Skip to content
adatum
  •  SCOM Web API
  • About adatum
Operations Manager

SCOM 1801 released

  • 08/02/201813/02/2018
  • by Martin Ehrnst

[Quick publish]

Today Microsoft released System Center 1801 which includes the semi-annual release for Operations Manager. That it self is a huge step for SCOM, but the latest release also includes a lot of fixes and many new features. Read the announcement here

SCOM 1801 Announced

What’s in System Center, version 1801?

System Center, version 1801 focuses on enhancements and features for System Center Operations Manager, Virtual Machine Manager, and Data Protection Manager. Additionally, security and bug fixes, as well as support for TLS 1.2, are available for all System Center components including Orchestrator, Service Management Automation, and Service Manager.

I am pleased to share the capabilities included in this release:

  • Support for additional Windows Server features in Virtual Machine Manager: Customers can now setup nested virtualization, software load balancer configuration, and storage QoS configuration and policy, as well as migrate VMware UEFI VM to Hyper-V VM. In addition to supporting Windows Server, version 1709, we have added support for host monitoring, host management, fall back HGS, configuration of encrypted SDN virtual network, Shielded Linux VMs on Hyper-V management, and backup capabilities.
  • Linux monitoring in Operations Manager: Linux monitoring has been significantly improved with the addition of a customizable FluentD-based Linux agent. Linux log file monitoring is now on par with that of Windows Server (Yes, we heard you! Kick the tires, it really works).
  • Improved web console experience in Operations Manager: The System Center Operations Manager web console is now built on HTML5 for a better experience and support across browsers.
  • Updates and recommendations for third-party Management Packs: System Center Operations Manager has been extended to support the discovery and update of third-party MPs.
  • Faster, cost-effective VMware backup: Using our Modern Backup Storage technology in Data Protection Manager, customers can backup VMware VMs faster and cut storage costs by up to 50%.
  • And much more including Linux Kerberos support and improved UI responsiveness when dealing with many management packs in Operations Manager. In Virtual Machine Manager, we have enabled SLB guest cluster floating IP support, added Storage QoS at VMM cloud, added Storage QoS extended to SAN storage, enabled Remote to VMs in Enhanced Session mode, added seamless update of non-domain host agent, and made host Refresher up to 10X faster.
  • As well as consistent evaluation and license experiences across components.
  • Customers should consider supplementing System Center with Azure security & management capabilities for enhanced on-premises management and for the management of Azure resources. We have included the following updates in System Center, version 1801:
  • • Service Map integration with Operations Manager: Using the Distributed Application Diagram function in SCOM, you can automatically see application, server, and network dependencies deduced from Service Map. This deeper endpoint monitoring from SCOM is surfaced in the diagram view for better diagnostics workflows.
  • Manage Azure ARM VMs and special regions: Using a Virtual Machine Manager add-in, you can now manage Azure ARM VMs, Azure Active Directory, and more regions (China, US Government, and Germany).
  • Service Manager integration with Azure: Using the Azure ITSM integration with Azure Action Groups you can set up rules to create incidents automatically in System Center Service Manager for alerts fired on Azure and non-Azure resources.

Share this:

  • LinkedIn
  • Twitter
  • Email
Operations Manager

Operations Manager and MSOMS 101

  • 05/02/2018
  • by Martin Ehrnst

Today I was collecting information for a colleague interesting in learning more about SCOM. Apart from sharing my own knowledge, I browsed “all” the known SCOM oriented blogs available collecting information. When I got to Kevin Greene‘s blog he had published a blog post saying that Antoni had rewritten his SCOM 101 PDF in to a new blog series . It is eight years ago since Antoni Hanus and Jesse Harris (Microsoft PFE) wrote an Operations Manager 101 for SCOM 2007. That Antoni have gotten around to rewrite this definitely deserves a blog post just to link to his blog.

Read the entire series here

ps: the original document can be downloaded here. Nostalgia!

Share this:

  • LinkedIn
  • Twitter
  • Email
Azure

Azure monitoring, connecting the dots

  • 04/01/201822/01/2018
  • by Martin Ehrnst

Azure Monitoring

Welcome to the continuing saga on how to monitor your customers Azure tenants being a service provider. Previously we have covered how to authenticate against Microsoft CSP, using Azure Resource Health API with Powershell and more.

This post is all about connecting the dots. We are far away from finished, but things are moving in this project and at the time of writing, we have two separate projects going.
The first one  is focused on creating a single pane of glass for all our customers’ workflows. This involves custom coding and management pack development for SCOM. The second one, which this post will cover, is how we have designed each customer tenant and how we plan to use built-in Azure monitoring functionality.

 

Customer tenant setup

Working for a service provider we need to construct Azure tenants by taking in to account that we are going to manage cloud resources, so using many cloud features makes a lot of sense. The challenge ist that we always have to think about how we can integrate with an existing deployment and work with monitoring solutions on premises.

When we first started out this project we looked in-to what have been done before, and most of the examples we found wouldn’t scale to our requirements or used OMS/Log Analytics only. We wanted to use our SCOM environment for alert handling, dashboard and platform health as SCOM is already integrated with customer portals, CMDBs and more. We will discuss more on that later in this blog post.

Things are moving very fast in Azure, we have changed our inital customer tenant setup twice before we found a structure we believe is future friendly.
When a customer sign up for an Azure Subscription, we populate their tenant with a default monitoring resource group and a OMS/Log Analytics workspace (LA). Along with the default LA workspace we add the Azure Activity Log, Web Apps and Office 365 solutions as standard.
For “bread and butter” type of Azure Resources, such as compute and web apps we setup the same type of monitoring regime we provide for on-premise resources, but we use alerts in Azure Monitor. This approach works well for Azure Resources which do not have existing, custom Log Analytics solutions and searches to provide health state. This means that VMs deployed using our custom ARM template will also include Monitor Alerts such as “CPU Usage % above 95” and “Web app response time above x”. In conjunction with Azure Monitor we use Azure Resource Health wich will provide health state data regardless of resource type, and custom alerts in monitor or Log Analytics.

Below is a (not so detailed) illustration on our default tenant.

 

SCOM and Azure Integration

We use System Center Operations Manager (SCOM) as our main monitoring platform for operating systems and applications. As SCOM is already integrated with our ticketing system, CMDB and other internal tools it seems reasonable to provide insight to application and workloads running in Azure on the same monitoring platform. That way we optimally can provide a single pane of glass in to the on premise, hybrid and cloud only workloads.

 

Azure Management Packs

To get monitoring data in to our on prem SCOM we looked in to two major options.

Option #1:
The official Azure Management pack from Microsoft. he official MP discovery process/adding new tenants cannot be automated. It relies on a GUI where you sign it to the tenant etc. neither does it provide any “umbrella” functionality for companies enrolled in the CSP program.

Option #2:
Daniele Grandini’s Azure/OMS management pack. Daniele’s management packs provide insight to Log Analytics, Azure Backup and Automation, but relies on the official Microsoft MP for initial discovery. Daniele’s management packs focuses on the solutions within the “Monitoring + management” (formerly known as OMS) space in Azure. Since much of the alerting features from OMS/Log Analytics are moving to Azure Monitor, I reached out to Daniele and asked if he had looked in to creating a management pack for that. He had looked a little in to it, but was also concerned about the rapid changes. Unfortunately this MP is bound to the initial discovery from the official Azure MP. A service provider managing several hundred tenants (and growing) cannot have that limitation. I hope to be able to help Daniele with the upcoming Azure Monitor MP.

Here’s where our problems started. I wanted to discover all our manged tenants automatically. Take advantage of being a CSP we set out to create our own management pack(s). I have create one management pack for the CSP platform that integrate with the Partner Center API (see example in this blog post) to do the initial discovery. Tenants and subscriptions are populated as objects in SCOM. Further, using a Partner Center Managed Application we can pre-consent access to all managed tenants. That means we can use this applications credentials to authenticate against each of our managed tenants, by-passing the limitation within the official management pack. All resources are the created as object with a hosting relationship to resourcegroup, subscription and tenant. Basic monitoring is done through Azure Resource Health API.

Below is a diagram showing the structure of our CSP management pack

Credentials used to authenticate against partner center and the Azure tenants is provided through SCOM RunAs accounts.

Our next step in SCOM and Azure integration is to create an Azure Monitor Management pack that reference the CSP management pack. This will provide the more enriched monitoring provided by Azure Monitor. Due to many recent changes to the monitor platform I have decided to wait and see where we end up. At the time of writing Azure Monitor have two new alert features in preview and none of their API’s are officially documented – i will come back with examples when I have something tangible.

Summary

To provide effective monitoring as a service provider for customers which span on-prem and cloud environments, we recommend the following:

  1. For “bread and butter” monitoring use a combination of SCOM and Azure Monitor
  2. If in the CSP program. Create a management pack using CSP rest API’s (hopefully I can share our MP later) combined with a custom Azure Monitor MP
  3. Not a CSP? Look in to a combination of the official MP and Daniele’s management packs.
  4. Deploy Log Analytics as default to all tenants. This will give you an advantage when customers require custom solutions and log sources.

Wrapping up

All service providers do their monitoring differently, but hopefully you have gotten some ideas on how you can do yours. Our solution is far from being finished, but I feel we have a structure that are future proof (the modern type of future). Hopefully we can share the SCOM management packs later, but feel free to contact me on specifics. Just remember I cannot share the MP itself at this point in time.

Until further notice, this will be the closing post on how you can do Azure Monitoring as a service provider.

 

Big thanks to Kevin Green and Cameron Fuller for providing feedback and to reach out to other community friends on my behalf.

Share this:

  • LinkedIn
  • Twitter
  • Email
Uncategorised

Merry Christmas 2017

  • 21/12/201720/12/2017
  • by Martin Ehrnst

Christmas and new year is just around the corner. I am wishing all my readers and followers a merry christmas, and a happy new year.

highlights from 2017:

  • 14000 blog visitors, around 40 a day
  • 22 published blog posts
  • Top Post: Web API for System Center Operations Manager with 1300 views
    • SCOM web api have almost 200 downloads and confirmed 4 installations in production.
  • 2 Conferences attended
    • Presenting at one. Definitely one of the coolest things from 2017

Thanks to all colleagues, community members, friends and others who have helped out during the year.

You should expect the blog to go a bit dead the next weeks, but who knows, maybe I will finish some of the drafts lying around.

Share this:

  • LinkedIn
  • Twitter
  • Email
Azure

Working with Azure Monitor Rest API

  • 14/11/2017
  • by Martin Ehrnst

Before delving in to Azure monitor Rest API and powershell, let’s take a little step back. Azure monitor released in public preview a little over a year ago (September 2016). Introduced as “The built-in solution to make monitoring available for all Azure users”.
At that time I was personally all over the Operations Management Suite or OMS which is now a deprecated brand. All features from OMS is now available under “Monitoring + Management” in the Azure Marketplace.

Therefore, Azure Monitor went a bit under my radar, but when OMS shifted we started to see more and more about Azure Monitor being the one stop shop for Azure monitoring. Especially the alerting feature seems to be richer in Monitor than in Log Analytics and it is my (and others) anticipation that we will see Monitor as the default alert tool, for both metrics and activity logs.

So as part of my never-ending story, Monitoring Azure as a CSP provider. Let’s take a look at Azure Monitor and it’s REST API

We want to retrieve alert rules and incidents (alerts) programmatically, but first we create an alert rule to work with through the GUI. In th Azure portal:

At this time of writing the alert rule is bound to a specific resource. I hope we will see the ability to create rules based on resource type. ie: you want all web apps to have the same standard alert rules for response time.

Locate Azure monitor

Find your resource and metric (or you can jump straight in to alerts)


Verify your alert rule exist

Retrieve Azure Monitor alerts and incidents

From Powershell I am connecting to AAD and generating authentication header, reusing code from earlier blog post about Azure Resource health. For the purpose of this post I will focus on these two Azure Monitor API endpoints: Alert Rules – List By Resource Group and Alert Rule Incidents – List By Alert Rule.

After you have authenticated against Azure AD, and if using my previous sample you should have the following header available.

Using this header we call the alert rules endpoint to get our alert rules. Pay attention to the URL, as it requires you to specify a subscription id and the resource group name.

 

The output from the above should look something like this. I only have one alert configured for the resource group


id : /subscriptions/a2782f8e/resourceGroups/2017/providers/microsoft.insights/alertrules/name
name : name
type : Microsoft.Insights/alertRules
location : westeurope
tags : @{$type=Microsoft.WindowsAzure.Management.Common.Storage.CasePreservedDictionary,}
properties : @{name=No runs; description=; isEnabled=True; condition=; action=; lastUpdatedTime=2017-11-02T12:52:26.9091865Z; provisioningState=Succeeded; actions=System.Object[]}

 

Next we use the ID from our previus result as part of the URL to get our alert incidents

I am jumping straight in to the ‘value’ node at this point. If youre alert rule have triggered an incident it will return a result. We see the time it was activated (and resolved if it’s old), a boolean value of its status, and some information on the resource it self.


id : L3N1YnNjcmlwdGlvbnMvZTUxNGRhY2EtYTA3Ny00NGYwLTljZmEtNjBlMzRjOTk1Zjk3L3Jlc291cmNlR3JvdXBzL1NlbWluYXIyMDE3L3Byb3ZpZGVycy9taWNyb3NvZnQuaW5zaWdodHMvYWxlcnRydWxlcy9ObyUyMHJ1bnMwNjM2NDUyMjM3NjcyODMwODI2
ruleName : /subscriptions/a2782f8e/resourceGroups/2017/providers/microsoft.insights/alertrules/name
isActive : True
activatedTime : 2017-11-02T12:49:27.2830826+00:00
resolvedTime :
targetResourceId :
targetResourceLocation :
legacyResourceId :

 

 

Below I have tied everything together, using my Azure App authentication function we generate the auth header and retrieves alert rules based on user input.

 

 

Wrapping up

We now know the basic consepts on how we authenticate and retrieve alert rules and incidents from Azure Monitor through it’s rest API using Powershell. From here we can easially expand our work to create new alert rules or retrieve metrics from our resources wich lets us build custom solutions on prem or any where else.

If you want to continue exploring Azure Monitoring capabilities i suggest you follow Adin Ermies series describing all the different solutions.

Hopefully I can soon provide some insights on how we are building our CSP monitoring solution in a single blog post, using the different tools mentioned in my latest posts.

Share this:

  • LinkedIn
  • Twitter
  • Email

Posts navigation

1 2 3 4

Top Posts & Pages

  • Azure AD authentication in Azure Functions
  • Using Azure pipelines to deploy ARM templates
  • Creating Azure AD Application using Powershell
  • Web API for System Center Operations Manager
  • SCOM 1801 REST API Interfaces
  • Azure CDN on Wordpress
  • Authenticate against Micrsoft Partner Center API using Powershell
  • HealthServiceStore.edb file growth
  • SCOM Alerts to Microsoft Teams and Mattermost

Tags

#Serverless #Azure # speaking agent api authoring Automation Azure AzureAD AzureCloudShell AzureFunctions AzureMonitor AzureRM Community CSP database EventGrid ExpertsLive ExpertsLiveEU Integrations LogAnalytics management pack monitoring MSBuild2018 MSIgnite MSIgnite2017 MSOMS MSP news nicconf OperationsManager OpsMgr Powershell ProjectHonolulu QUickPublish rest SCDPM SCOM SCOM2016 scu2016 SCVMM Serverless SquaredUP SysCtr system center Webasto WindowsAdminCenter

Follow Martin Ehrnst

  • Twitter
  • LinkedIn

RSS Feed RSS - Posts

RSS Feed RSS - Comments

Microsoft Azure MVP

Martin Ehrnst Microsoft Azure MVP
Adatum.no use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it. Cookie Policy
Theme by Colorlib Powered by WordPress
adatum
Proudly powered by WordPress Theme: Shapely.
loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.