azure subscription)

10

Cheers!

 

How to Create an OMS Workspace

For starters I am going to assume you have an Azure account, with some type of subscription.

  • Login to your Azure portal and scroll down to Operational Insights

1

  • Create a Workspace

2

  • Once Azure has accepted the Workspace name, and activated the service, you can now start deploying OMS agents, and/or linking your On-Premise SCOM/OperationsManager 2012r2 (UR6 or higher) environment

3 4

5

Cheers!

Azure Site Recovery (ASR) – Windows 2016 (TP4)

In the event you are running a lab/demo for Azure ASR (Azure Site Recovery) and want to use the latest and greatest Windows 2016… STOP! Turns out Windows Server 2016 – Technical Preview 4 (TP4) is not supported at this time. So, hopefully you read this and don’t waste your time, like me. 🙂 Note, Windows Server 2012 R2 is supported, and works just fine (obviously). I will (soon) be posting a complete Azure ASR setup for Windows Server 2012R2 (VMs) on VMware ESX 6.0.

Of course the ASR Wizard did not indicate any issues at the time of running the installer, but definitely got this error nearing completion.

7 - Install OnPrem Components Wizard (3) 7 - Install OnPrem Components Wizard (Error)