Nutanix Monitoring on SCOM or OMS

Comtrade has been around quite some time now delivering custom management packs, in my experience for everything Citrix, F5 now, and Nutanix for SCOM and OMS.

Their profile is accurate in my opinion “The SCOM Extension Specialists”

Comtrade’s Channel Profile states “we natively integrate with System Center Operations Manager, providing a comprehensive monitoring of network (F5) and hyperconverged infrastructure (Nutanix) with insight into Citrix and Microsoft applications.”

Note: These MP’s are not free. Contact for a trial key and download.

If you use Nutanix hosts, this will provide insights on configuration, logs, resource performance, and overloaded clusters/hosts

SCOM MP dashboards don’t look that much different, but provide easy insight into your virtual environment

How the solution works

OMS specifically

OMS Dashboard

Log Analytics

OMS Hardware Dashboard

Cluster Performance

Host Summary

Additional information

Nutanix Monitoring on OMS by Comtrade https://www.comtradesoftware.com/nutanix-monitoring/comtrade-oms-solution/

Nutanix OMS Solution https://blogs.technet.microsoft.com/msoms/2017/05/16/announcing-the-general-availability-of-oms-solutions-for-nutanix-by-comtrade-software/

Webinar https://www.brighttalk.com/webcast/14061/227057

Datasheet https://www.comtradesoftware.com/wp-content/uploads/2017/03/Comtrade-Software-OMS-Nutanix-Datasheet.pdf

SCOM MP information https://www.comtradesoftware.com/nutanix-monitoring/scom-management-pack/

How to be heard (provide feedback on Microsoft products)

Ever feel like everyone’s not listening?

UserVoice
Do you want to be heard?

Are you willing to share ideas and feedback about OMS and the various products?
Good, Microsoft development has that covered.

I recommend this to ALL of my customers
Please sign-in, vote on ideas and feedback.

Please put your comment, suggestion, feature out to the community!

Example – Custom Security events filtering is your number one priority

Vote for this request https://feedback.azure.com/forums/267889-log-analytics/suggestions/17010730-allow-custom-flexible-security-events-filtering

ADFS auditing https://feedback.azure.com/forums/267889-log-analytics/suggestions/17268227-adfs-auditing

Additional information
UserVoice websites (please verify the links http://www.windowsobserver.com/2014/08/18/microsoft-and-uservoice-feedback-portals/ )

OMS Log Analytics https://feedback.azure.com/forums/267889-log-analytics/

SCOM UserVoice https://systemcenterom.uservoice.com/

Getting Started with OMS – Operations Manager Suite

How do you make sure the business you’re in is productive and making widgets?

What does OMS do?

Acronym: OMS – Operations Manager Suite

IMHO

Answer: Pretty much anything you can imagine to help provide a single pane of glass into what is happening in your IT environment.

Do you use System Center?

You can tailor OMS to any solution in the Solutions gallery, and you can even request solutions and functionality in the UserVoice website.

Ready to dig into OMS, even if you’re not cloud based?

OMS has four basic services

Learn more about the OMS solutions

Verify OMS managed Computers link

Capacity and Performance (HyperV) link

Service Map link

How to be heard link

Additional information

OMS Overview Azure Monitor overview

Channel 9 videos https://channel9.msdn.com/Shows/OMS-TECH-Fridays
OMS Blog https://blogs.technet.microsoft.com/msoms/

Azure Application Insights

Application Insights

Application Insights simply put is Application Performance Management for web developers (or DevOps) on multiple platforms

Are you trying to solve how to monitor application performance?

Do you need to monitor application performance for ASP.NET, Java or Node.js apps?

SCOM can monitor, but not necessarily with the same functionality

Riverbed makes products, but at a higher cost

Dashboard

Much like SCOM APM agent, application Insights Monitors the same information, without having to setup SCOM in Azure

This is also an OMS solution, so if you’re using Azure for Web Applications, this should be on the to-do list

How about application Telemetry data?

Overview https://docs.microsoft.com/en-us/azure/application-insights/app-insights-overview
Documentation https://docs.microsoft.com/en-us/azure/application-insights/

Verify OMS Managed Computers

Ever wondered what objects are setup for OMS?

Maybe you’ve seen lots of errors on servers you don’t expect ?

It’s possible someone chose a group or nearly all managed computers in your SCOM environment.

How do we verify, or change what computers send data to OMS from SCOM?

1) Look for a group
In SCOM console, monitoring tab

Look for the ‘advisor’ group
Maybe someone put a group in there

2) Verify OMS members

In the SCOM console, Administration tab
Click on Managed Computers
See middle pane for what is currently set up

Update OMS Managed computers

In the SCOM console, Administration tab
Click on Managed Computers
See middle pane for what is currently set up

Click the ‘Add a computer/group’ link on the tasks pane (right side)

Add computers or groups

Add keyword, click search, highlight and click Add

Click OK when done updating members

Optionally, highlight the member, click delete

Verify the Advisor MP’s on computer

Go to server (added or removed)

If added, look for 1201 events in the Operations Manager Log

If removed, look for 1204 events in the Operations Manager Log

Enjoy!!

SYSTEM CENTER 2016/2019 Operations Manager – Anti-Virus Exclusions

Updated 30 June, 7 July 2020 and includes docs.microsoft.com article updates

NOTE: Process name exclusion wildcards could potentially prevent some dangerous programs from being detected.

Hopefully this table is helpful (my thanks to Matt Goedtel for the docs site updates, and Matt’s efforts to keep docs the ‘go-to’ site)

Previously the blog left the SCOM Admin and Security teams with questions where blogs did NOT match vendor site documentation. The blog merged the PFE UK team blog & Kevin Holman blog into an easier tabular view per component)

Original Blog introduction

As we are all aware, antivirus exclusions can affect monitoring data generated, and affect system performance.

Best practice is to implement specific exclusions.

Exclusions\Role	MS	DB	GW	RS	Web	Agent
Folder
Management Server installation folder Default: “C:\Program Files\Microsoft System Center 2016\Operations Manager\Server\”	*
Agent installation folder Default: “C:\Program Files\Microsoft Monitoring Agent”				*		*
Gateway installation folder Default: “C:\Program Files\Microsoft System Center 2016\Operations Manager\Gateway\”			*
Reporting installation folder Default: “C:\Program Files\Microsoft System Center 2016\Operations Manager\Reporting”				*
WebConsole installation folder Default: “C:\Program Files\Microsoft System Center 2016\Operations Manager\WebConsole”					*
SQL Data installation folder Default: “C:\Program Files\Microsoft SQL Server\MSSQL.1x<INSTANCENAME>\MSSQL\Data”		*
SQL Log installation folder Default: “C:\Program Files\Microsoft SQL Server\MSSQL.1x<INSTANCENAME>\MSSQL\Log”		*
SQL Reporting installation folder Default: “C:\Program Files\Microsoft SQL Server\MSRS.1x<INSTANCENAME>				*
File Types
EDB	*	*	*	*		*
CHK	*	*	*	*		*
LOG	*	*	*	*		*
LDF		*		*
MDF		*		*
NDF		*		*
Processes
CShost.exe	*
HealthService.exe	*	*	*	*	*	*
Microsoft.Mom.Sdk.ServiceHost.exe	*
MonitoringHost.exe	*	*	*	*	*	*
SQL Server Default: “C:\Program Files\Microsoft SQL Server\MSSQL1x.<Instance Name>\MSSQL\Binn\SQLServr.exe”		*
SQL Reporting Services Default: “C:\Program Files\Microsoft SQL Server\MSRS1x.<Instance Name>\Reporting Services\ReportServer\Bin\ReportingServicesService.exe”		*		*

Useful information for decoding the matrix

Docs site https://docs.microsoft.com/en-us/system-center/scom/plan-security-antivirus?view=sc-om-2019

Platform https://support.microsoft.com/en-us/help/822158/virus-scanning-recommendations-for-enterprise-computers-that-are-running-currently-supported-versions-of-windows

SCOM 2012/2012R2 KB975931 https://support.microsoft.com/en-us/help/975931/recommendations-for-antivirus-exclusions-that-relate-to-operations-manager

PFE UK team blog https://blogs.technet.microsoft.com/manageabilityguys/2013/11/26/system-center-2012-r2-operations-manager-anti-virus-exclusions/

SQL

https://support.microsoft.com/en-us/help/309422/choosing-antivirus-software-for-computers-that-run-sql-server

https://blogs.technet.microsoft.com/raymond_ris/2014/01/16/windows-antivirus-exclusion-recommendations-servers-clients-and-role-specific/

Version mapping by folder (my thanks to StackOverFlow https://stackoverflow.com/questions/18753886/sql-server-file-names-vs-versions )
100 = SQL Server 2008    = 10.00.xxxx
105 = SQL Server 2008 R2 = 10.50.xxxx
110 = SQL Server 2012    = 11.00.xxxx
120 = SQL Server 2014    = 12.00.xxxx
130 = SQL Server 2016    = 13.00.xxxx

Setting up OMS Capacity and Performance

Update 18 Dec 2023 – Solution retired in 2021 with OMS sunset.

https://github.com/uglide/azure-content/blob/master/articles/log-analytics/log-analytics-add-solutions.md Repository archived by the owner on Feb 1, 2021. It is now read-only.

Do you know what your HyperV hosts are doing?

Not a HyperV fan, there’s a VMWare solution also here

Documentation https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-capacity

https://github.com/uglide/azure-content/blob/master/articles/log-analytics/log-analytics-capacity.md

Capacity dashboard

Capacity and performance preview summary

Details

Setting up OMS Capacity and Performance

Already have the dashboard setup? Perhaps this will help troubleshoot

Do you have network connectivity, or is a proxy required?

Troubleshooting dashboard

Firewall https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-proxy-firewall
Windows Agents https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-windows-agents

Verify Operations Manager event log on local agent, then filter for error events and/or EventID 4506. Look for dates/times to see when events started.

Example Event ID 4506 details the Capacity and Performance Solution, citing ‘Microsoft.IntelligencePacks.CapacityPerformance.Collector’.

Operations Manager Event Log, Event ID 4506 examples

Additional options

Search LAW (Log Analytics workspace) logs

https://github.com/uglide/azure-content/blob/master/articles/log-analytics/log-analytics-log-searches.md

2. Verify no proxy is set up (unless your network requires this)

3. 4506’s result from too many workflows sending data from MS to DB’s (OpsMgr and DW). Additionally, 4506 events can be communication issues from MS to DB server(s). Lastly, use TLS1.2 configuration as a best practice to enforce encryption from MS to SQL communication. Beyond encryption, TLS may be a culprit if AlwaysOn or SQL clusters are involved, particularly as the SCOM console connections fail as SDK cannot talk with SQL side. See Kevin Holman’s blog for additional TLS1.2 information and setup.

TLS blog https://kevinholman.com/2018/05/06/implementing-tls-1-2-enforcement-with-scom/

Documentation

Learn article https://learn.microsoft.com/en-us/answers/questions/212007/scom-errors-no-data-in-summary-performance-dashboa
TechNet blog https://social.technet.microsoft.com/Forums/ie/en-US/10b38121-b0e1-43ec-bf3a-d22ae9ef0220/event-4506-data-was-dropped-due-to-too-much-outstanding-data-in-rule
MS RMSe https://www.system-center.me/opsmgr/event-4506-and-new-root-management-server-rms-management-server-ms/

Setting up OMS Service Map solution

hmmmm

Ever wonder what happened to BlueStripe?

Anyone else have experience using it with SCOM?

If you weren’t aware, Microsoft bought Blue Stripe back in 2015 link

Looks like BlueStripe FactFinder is now Service Map in Azure

Documentation here

Service Map is very easy to add and get value from right away with OMS

Download agent

You have two choices:

Choose from Docs.Microsoft.com documentation above, or from your OMS environment
From your OMS workspace, add the Service Map solution

Click on Home icon in top left hand corner

omshome

Click on Service Map pane

Click on Download Agent link as appropriate for Windows or Linux

Save file and install on your server(s)

oms-initialscreen

Windows Server Installation

Execute the MSI file downloaded from OMS (NOTE may prompt with UAC prompt)

Click ‘I Agree’

servicemapinstall

Watch the Install

servicemapinstalling

Click Finish

servicemapinstallcomplete

Now go back to OMS and look for updates (mine was that fast!)

servicemapsolution

Click on the Service Map pane to see more detail

servicemapdetail

To add additional machines is basically the same, just choose add machines

oms-addmachines

In case you caught that I have two (2) of the same named machines, it’s because I have that server set up for OMS separately. Yes, it’s my lab, so I’m not following the best practice.

servicemapsolutionwclients

Enjoy!

1) Look for a group In SCOM console, monitoring tab

2) Verify OMS members

Verify the Advisor MP’s on computer

Updated 30 June, 7 July 2020 and includes docs.microsoft.com article updates

Original Blog introduction

Update 18 Dec 2023 – Solution retired in 2021 with OMS sunset.

Setting up OMS Capacity and Performance

Troubleshooting dashboard

Additional options

Documentation

Download agent

Windows Server Installation

1) Look for a group
In SCOM console, monitoring tab