Monitoring DMZ and Workgroup Systems with OMS, Part I

2017-02-13 22:33:11
Posted by aeadmin on Feb 13, 2017 2:33:11 PM

Monitoring DMZ or isolated workgroup systems is one of the challenges we all face with System Center Operations Manager (SCOM). Until now, the only way to collect data and monitor these types of systems via SCOM was by installing a gateway to the management server. Anyone who has installed a gateway knows the pain I speak of.

Enter Operations Management Suite (OMS). OMS offers four categories of services: Insight and Analytics, Automation and Control, Protection and Recovery, and Security and Compliance. It is Microsoft's cloud-based solution for managing and protecting cloud AND on-premises infrastructure. SCOM and OMS work together to provide a full hybrid management experience, and provide a great way to introduce your company to the Microsoft Azure cloud.

OMS monitors DMZ

I have been using OMS to monitor my DMZ and workgroup systems either in addition to SCOM or in place of it. In this article, I will provide instructions on how to set up basic server monitoring for log analytics to get you started. This can be an existing server with the SCOM agent or a new server without the SCOM agent installed.
OMS Workspace

The first step is to create an OMS workspace, which is similar to an account. There are two options:

  1. Microsoft Operations Management Suite website
  2. Microsoft Azure subscription

You can create a free OMS workspace using the OMS website or use a Microsoft Azure subscription to create free Log Analytics workspace. Please note: Free workspaces can only send 500MB of data daily to the OMS service. All workspaces require an Azure subscription. For more information, see https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-get-started.

Configure Solutions

This example uses the Log Search solution.

  1. In the OMS portal, on the Overview page, choose the Settings tile. Choose Solutions -> View your installed solutions. Make sure Log Search is shown.

Log Search

If not, choose Visit the Gallery to add it.

Gallery

2. Choose Data to configure at least one data source to populate data to your workspace. When done, click Save.

adaptivedge-scom-oms-4

Download the Client

After OMS has been set up, download the client. For this example, Windows Server has been chosen.

  1. Download the agent setup file from OMS. In the OMS portal, on the Overview page, choose the Settings tile. Select the Connected Sources tab at the top.
  2. Select Windows Servers and then select Download Windows Agent and select the setup file applicable to your computer processor type.
  3. On the right of Workspace ID, click the copy icon and paste the ID into a text editor.
  4. On the right of Primary Key, click the copy icon and paste the key into a text editor.

Text Editor

Installing the OMS Agent

*Pre-requisite - For the Microsoft Monitoring Agent to connect to and register with the OMS service, it must have access to the port number of your domains and the URLs. The following tables list the ports that OMS needs.

Agent Resource Ports Bypass HTTPS inspection
*.ods.opinsights.azure.com 443 Yes
*.oms.opinsights.azure.com 443 Yes
*.blob.core.windows.net 443 Yes
*.azure-automation.net 443 Yes
ods.systemcenteradvisor.com 443  

Step 1: On the Windows server to manage, run Setup and enter the keys/ID when prompted.

Step 2: When complete, the Microsoft Monitoring Agent appears in Control Panel. When connected to OMS, the agent displays the message: The Microsoft Monitoring Agent has successfully connected to the Microsoft Operations Management Suite service.

monitoring agent properties

Now you are monitoring the server in OMS and can start configuring the data collection details. Below is a table for Log Analytics and a link for log searching. Part II will cover System Center integration for a true hybrid environment. Happy monitoring!

Insight & Analytics / Log Analytics

https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-log-searches

Management solution Platform Microsoft monitoring agent Operations Manager agent Azure storage Operations Manager required? Operations Manager agent data sent via management group Collection frequency
Activity Log Analytics Azure No No No No No on notification
AD Assessment Windows Yes Yes No No Yes 7 days
AD Replication Status Windows Yes Yes No No Yes 5 days
Agent Health Windows and Linux Yes Yes No No Yes 1 minute
Alert Management (Nagios) Linux Yes Np No No No on arrival
Alert Management (Zabbix) Linux Yes No No No No 1 minute
Alert Management (Operations Manager) Windows No Yes No Yes Yes 3 minutes
Application Insights Connector (Preview) Azure No No No No No on notification
Azure Networking Analytics (Preview) Azure No No Yes No No 10 minutes
Capacity Management Windows No Yes No Yes Yes hourly
Containers Linux Yes No No No No 3 minutes
Key Vault Analytics (Preview) Windows No No Yes No No 10 minutes
Network Performance Monitor Windows Yes Yes No No No TCP handshakes every 5 seconds, data sent every 3 minutes
Office 365 Analytics (Preview) Windows No No No No No on notification
Service Fabric Analytics Windows No No Yes No No 5 minutes
Service Map Windows and Linux Yes Yes No No Yes 15 seconds
SQL Assessment Windows Yes Yes No No Yes 7 days
SurfaceHub Windows Yes No No No No on arrival
System Center Operations Manager Assessment (Preview) Windows Yes Yes No No Yes seven days
Upgrade Analytics (Preview) Windows Yes No No No No 2 days
VMware Monitoring (Preview) Linux Yes No No No No 3 minutes
Wire Data Windows (2012 R2 / 8.1 or later) Yes Yes No No No 1 minute

Written and composed by our Senior Microsoft System Center Architect, Jessica Ervin-Hang

Tags: adaptivedge, IaaS, SQL, Technology, workgroup, DMZ, IoT, microsoft gold partner, OMS, system center

    Are You Secure? Score a FREE O365 Security Assessment.

    We're here to help!

    We'd love to find out more about the projects and initiatives you're working on to exchange ideas and provide some high-level guidance where we can.  We love learning from others as well as sharing some of our experience and lessons learned.  Let's talk!

    Subscribe to Email Updates

    Recent Posts

    Posts by Tag

    see all