OMS – Disconnect Azure Storage Account from Workspace

Whereisit

In OMS you are able to collect data from storage account? Why is this useful? Well, there times where you want to store data from different Azure sources for a longer time than provided by Azure itself and then dig into the data using OMS. For example you are able to store IIS Logs, Windows Events, Syslog (Linux), Windows Tracing Logs (ETW Logs) or Service Fabric Events. In the past days you could just configure the settings within the OMS portal itself.

StorageAccount

In the current OMS portal you simply see something like this…

image

…the documentation link does not provide much help in terms of connecting or removing these accounts. Therefore go to the new Azure portal, select your workspace and select “Storage account logs” and click Add

Continue reading

SCOM / OMS – MP University 2017 Recording

Sielct

Yes, Silect did it again! Few days ago Silect Software provided MP University 2017, an online event packed with sessions from well known names like Kevin Holman, Brian Wren and Aditya Goda from Microsoft, Marnix Wolf from Didacticum and Mike Sargent from Silect. What I like about this event is, that it is not marketing instead the sessions are packed with very deep content of MP authoring and as it seems to start touching OMS as well Smile. If you missed this event I encourage you to watch the recordings online on Youtube.

MP Authoring Basics and Silect MP Author

 

MP Authoring using Fragments

Continue reading

Azure Zurich User Group – Speaker

I am very happy to have a session at the Azure Zurich user group meetup in Zürich, Switzerland. I will have a session about Microsoft Operations Management Suite (OMS) which will give you an overview how OMS works and what it is capable of in a private, hybrid and public cloud scenario. The session is split into two parts to have enough room for discussions and some drinks. Please join us and share this user group event. You can find all information on their Meetup site here.

image

Hope to see you there!

OMS – OMS, is it SCOM in the cloud?

on-premise-vs.-cloud

I can recall many instances whilst attending conferences and talking with customers or colleagues whereby misunderstandings have caused a significant amount of confusion.

“Operations Management Suite is SCOM in the cloud”

This is a one that has been doing the rounds lately, but it is correct? To answer the question we need to do a bit of digging into the past. André Malraux once said,

“Who wants to read in the future, must scroll in the past.”.

System Center Operations Manager (SCOM) was and is the Microsoft monitoring solution for homo- and heterogeneous IT environments. SCOM was originally developed by NetIQ, then purchased in 2000 by Microsoft. It carries with it a 17-year evolution, which started when the product was called Microsoft Operations Manager (MOM). In 2007 «MOM» was completely rewritten on a flexible and extensible framework SCOM was born. The development has continued ever since and the latest available version is SCOM 2016.
About 6 years ago, Microsoft began to experiment with System Center Advisor, an agent-based assessment and best practice analyzer solution based in the cloud. It provided the ability to analyze different workloads such as Windows operating system, SQL Server, Active Directory and Hyper-V components, detect changes to IT infrastructure, and propose Microsoft best practices from in the form of alarms. Between 2012 and 2013 the range of supported technologies was extended to include Exchange, SharePoint and Lync. Initially a separate solution, it quickly became integrated into SCOM 2012 SP1 by means of a connector. The newly generated information retrieved from Azure became available both on-premise within SCOM and in the cloud through System Center Advisor extension. By SCOM 2012 R2, the connector came pre-bundled as part of the suite. In 2014 System Center Advisor was transformed, gone was the Silverlight-based web application and in came a new HTML 5 based web app with a host of new capabilities. This meant that the Best Practice Analyzer System Center Advisor could be integrated into a new product called Azure Operational Insights, the range of capabilities for which could be greatly expanded by the use of so-called Intelligence Packs (IP). The following packs were released as part of the initial deployment:

  • Configuration Assessment
  • Malware Assessment
  • Capacity Planning
  • Change Tracking
  • Log Management
  • SQL Assessment
  • System Update Assessment

A new key feature acted like a cloud-based «data pot» whereby data was collected using an agent and could be analyzed with a PowerShell-like syntax within Azure Operational Insights Search Data Explorer.  A connection to SCOM was also ensured by a SCOM connector. In addition, the Operational Insights product is now the foundation for today’s current Operations Management Suite (OMS). Operational Insights Search Data Explorer is called Azure Log Analytics and Intelligence Packs are called solution (packs).
Since we now know the background of both products, I would like to juxtapose their facts, in order to be able to answer the question objectively.

Concept
SCOM consists of an extensible hierarchical object model. This means that components that are to be monitored in SCOM can be discovered (Discovery) by means of management packs (XML files) and placed into a hierarchy (service model) using relationships. Sensors (monitors) can move a subordinate object, into a healthy state, or into a faulty (unhealthy) state and visually represent it. The health state can be passed to its parent object (rollup). This model is described as a health model and has many advantages as well as certain disadvantages.

OMS works with so-called flat data, this means the data exists as data records in a large data pot. There are no objects or relationships among the collected data. For example, solution 1 collects disk information from computer X. At the same time solution 2 collects information on the same disk, BUT there is no relationship nor knowledge of the status between the disk data from solution 1 and solution 2. OMS does not (yet) have any service model and therefore also no health model.

Continue reading

Global Azure Bootcamp Switzerland 2017 – Speaker

image

This year is the first time I will be speaking at the Global Azure Bootcamp Switzerland together with my buddy MVP Stefan Johner. Stefan and I will talk about Microsoft Operations Management Suite (MS OMS) and put some light on the different pillars of OMS.

image

So what is this Global Azure Bootcamp thing?

All around the world user groups and communities want to learn about Azure and Cloud Computing! On April 22, 2017, all communities will come together once again in the fifth great Global Azure Bootcamp event! Each user group will organize their own one day deep dive class on Azure the way they see fit and how it works for their members. The result is that thousands of people get to learn about Azure and join together online under the social hashtag #GlobalAzure! Join hundreds of other organizers to help out and be part of the experience!

There is still time to sign up for this awesome bootcamp, use Eventbrite to register for this free event. The Bootcamp is organized by the Azure Zurich User Group and the Azure Cloud User Group Switzerland and will take place at Microsoft Switzerland. Get all details on the Global Azure Bootcamp Switzerland website.

OMS – Log Search Cheat Sheet

Cheat-Sheet

A bit more than 2 years ago I created a cheat sheet for Azure Operational Insights Search Data Explorer, today known as Operations Management Suite (OMS) Log Search. Over the years this technology has evolved and grown to one of THE most exciting products from Microsoft. The log search syntax has also grown and got some new options. Because of that, I updated the legacy cheat sheet to meet the latest syntax and modified the examples. I had to extend the sheet to two pages, so that the content would make sense.

Page 1…image

…Page 2

image

Continue reading

OMS – Error "Run Login-AzureRMAccount to Login" e.g. OMS Cmdlets

error-red-key-595x335

I wanted to play with the OMS cmdlets which are part of the AzureRM modules. The OMS / OperationsInsights module itself is called AzureRM.OperationsalInsights. A good place to start with OMS native PowerShell cmdlets is a blog post on the Building Clouds blog. So what is the exact issue? Well, I tried to query my workspace for installed solutions. First I logged in using the Login-AzureRmAccount  cmdlet which succeeded quite nicely..

image

…after I authenticated I ran a cmdlet to get the solutions from OMS…

image

..no matter which cmdlet I tried, I always received the error above.

After some time, I tried to update the modules, running Update-Module which ended in this error…

image

Next step, I tried to install the entire ARM modules by running Install-Module AzureRM –AllowClobber, which ended in a similar error…

image

Continue reading