Deep Dive Into MS Operations Management Suite Pete Zerger @pzerger pete.zerger@cireson.com Cameron Fuller @CFullerMVP cameron.fuller@catapultsystems.com
Pete Zerger Spring, TX (near Houston) @pzerger Principal Program Mgr 18 years of RBA 6 years of cloud 10-Time Microsoft MVP #MMSMOA
Cameron Fuller Dallas TX, USA @CFullerMVP Principal Consultant Started with MOM 2000 #MMSMOA
Agenda Quick Intro to OMS Onboarding and Dashboarding Log Analytics Fine Tuning Data Collection Security and Audit Assessing Server and App Workloads Hybrid Automation Cross-Platform Management
Microsoft s Strategic Direction? -aas is the last stop in the evolution of modern datacenter Server proliferation Workload virtualization Private and hybrid Azure Enterprise desktop Heterogeneous Open platform Time to value Improved productivity Cloud-inspired Solution oriented
Why OMS? It s simple Operations Management Suite Time to value Easy to integrate Protect and Extend Enhance System Center
A little history The evolution of OMS over time Original release of basic best practices configuration checks for specific MS workloads. Azure Operational Insights Operations Management Suite In 2015, Advisor reimagined with scenario-specific log analytics and search delivered in intelligence packs. Current iteration, adding Automation, Availability and Security themes. Intelligence packs renamed as Solutions
OMS Solutions (Themes) Log analytics Automation Availability Security Gain visibility across your hybrid enterprise cloud Orchestrate complex and repetitive operations Increase data protection and application availability Help secure your workloads, servers, and users The themes of OMS complement other solutions you may already be familiar with
Custom Dashboard Visualize all of your saved searches, providing a single lens to all your environment. Custom or sample searches Customizable visual info Shareable across teams
More than 20 new features coming soon! OMS Solutions Active Directory Assessment Azure Site Recovery Change Tracking Security and Audit Alert Management Backup Configuration Assessment SQL Server Assessment Automation Capacity Planning Malware Assessment System Update Assessment Containers (coming soon) Wire Data
Demo OMS Onboarding OMS Dashboards
Log Analytics Gain Visibility Across Hybrid Enterprise
Collect, Store and Analyze Log Data Efficient tracking of server configuration changes Change tracking across multiple data sources Ad-hoc root cause analysis and automated troubleshooting Powerful search capabilities to drill deeper into areas of interest Custom graphical saved searches for more insight with dashboards Rich dashboard and reporting capabilities powered by search queries
Integrated Search Combine and correlate any machine data from multiple sources Query, and filter the results by using facet controls. Automated data visualization Metrics pivoted around a particular problem areas Common search queries
OMS Solution
OMS Solution
OMS Solution
Advanced Log Analytics & Diagnostics OMS In addition can analyze to Windows collected Event machine Log, Performance Supports Worker Counter Role, and Web Role data directly from Syslog, Azure Azure Storage Diagnostics or Azure supports: VM Log Data Type IIS Logs Azure Diagnostic infrastructure logs IIS Failed Request logs Crash dumps Custom error logs NET EventSource Manifest based ETW Description Information about IIS web sites. Information about Diagnostics itself. Information about failed requests to an IIS site or application. Information about the state of the process in the event of an application crash. Logs created by your application or service. Events generated by your code using the.net EventSource class ETW events generated by any process.
Fine Tuning Data Collection By default, event log and performance data collection applies to all systems Through overrides, SCOM-connected agents Exclude systems from Security and Audit and Wire Data Doesn t apply to stand-alone monitoring agents Not supported, but not harmful (in testing to date) MS will deliver this feature, just a question of when!
DISCUSSION: Frequency of Data Upload In large environments with high numbers of SCOM-connected agents, the frequency of upload
Demo Log Analytics in OMS
Data Protection Backup and Recovery
Backup and Recovery Azure Backup Back up files and folders on Windows and Linux VMs Incremental backups Data encrypted in-transit and at rest Supports Azure v1 (ASM) VMs today Azure Site Recovery Replicate VMs to Azure for DR Supports VMware Orchestrate Recovery in Azure in event of data center outage
Backup and Recovery Dashboard Quick glance view of backup and protection status Registered servers Backup size Jobs status Link into Azure portal for backup and recovery
Demo Azure Backup
Configuration Management Assessing Windows and Application Workloads
OMS Solution
OMS Solution
OMS Solution
Recommendation Weighting
Recommendation Weighting (cont) The higher the impact the higher the weight The higher the probability the higher the weight The higher the effort the lower the weight
Demo Windows and Server Application Workload Assessment
Security Secure Workloads, Servers, Users
Identification of missing system updates across data centers or in a public cloud Comprehensive updates assessment across datacenters and public clouds Comprehensive view into your organization s IT security posture Detection of breaches and threats with malware assessment Collect security related events Perform forensic, audit and breach analysis
Demo Security Log Analysis
Automation Orchestrate Complex and Repetitive Operations
Automation Dashboard Quick glance view of runbook health and status Active runbooks Total jobs Link into Automation portal
New Automation Capabilities Built-in integration with onpremises systems and PowerShell DSC nodes. Run Azure Automation runbooks on-premises Automation accessible via new REST API (including GitHub, VSO and ARM) Graphical workflow-authoring tool Runbook management from the new Microsoft Azure portal
Hybrid Worker in Azure Automation An on-prem server running MS Mgmt Agent Executes runbooks downloaded from AA Reports results back to AA and OMS Can be deployed in groups for high availability Requires no ports (outside-in) On-premises Runbook Environment Microsoft Mgmt Agent Hybrid Runbook Worker Azure Automation Operations Management Suite
Demo Azure Automation
Cross-Platform Management Linux / UNIX Performance and Log Analytics
Cross-Platform Management Leverages the MS Monitoring Agent for Linux Supported Scenarios: Syslog Event Data Docker Container Logs Performance Data Collection Nagios Core Alert Collection Zabbix Alert Collection Supports the following Linux distributions: Amazon, CentOS, Debian, Oracle, Redhat, SUSE, Ubuntu
Cross-Platform Automation in PowerShell Secure Shell (SSH) and Secure Copy (SCP) for PowerShell are available through multiple open source libraries & modules SSH.Net Library http://sshnet.codeplex.com/ Posh-SSH PowerShell SSH Module https://github.com/darkoperator/posh-ssh SSHShell PowerShell SSH Module http://www.carbon60.com/powershell-ssh-module-nonstandard-devices-like-cisco-asa/ Renci SSH.NET Library http://vwiki.co.uk/ssh_client_(powershell)#renci_ssh.net Microsoft-authored version coming soon: https://github.com/powershell/win32-openssh
Demo Cross-Platform Management in OMS
Recap and Next Steps Lots of features, and more coming every few weeks! Free tier gives you 500 MB data per day Onboard stand-alone or integrate with OpsMgr Signup takes 5 minutes! Get started today!
SPONSORS Discuss Ask your questions-real world answers! Plenty of time to engage, share knowledge. Evaluations: Please provide session feedback by clicking the EVAL button in the scheduler app (also download slides). One lucky winner will receive a free ticket to the next MMS! Session Title: